From: Martin KaFai Lau <martin.lau@linux.dev>
To: John Fastabend <john.fastabend@gmail.com>
Cc: bpf@vger.kernel.org, Alexei Starovoitov <ast@kernel.org>,
Andrii Nakryiko <andrii@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Jakub Sitnicki <jakub@cloudflare.com>,
kernel-team@fb.com, Martin KaFai Lau <martin.lau@kernel.org>,
Andrii Nakryiko <andrii.nakryiko@gmail.com>,
Yonghong Song <yonghong.song@linux.dev>
Subject: Re: run bpf prog w/o sockmap [was: bpf: Add bpf_link support for sk_msg and sk_skb progs]
Date: Fri, 5 Apr 2024 18:10:29 -0700 [thread overview]
Message-ID: <f2336e29-6d2f-44ba-8bb5-556ee654bf4d@linux.dev> (raw)
In-Reply-To: <660f80dd964ec_50b87208d1@john.notmuch>
On 4/4/24 9:41 PM, John Fastabend wrote:
>>>> How do you see the interface will look like (e.g. attaching the bpf prog to a sk) ?
>>> I would propse doing it directly with a helper/kfunc from the sockops
>>> programs.
>>>
>>> attach_sk_msg_prog(sk, sk_msg_prog)
>>> attach_sk_skb_prog(sk, sk_skb_prog)
or the whole 'struct sk_psock_progs'
attach_sk_parser(struct sock *sk, struct sk_psock_progs *progs).
>>>
>>>> It will be nice if the whole function (e.g. sk->sk_data_ready or may be some of
>>>> the sk->sk_prot) can be implemented completely in bpf. I don't have a concrete
>>>> use case for now but I think it will be powerful.
>>> Perhaps a data_ready prog could also replace the ops?
>>>
>>> attach_sk_data_ready(sk, sk_msg_data_ready)
Other than sk_data_ready, I am also wondering how much of the 'struct proto' can
be written in bpf. For example, the {tcp,udp}_bpf_prots.
May be with some help of new kfunc and some of the functions can just use the
kernel default one.
>>> The attach_sk_data_ready could use pretty much the logic we have for
>>> creating psocks but only replace the sk_data_ready callback.
>>
>> sounds a good idea. Do we need to support detach function or atomic
>> update function as well? Can each sk has multiple sk_msg_prog programs?
>
> I've not found any use for multiple programs, detach functions, or updating
> the psock once its created to be honest. Also why syzbot finds all the bugs
> in this space because we unfortunately don't stress this area much. In the
> original design I had fresh in my head building hardware load balancers and the
> XDP redirect bits so a map seemed natural. Also we didn't have a lot of the
> machinery we have now so went with the map. As I noted above the L7 LB
> hasn't really got much traction on my side at least not yet.
>
> In reality we've been using sk_msg and sk_skb progs attaching 1:1
> with protocols and observing, auditing, adding/removing fields from
> data streams.
>
> I would probably suggest for first implementation of a sk msg attach without
> maps I would just make it one prog no need for multiple programs and even
> skip a detach function. Maybe there is some use for multiple programs but
I would at least keep the detach (and update) program possibility open. Is it
still too hard to support them without a map get into the way?
next prev parent reply other threads:[~2024-04-06 1:10 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-26 2:21 [PATCH bpf-next v3 0/5] bpf: Add bpf_link support for sk_msg and sk_skb progs Yonghong Song
2024-03-26 2:21 ` [PATCH bpf-next v3 1/5] " Yonghong Song
2024-04-02 17:39 ` Eduard Zingerman
2024-04-03 0:06 ` Yonghong Song
2024-04-02 17:45 ` Andrii Nakryiko
2024-04-03 1:08 ` Yonghong Song
2024-04-03 16:43 ` Andrii Nakryiko
2024-04-03 17:47 ` John Fastabend
2024-04-03 22:09 ` run bpf prog w/o sockmap [was: bpf: Add bpf_link support for sk_msg and sk_skb progs] Martin KaFai Lau
2024-04-04 1:11 ` John Fastabend
2024-04-04 3:31 ` Yonghong Song
2024-04-05 4:41 ` John Fastabend
2024-04-06 1:10 ` Martin KaFai Lau [this message]
2024-04-04 3:18 ` [PATCH bpf-next v3 1/5] bpf: Add bpf_link support for sk_msg and sk_skb progs Yonghong Song
2024-04-05 4:42 ` John Fastabend
2024-03-26 2:22 ` [PATCH bpf-next v3 2/5] libbpf: Add bpf_link support for BPF_PROG_TYPE_SOCKMAP Yonghong Song
2024-04-02 13:18 ` Eduard Zingerman
2024-04-02 17:46 ` Andrii Nakryiko
2024-04-03 0:07 ` Yonghong Song
2024-03-26 2:22 ` [PATCH bpf-next v3 3/5] bpftool: Add link dump support for BPF_LINK_TYPE_SOCKMAP Yonghong Song
2024-03-27 11:58 ` Quentin Monnet
2024-03-26 2:22 ` [PATCH bpf-next v3 4/5] selftests/bpf: Refactor out helper functions for a few tests Yonghong Song
2024-04-02 13:18 ` Eduard Zingerman
2024-03-26 2:22 ` [PATCH bpf-next v3 5/5] selftests/bpf: Add some tests with new bpf_program__attach_sockmap() APIs Yonghong Song
2024-04-02 13:17 ` Eduard Zingerman
2024-04-02 18:56 ` Yonghong Song
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f2336e29-6d2f-44ba-8bb5-556ee654bf4d@linux.dev \
--to=martin.lau@linux.dev \
--cc=andrii.nakryiko@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jakub@cloudflare.com \
--cc=john.fastabend@gmail.com \
--cc=kernel-team@fb.com \
--cc=martin.lau@kernel.org \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.