From: Daniel Borkmann <daniel@iogearbox.net>
To: Philo Lu <lulie@linux.alibaba.com>, bpf@vger.kernel.org
Cc: xuanzhuo@linux.alibaba.com, dust.li@linux.alibaba.com,
alibuda@linux.alibaba.com, guwen@linux.alibaba.com,
hengqi@linux.alibaba.com, edumazet@google.com,
davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com,
ast@kernel.org, andrii@kernel.org, martin.lau@linux.dev,
song@kernel.org, yonghong.song@linux.dev,
john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com,
haoluo@google.com, jolsa@kernel.org, dsahern@kernel.org,
netdev@vger.kernel.org
Subject: Re: [PATCH bpf-next] bpf: add sock_ops callbacks for data send/recv/acked events
Date: Fri, 24 Nov 2023 10:47:40 +0100 [thread overview]
Message-ID: <72166ea4-cae7-97e2-88fd-e9bde56523fb@iogearbox.net> (raw)
In-Reply-To: <438f45f9-4e18-4d7d-bfa5-4a239c4a2304@linux.alibaba.com>
On 11/23/23 1:37 PM, Philo Lu wrote:
> Sorry, I forgot to cc the maintainers.
>
> On 2023/11/23 11:07, Philo Lu wrote:
>> Add 3 sock_ops operators, namely BPF_SOCK_OPS_DATA_SEND_CB,
>> BPF_SOCK_OPS_DATA_RECV_CB, and BPF_SOCK_OPS_DATA_ACKED_CB. A flag
>> BPF_SOCK_OPS_DATA_EVENT_CB_FLAG is provided to minimize the performance
>> impact. The flag must be explicitly set to enable these callbacks.
>>
>> If the flag is enabled, bpf sock_ops program will be called every time a
>> tcp data packet is sent, received, and acked.
>> BPF_SOCK_OPS_DATA_SEND_CB: call bpf after a data packet is sent.
>> BPF_SOCK_OPS_DATA_RECV_CB: call bpf after a data packet is receviced.
>> BPF_SOCK_OPS_DATA_ACKED_CB: call bpf after a valid ack packet is
>> processed (some sent data are ackknowledged).
>>
>> We use these callbacks for fine-grained tcp monitoring, which collects
>> and analyses every tcp request/response event information. The whole
>> system has been described in SIGMOD'18 (see
>> https://dl.acm.org/doi/pdf/10.1145/3183713.3190659 for details). To
>> achieve this with bpf, we require hooks for data events that call
>> sock_ops bpf (1) when any data packet is sent/received/acked, and (2)
>> after critical tcp state variables have been updated (e.g., snd_una,
>> snd_nxt, rcv_nxt). However, existing sock_ops operators cannot meet our
>> requirements.
>>
>> Besides, these hooks also help to debug tcp when data send/recv/acked.
>>
>> Signed-off-by: Philo Lu <lulie@linux.alibaba.com>
>> ---
>> include/net/tcp.h | 9 +++++++++
>> include/uapi/linux/bpf.h | 14 +++++++++++++-
>> net/ipv4/tcp_input.c | 4 ++++
>> net/ipv4/tcp_output.c | 2 ++
>> 4 files changed, 28 insertions(+), 1 deletion(-)
Please also add selftests for the new hooks, and speaking of the latter
looks like this fails current BPF selftests :
https://github.com/kernel-patches/bpf/actions/runs/6974541866/job/18980491457
Notice: Success: 502/3526, Skipped: 56, Failed: 1
Error: #348 tcpbpf_user
Error: #348 tcpbpf_user
test_tcpbpf_user:PASS:open and load skel 0 nsec
test_tcpbpf_user:PASS:test__join_cgroup(/tcpbpf-user-test) 0 nsec
test_tcpbpf_user:PASS:attach_cgroup(bpf_testcb) 0 nsec
run_test:PASS:start_server 0 nsec
run_test:PASS:connect_to_fd(listen_fd) 0 nsec
run_test:PASS:accept(listen_fd) 0 nsec
run_test:PASS:send(cli_fd) 0 nsec
run_test:PASS:recv(accept_fd) 0 nsec
run_test:PASS:send(accept_fd) 0 nsec
run_test:PASS:recv(cli_fd) 0 nsec
run_test:PASS:recv(cli_fd) for fin 0 nsec
run_test:PASS:recv(accept_fd) for fin 0 nsec
verify_result:PASS:event_map 0 nsec
verify_result:PASS:bytes_received 0 nsec
verify_result:PASS:bytes_acked 0 nsec
verify_result:PASS:data_segs_in 0 nsec
verify_result:PASS:data_segs_out 0 nsec
verify_result:FAIL:bad_cb_test_rv unexpected bad_cb_test_rv: actual 0 != expected 128
verify_result:PASS:good_cb_test_rv 0 nsec
verify_result:PASS:num_listen 0 nsec
verify_result:PASS:num_close_events 0 nsec
verify_result:PASS:tcp_save_syn 0 nsec
verify_result:PASS:tcp_saved_syn 0 nsec
verify_result:PASS:window_clamp_client 0 nsec
verify_result:PASS:window_clamp_server 0 nsec
Test Results:
bpftool: PASS
test_progs: FAIL (returned 1)
shutdown: CLEAN
Error: Process completed with exit code 1.
next prev parent reply other threads:[~2023-11-24 9:48 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-23 3:07 [PATCH bpf-next] bpf: add sock_ops callbacks for data send/recv/acked events Philo Lu
2023-11-23 12:37 ` Philo Lu
2023-11-24 9:47 ` Daniel Borkmann [this message]
2023-11-29 10:05 ` Philo Lu
2023-11-29 0:33 ` Martin KaFai Lau
2023-11-29 10:05 ` Philo Lu
2023-11-30 18:13 ` Martin KaFai Lau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=72166ea4-cae7-97e2-88fd-e9bde56523fb@iogearbox.net \
--to=daniel@iogearbox.net \
--cc=alibuda@linux.alibaba.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=dust.li@linux.alibaba.com \
--cc=edumazet@google.com \
--cc=guwen@linux.alibaba.com \
--cc=haoluo@google.com \
--cc=hengqi@linux.alibaba.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=kuba@kernel.org \
--cc=lulie@linux.alibaba.com \
--cc=martin.lau@linux.dev \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sdf@google.com \
--cc=song@kernel.org \
--cc=xuanzhuo@linux.alibaba.com \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox