From: Lorenz Bauer <lmb@cloudflare.com>
To: ast@kernel.org, yhs@fb.com, daniel@iogearbox.net,
jakub@cloudflare.com, john.fastabend@gmail.com
Cc: bpf@vger.kernel.org, kernel-team@cloudflare.com,
Lorenz Bauer <lmb@cloudflare.com>
Subject: [PATCH bpf-next 0/3] Sockmap iterator
Date: Fri, 28 Aug 2020 10:48:31 +0100 [thread overview]
Message-ID: <20200828094834.23290-1-lmb@cloudflare.com> (raw)
Add a new bpf_iter for sockmap and sockhash. As previously discussed, we
want to use this to copy a sockhash in kernel space while modifying the
format of the keys.
The implementation leans heavily on the existing bpf_sk_storage and
hashtable iterators. However, there is a key difference for the sockmap
iterator: we don't take any bucket locks during iteration. It seems to
me that there is a risk of deadlock here if the iterator attempts to
insert an item into the bucket that we are currently iterating. I think
that the semantics are reasonable even without the lock.
In the iteration context I expose a PTR_TO_SOCKET_OR_NULL, aka struct
bpf_sock*. This is in contrast to bpf_sk_storage which uses a
PTR_TO_BTF_ID_OR_NULL, aka struct sock*. My personal preference would
be to use PTR_TO_BTF_ID_OR_NULL for sockmap as well, however the
verifier currently doesn't understand that PTR_TO_BTF_ID for struct
sock can be coerced to PTR_TO_SOCKET_OR_NULL. So we can't call
map_update_elem, etc. and the whole exercise is for naught. I'm
considering teaching this trick to the verifier, does anyone have
concerns or ideas how to achieve this?
Thanks to Yonghong for guidance on how to go about this, and for
adding bpf_iter in the first place!
Lorenz Bauer (3):
net: Allow iterating sockmap and sockhash
selftests: bpf: Add helper to compare socket cookies
selftests: bpf: Test copying a sockmap via bpf_iter
net/core/sock_map.c | 283 ++++++++++++++++++
.../selftests/bpf/prog_tests/sockmap_basic.c | 129 +++++++-
tools/testing/selftests/bpf/progs/bpf_iter.h | 9 +
.../selftests/bpf/progs/bpf_iter_sockmap.c | 50 ++++
4 files changed, 457 insertions(+), 14 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_sockmap.c
--
2.25.1
next reply other threads:[~2020-08-28 9:49 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-28 9:48 Lorenz Bauer [this message]
2020-08-28 9:48 ` [PATCH bpf-next 1/3] net: Allow iterating sockmap and sockhash Lorenz Bauer
2020-08-31 10:03 ` Jakub Sitnicki
2020-09-01 8:59 ` Lorenz Bauer
2020-08-28 9:48 ` [PATCH bpf-next 2/3] selftests: bpf: Add helper to compare socket cookies Lorenz Bauer
2020-08-28 10:50 ` Jakub Sitnicki
2020-08-28 15:48 ` Lorenz Bauer
2020-08-28 11:28 ` Jakub Sitnicki
2020-08-28 9:48 ` [PATCH bpf-next 3/3] selftests: bpf: Test copying a sockmap via bpf_iter Lorenz Bauer
2020-08-31 10:58 ` Jakub Sitnicki
2020-09-01 9:20 ` Lorenz Bauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200828094834.23290-1-lmb@cloudflare.com \
--to=lmb@cloudflare.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jakub@cloudflare.com \
--cc=john.fastabend@gmail.com \
--cc=kernel-team@cloudflare.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox