From: "Toke Høiland-Jørgensen" <toke@redhat.com>
To: Daniel Borkmann <daniel@iogearbox.net>,
David Ahern <dsahern@gmail.com>, David Ahern <dsahern@kernel.org>,
netdev@vger.kernel.org
Cc: davem@davemloft.net, kuba@kernel.org,
prashantbhole.linux@gmail.com, brouer@redhat.com,
john.fastabend@gmail.com, ast@kernel.org, kafai@fb.com,
songliubraving@fb.com, yhs@fb.com, andriin@fb.com,
David Ahern <dahern@digitalocean.com>
Subject: Re: [PATCH v5 bpf-next 00/11] net: Add support for XDP in egress path
Date: Tue, 19 May 2020 16:52:42 +0200 [thread overview]
Message-ID: <87lflom0xx.fsf@toke.dk> (raw)
In-Reply-To: <d705cf50-b5b3-8778-16fe-3a29b9eb1e85@iogearbox.net>
Daniel Borkmann <daniel@iogearbox.net> writes:
> On 5/19/20 2:02 AM, David Ahern wrote:
>> On 5/18/20 3:06 PM, Daniel Borkmann wrote:
>>> So given we neither call this hook on the skb path, nor XDP_TX nor
>>> AF_XDP's TX
>>> path, I was wondering also wrt the discussion with John if it makes
>>> sense to
>>> make this hook a property of the devmap _itself_, for example, to have a
>>> default
>>> BPF prog upon devmap creation or a dev-specific override that is passed
>>> on map
>>> update along with the dev. At least this would make it very clear where
>>> this is
>>> logically tied to and triggered from, and if needed (?) would provide
>>> potentially
>>> more flexibility on specifiying BPF progs to be called while also
>>> solving your
>>> use-case.
>>
>> You lost me on the 'property of the devmap.' The programs need to be per
>> netdevice, and devmap is an array of devices. Can you elaborate?
>
> I meant that the dev{map,hash} would get extended in a way where the
> __dev_map_update_elem() receives an (ifindex, BPF prog fd) tuple from
> user space and holds the program's ref as long as it is in the map slot.
> Then, upon redirect to the given device in the devmap, we'd execute the
> prog as well in order to also allow for XDP_DROP policy in there. Upon
> map update when we drop the dev from the map slot, we also release the
> reference to the associated BPF prog. What I mean to say wrt 'property
> of the devmap' is that this program is _only_ used in combination with
> redirection to devmap, so given we are not solving all the other egress
> cases for reasons mentioned, it would make sense to tie it logically to
> the devmap which would also make it clear from a user perspective _when_
> the prog is expected to run.
I would be totally on board with this. Also makes sense for the
multicast map type, if you want to fix up the packet after the redirect,
just stick the fixer-upper program into the map along with the ifindex.
-Toke
next prev parent reply other threads:[~2020-05-19 14:53 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-13 1:45 [PATCH v5 bpf-next 00/11] net: Add support for XDP in egress path David Ahern
2020-05-13 1:45 ` [PATCH v5 bpf-next 01/11] net: Refactor convert_to_xdp_frame David Ahern
2020-05-13 1:45 ` [PATCH v5 bpf-next 02/11] net: uapi for XDP programs in the egress path David Ahern
2020-05-13 1:45 ` [PATCH v5 bpf-next 03/11] net: Add XDP setup and query commands for Tx programs David Ahern
2020-05-13 1:46 ` [PATCH v5 bpf-next 04/11] net: Add BPF_XDP_EGRESS as a bpf_attach_type David Ahern
2020-05-13 1:46 ` [PATCH v5 bpf-next 05/11] xdp: Add xdp_txq_info to xdp_buff David Ahern
2020-05-13 1:46 ` [PATCH v5 bpf-next 06/11] net: set XDP egress program on netdevice David Ahern
2020-05-13 1:46 ` [PATCH v5 bpf-next 07/11] net: Support xdp in the Tx path for xdp_frames David Ahern
2020-05-13 1:46 ` [PATCH v5 bpf-next 08/11] libbpf: Add egress XDP support David Ahern
2020-05-13 1:46 ` [PATCH v5 bpf-next 09/11] bpftool: Add support for XDP egress David Ahern
2020-05-13 1:46 ` [PATCH v5 bpf-next 10/11] selftest: Add xdp_egress attach tests David Ahern
2020-05-13 1:46 ` [PATCH v5 bpf-next 11/11] samples/bpf: add XDP egress support to xdp1 David Ahern
2020-05-13 10:43 ` [PATCH v5 bpf-next 00/11] net: Add support for XDP in egress path Toke Høiland-Jørgensen
2020-05-13 19:37 ` David Ahern
2020-05-15 22:54 ` John Fastabend
2020-05-15 23:15 ` David Ahern
2020-05-18 18:10 ` John Fastabend
2020-05-18 23:52 ` David Ahern
2020-05-19 6:04 ` John Fastabend
2020-05-18 3:40 ` David Ahern
2020-05-18 9:08 ` Toke Høiland-Jørgensen
2020-05-18 14:44 ` David Ahern
2020-05-18 18:00 ` Toke Høiland-Jørgensen
2020-05-18 21:06 ` Daniel Borkmann
2020-05-19 0:02 ` David Ahern
2020-05-19 13:31 ` Daniel Borkmann
2020-05-19 14:21 ` Jesper Dangaard Brouer
2020-05-19 16:58 ` Lorenzo Bianconi
2020-05-19 14:52 ` Toke Høiland-Jørgensen [this message]
2020-05-19 16:37 ` David Ahern
2020-05-18 23:37 ` David Ahern
2020-05-18 21:23 ` Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87lflom0xx.fsf@toke.dk \
--to=toke@redhat.com \
--cc=andriin@fb.com \
--cc=ast@kernel.org \
--cc=brouer@redhat.com \
--cc=dahern@digitalocean.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=dsahern@gmail.com \
--cc=dsahern@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=prashantbhole.linux@gmail.com \
--cc=songliubraving@fb.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.