| Message ID | 20190725153342.3571-2-sdf@google.com |
|---|---|
| State | Changes Requested |
| Delegated to: | BPF Maintainers |
| Headers | show |
| Series | bpf/flow_dissector: support input flags | expand |
On Thu, Jul 25, 2019 at 08:33:36AM -0700, Stanislav Fomichev wrote: > C flow dissector supports input flags that tell it to customize parsing > by either stopping early or trying to parse as deep as possible. Pass > those flags to the BPF flow dissector so it can make the same > decisions. In the next commits I'll add support for those flags to > our reference bpf_flow.c > > Acked-by: Willem de Bruijn <willemb@google.com> > Acked-by: Song Liu <songliubraving@fb.com> > Cc: Song Liu <songliubraving@fb.com> > Cc: Willem de Bruijn <willemb@google.com> > Cc: Petar Penkov <ppenkov@google.com> > Signed-off-by: Stanislav Fomichev <sdf@google.com> > --- > include/linux/skbuff.h | 2 +- > include/net/flow_dissector.h | 4 ---- > include/uapi/linux/bpf.h | 5 +++++ > net/bpf/test_run.c | 2 +- > net/core/flow_dissector.c | 5 +++-- > 5 files changed, 10 insertions(+), 8 deletions(-) > > diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > index 718742b1c505..9b7a8038beec 100644 > --- a/include/linux/skbuff.h > +++ b/include/linux/skbuff.h > @@ -1271,7 +1271,7 @@ static inline int skb_flow_dissector_bpf_prog_detach(const union bpf_attr *attr) > > struct bpf_flow_dissector; > bool bpf_flow_dissect(struct bpf_prog *prog, struct bpf_flow_dissector *ctx, > - __be16 proto, int nhoff, int hlen); > + __be16 proto, int nhoff, int hlen, unsigned int flags); > > bool __skb_flow_dissect(const struct net *net, > const struct sk_buff *skb, > diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h > index 90bd210be060..3e2642587b76 100644 > --- a/include/net/flow_dissector.h > +++ b/include/net/flow_dissector.h > @@ -253,10 +253,6 @@ enum flow_dissector_key_id { > FLOW_DISSECTOR_KEY_MAX, > }; > > -#define FLOW_DISSECTOR_F_PARSE_1ST_FRAG BIT(0) > -#define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL BIT(1) > -#define FLOW_DISSECTOR_F_STOP_AT_ENCAP BIT(2) > - > struct flow_dissector_key { > enum flow_dissector_key_id key_id; > size_t offset; /* offset of struct flow_dissector_key_* > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h > index fa1c753dcdbc..b4ad19bd6aa8 100644 > --- a/include/uapi/linux/bpf.h > +++ b/include/uapi/linux/bpf.h > @@ -3507,6 +3507,10 @@ enum bpf_task_fd_type { > BPF_FD_TYPE_URETPROBE, /* filename + offset */ > }; > > +#define FLOW_DISSECTOR_F_PARSE_1ST_FRAG (1U << 0) > +#define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL (1U << 1) > +#define FLOW_DISSECTOR_F_STOP_AT_ENCAP (1U << 2) > + I'm a bit concerned with direct move. Last time we were in similar situation we've created: enum { BPF_TCP_ESTABLISHED = 1, BPF_TCP_SYN_SENT, and added: BUILD_BUG_ON((int)BPF_TCP_ESTABLISHED != (int)TCP_ESTABLISHED); BUILD_BUG_ON((int)BPF_TCP_SYN_SENT != (int)TCP_SYN_SENT); It may be overkill here, but feels safer than direct move. Adding BPF_ prefix also feels necessary to avoid very unlikely (but still theoretically possible) conflicts.
On 07/25, Alexei Starovoitov wrote: > On Thu, Jul 25, 2019 at 08:33:36AM -0700, Stanislav Fomichev wrote: > > C flow dissector supports input flags that tell it to customize parsing > > by either stopping early or trying to parse as deep as possible. Pass > > those flags to the BPF flow dissector so it can make the same > > decisions. In the next commits I'll add support for those flags to > > our reference bpf_flow.c > > > > Acked-by: Willem de Bruijn <willemb@google.com> > > Acked-by: Song Liu <songliubraving@fb.com> > > Cc: Song Liu <songliubraving@fb.com> > > Cc: Willem de Bruijn <willemb@google.com> > > Cc: Petar Penkov <ppenkov@google.com> > > Signed-off-by: Stanislav Fomichev <sdf@google.com> > > --- > > include/linux/skbuff.h | 2 +- > > include/net/flow_dissector.h | 4 ---- > > include/uapi/linux/bpf.h | 5 +++++ > > net/bpf/test_run.c | 2 +- > > net/core/flow_dissector.c | 5 +++-- > > 5 files changed, 10 insertions(+), 8 deletions(-) > > > > diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h > > index 718742b1c505..9b7a8038beec 100644 > > --- a/include/linux/skbuff.h > > +++ b/include/linux/skbuff.h > > @@ -1271,7 +1271,7 @@ static inline int skb_flow_dissector_bpf_prog_detach(const union bpf_attr *attr) > > > > struct bpf_flow_dissector; > > bool bpf_flow_dissect(struct bpf_prog *prog, struct bpf_flow_dissector *ctx, > > - __be16 proto, int nhoff, int hlen); > > + __be16 proto, int nhoff, int hlen, unsigned int flags); > > > > bool __skb_flow_dissect(const struct net *net, > > const struct sk_buff *skb, > > diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h > > index 90bd210be060..3e2642587b76 100644 > > --- a/include/net/flow_dissector.h > > +++ b/include/net/flow_dissector.h > > @@ -253,10 +253,6 @@ enum flow_dissector_key_id { > > FLOW_DISSECTOR_KEY_MAX, > > }; > > > > -#define FLOW_DISSECTOR_F_PARSE_1ST_FRAG BIT(0) > > -#define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL BIT(1) > > -#define FLOW_DISSECTOR_F_STOP_AT_ENCAP BIT(2) > > - > > struct flow_dissector_key { > > enum flow_dissector_key_id key_id; > > size_t offset; /* offset of struct flow_dissector_key_* > > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h > > index fa1c753dcdbc..b4ad19bd6aa8 100644 > > --- a/include/uapi/linux/bpf.h > > +++ b/include/uapi/linux/bpf.h > > @@ -3507,6 +3507,10 @@ enum bpf_task_fd_type { > > BPF_FD_TYPE_URETPROBE, /* filename + offset */ > > }; > > > > +#define FLOW_DISSECTOR_F_PARSE_1ST_FRAG (1U << 0) > > +#define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL (1U << 1) > > +#define FLOW_DISSECTOR_F_STOP_AT_ENCAP (1U << 2) > > + > > I'm a bit concerned with direct move. > Last time we were in similar situation we've created: > enum { > BPF_TCP_ESTABLISHED = 1, > BPF_TCP_SYN_SENT, > > and added: > BUILD_BUG_ON((int)BPF_TCP_ESTABLISHED != (int)TCP_ESTABLISHED); > BUILD_BUG_ON((int)BPF_TCP_SYN_SENT != (int)TCP_SYN_SENT); > > It may be overkill here, but feels safer than direct move. > Adding BPF_ prefix also feels necessary to avoid very unlikely > (but still theoretically possible) conflicts. Sounds good, thanks for the pointers, will do the same here!
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 718742b1c505..9b7a8038beec 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -1271,7 +1271,7 @@ static inline int skb_flow_dissector_bpf_prog_detach(const union bpf_attr *attr) struct bpf_flow_dissector; bool bpf_flow_dissect(struct bpf_prog *prog, struct bpf_flow_dissector *ctx, - __be16 proto, int nhoff, int hlen); + __be16 proto, int nhoff, int hlen, unsigned int flags); bool __skb_flow_dissect(const struct net *net, const struct sk_buff *skb, diff --git a/include/net/flow_dissector.h b/include/net/flow_dissector.h index 90bd210be060..3e2642587b76 100644 --- a/include/net/flow_dissector.h +++ b/include/net/flow_dissector.h @@ -253,10 +253,6 @@ enum flow_dissector_key_id { FLOW_DISSECTOR_KEY_MAX, }; -#define FLOW_DISSECTOR_F_PARSE_1ST_FRAG BIT(0) -#define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL BIT(1) -#define FLOW_DISSECTOR_F_STOP_AT_ENCAP BIT(2) - struct flow_dissector_key { enum flow_dissector_key_id key_id; size_t offset; /* offset of struct flow_dissector_key_* diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index fa1c753dcdbc..b4ad19bd6aa8 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -3507,6 +3507,10 @@ enum bpf_task_fd_type { BPF_FD_TYPE_URETPROBE, /* filename + offset */ }; +#define FLOW_DISSECTOR_F_PARSE_1ST_FRAG (1U << 0) +#define FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL (1U << 1) +#define FLOW_DISSECTOR_F_STOP_AT_ENCAP (1U << 2) + struct bpf_flow_keys { __u16 nhoff; __u16 thoff; @@ -3528,6 +3532,7 @@ struct bpf_flow_keys { __u32 ipv6_dst[4]; /* in6_addr; network order */ }; }; + __u32 flags; }; struct bpf_func_info { diff --git a/net/bpf/test_run.c b/net/bpf/test_run.c index 80e6f3a6864d..4e41d15a1098 100644 --- a/net/bpf/test_run.c +++ b/net/bpf/test_run.c @@ -419,7 +419,7 @@ int bpf_prog_test_run_flow_dissector(struct bpf_prog *prog, time_start = ktime_get_ns(); for (i = 0; i < repeat; i++) { retval = bpf_flow_dissect(prog, &ctx, eth->h_proto, ETH_HLEN, - size); + size, 0); if (signal_pending(current)) { preempt_enable(); diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c index 3e6fedb57bc1..a74c4ed1b30d 100644 --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -784,7 +784,7 @@ static void __skb_flow_bpf_to_target(const struct bpf_flow_keys *flow_keys, } bool bpf_flow_dissect(struct bpf_prog *prog, struct bpf_flow_dissector *ctx, - __be16 proto, int nhoff, int hlen) + __be16 proto, int nhoff, int hlen, unsigned int flags) { struct bpf_flow_keys *flow_keys = ctx->flow_keys; u32 result; @@ -794,6 +794,7 @@ bool bpf_flow_dissect(struct bpf_prog *prog, struct bpf_flow_dissector *ctx, flow_keys->n_proto = proto; flow_keys->nhoff = nhoff; flow_keys->thoff = flow_keys->nhoff; + flow_keys->flags = flags; preempt_disable(); result = BPF_PROG_RUN(prog, ctx); @@ -914,7 +915,7 @@ bool __skb_flow_dissect(const struct net *net, } ret = bpf_flow_dissect(attached, &ctx, n_proto, nhoff, - hlen); + hlen, flags); __skb_flow_bpf_to_target(&flow_keys, flow_dissector, target_container); rcu_read_unlock();