| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250919213153.103606-1-daniel@iogearbox.net>
Date: Fri, 19 Sep 2025 23:31:33 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: netdev@...r.kernel.org
Cc: bpf@...r.kernel.org,
kuba@...nel.org,
davem@...emloft.net,
razor@...ckwall.org,
pabeni@...hat.com,
willemb@...gle.com,
sdf@...ichev.me,
john.fastabend@...il.com,
martin.lau@...nel.org,
jordan@...fe.io,
maciej.fijalkowski@...el.com,
magnus.karlsson@...el.com
Subject: [PATCH net-next 00/20] netkit: Support for io_uring zero-copy and AF_XDP
Containers use virtual netdevs to route traffic from a physical netdev
in the host namespace. They do not have access to the physical netdev
in the host and thus can't use memory providers or AF_XDP that require
reconfiguring/restarting queues in the physical netdev.
This patchset adds the concept of queue peering to virtual netdevs that
allow containers to use memory providers and AF_XDP at _native speed_!
These mapped queues are bound to a real queue in a physical netdev and
act as a proxy.
Memory providers and AF_XDP operations takes an ifindex and queue id,
so containers would pass in an ifindex for a virtual netdev and a queue
id of a mapped queue, which then gets proxied to the underlying real
queue. Peered queues are created and bound to a real queue atomically
through a generic ynl netdev operation.
We have implemented support for this concept in netkit and tested the
latter against Nvidia ConnectX-6 (mlx5) as well as Broadcom BCM957504
(bnxt_en) 100G NICs. For more details see the individual patches.
Daniel Borkmann (10):
net: Add ndo_{peer,unpeer}_queues callback
net, ethtool: Disallow mapped real rxqs to be resized
xsk: Move NETDEV_XDP_ACT_ZC into generic header
xsk: Move pool registration into single function
xsk: Add small helper xp_pool_bindable
xsk: Change xsk_rcv_check to check netdev/queue_id from pool
xsk: Proxy pool management for mapped queues
netkit: Add single device mode for netkit
netkit: Document fast vs slowpath members via macros
netkit: Add xsk support for af_xdp applications
David Wei (10):
net, ynl: Add bind-queue operation
net: Add peer to netdev_rx_queue
net: Add ndo_queue_create callback
net, ynl: Implement netdev_nl_bind_queue_doit
net, ynl: Add peer info to queue-get response
net: Proxy net_mp_{open,close}_rxq for mapped queues
netkit: Implement rtnl_link_ops->alloc
netkit: Implement ndo_queue_create
netkit: Add io_uring zero-copy support for TCP
tools, ynl: Add queue binding ynl sample application
Documentation/netlink/specs/netdev.yaml | 54 ++++
drivers/net/netkit.c | 362 ++++++++++++++++++++----
include/linux/netdevice.h | 15 +-
include/net/netdev_queues.h | 1 +
include/net/netdev_rx_queue.h | 55 ++++
include/net/xdp_sock_drv.h | 8 +-
include/uapi/linux/if_link.h | 6 +
include/uapi/linux/netdev.h | 20 ++
net/core/netdev-genl-gen.c | 14 +
net/core/netdev-genl-gen.h | 1 +
net/core/netdev-genl.c | 144 +++++++++-
net/core/netdev_rx_queue.c | 15 +-
net/ethtool/channels.c | 10 +-
net/xdp/xsk.c | 27 +-
net/xdp/xsk.h | 5 +-
net/xdp/xsk_buff_pool.c | 29 +-
tools/include/uapi/linux/netdev.h | 20 ++
tools/net/ynl/samples/bind.c | 56 ++++
18 files changed, 750 insertions(+), 92 deletions(-)
create mode 100644 tools/net/ynl/samples/bind.c
--
2.43.0
Powered by blists - more mailing lists