| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250107041715.98342-1-alibuda@linux.alibaba.com>
Date: Tue, 7 Jan 2025 12:17:10 +0800
From: "D. Wythe" <alibuda@...ux.alibaba.com>
To: kgraul@...ux.ibm.com,
wenjia@...ux.ibm.com,
jaka@...ux.ibm.com,
ast@...nel.org,
daniel@...earbox.net,
andrii@...nel.org,
martin.lau@...ux.dev,
pabeni@...hat.com,
song@...nel.org,
sdf@...gle.com,
haoluo@...gle.com,
yhs@...com,
edumazet@...gle.com,
john.fastabend@...il.com,
kpsingh@...nel.org,
jolsa@...nel.org,
guwen@...ux.alibaba.com
Cc: kuba@...nel.org,
davem@...emloft.net,
netdev@...r.kernel.org,
linux-s390@...r.kernel.org,
linux-rdma@...r.kernel.org,
bpf@...r.kernel.org
Subject: [PATCH bpf-next v5 0/5] net/smc: Introduce smc_ops
This patch aims to introduce BPF injection capabilities for SMC and
includes a self-test to ensure code stability.
Since the SMC protocol isn't ideal for every situation, especially
short-lived ones, most applications can't guarantee the absence of
such scenarios. Consequently, applications may need specific strategies
to decide whether to use SMC. For example, an application might limit SMC
usage to certain IP addresses or ports.
To maintain the principle of transparent replacement, we want applications
to remain unaffected even if they need specific SMC strategies. In other
words, they should not require recompilation of their code.
Additionally, we need to ensure the scalability of strategy implementation.
While using socket options or sysctl might be straightforward, it could
complicate future expansions.
Fortunately, BPF addresses these concerns effectively. Users can write
their own strategies in eBPF to determine whether to use SMC, and they can
easily modify those strategies in the future.
v2:
1. Rename smc_bpf_ops to smc_ops.
2. Change the scope of smc_ops from global to per netns.
3. Directly pass parameters to ops instead of smc_ops_ctx.
4. Remove struct smc_ops_ctx.
5. Remove exports that are no longer needed.
v3:
1. Remove find_ksym_btf_id_by_prefix_kind.
2. Enhance selftest, introduce a complete ops for filtering smc
connections based on ip pairs and a realistic topology test
to verify it.
v4:
1. Remove unless func: smc_bpf_ops_check_member()
2. Remove unless inline func: smc_ops_find_by_name()
3. Change CONFIG_SMC=y to complete CI testing
4. Change smc_sock to smc_sock___local in test to avoid
compiling failed with CONFIG_SMC=y
5. Improve test cases, remove unnecessary timeouts and multi-thread
test, using network_helpers to start testing between server and
client.
6. Fix issues when the return value of the ops function is neither 0
nor 1.
v5:
1. Fix incorrect CI config from CONFIG_SMC=Y to CONFIG_SMC=y.
D. Wythe (5):
bpf: export necessary sympols for modules with struct_ops
net/smc: Introduce generic hook smc_ops
net/smc: bpf: register smc_ops info struct_ops
libbpf: fix error when st-prefix_ops and ops from differ btf
bpf/selftests: add selftest for bpf_smc_ops
include/net/netns/smc.h | 3 +
include/net/smc.h | 51 +++
kernel/bpf/bpf_struct_ops.c | 2 +
kernel/bpf/syscall.c | 1 +
net/ipv4/tcp_output.c | 15 +-
net/smc/Kconfig | 12 +
net/smc/Makefile | 1 +
net/smc/af_smc.c | 10 +
net/smc/smc_ops.c | 130 ++++++
net/smc/smc_ops.h | 30 ++
net/smc/smc_sysctl.c | 95 +++++
tools/lib/bpf/libbpf.c | 25 +-
tools/testing/selftests/bpf/config | 4 +
.../selftests/bpf/prog_tests/test_bpf_smc.c | 390 ++++++++++++++++++
tools/testing/selftests/bpf/progs/bpf_smc.c | 116 ++++++
15 files changed, 873 insertions(+), 12 deletions(-)
create mode 100644 net/smc/smc_ops.c
create mode 100644 net/smc/smc_ops.h
create mode 100644 tools/testing/selftests/bpf/prog_tests/test_bpf_smc.c
create mode 100644 tools/testing/selftests/bpf/progs/bpf_smc.c
--
2.45.0
Powered by blists - more mailing lists