public inbox for linux-block@vger.kernel.org
 help / color / mirror / Atom feed
From: Leah Rumancik <leah.rumancik@gmail.com>
To: bpf@vger.kernel.org, linux-block@vger.kernel.org
Cc: leah.rumancik@gmail.com, orbekk@google.com, harshads@google.com,
	jasiu@google.com, saranyamohan@google.com, tytso@google.com,
	bvanassche@google.com
Subject: [RFC PATCH 3/4] bpf: add eBPF IO filter documentation
Date: Wed, 12 Aug 2020 16:33:04 +0000	[thread overview]
Message-ID: <20200812163305.545447-4-leah.rumancik@gmail.com> (raw)
In-Reply-To: <20200812163305.545447-1-leah.rumancik@gmail.com>

Add page in Documentation/block describing overview of IO filter

Signed-off-by: Kjetil Ørbekk <orbekk@google.com>
Signed-off-by: Harshad Shirwadkar <harshads@google.com>
Signed-off-by: Leah Rumancik <leah.rumancik@gmail.com>
---
 Documentation/block/bpf_io_filter.rst | 28 +++++++++++++++++++++++++++
 Documentation/block/index.rst         |  1 +
 2 files changed, 29 insertions(+)
 create mode 100644 Documentation/block/bpf_io_filter.rst

diff --git a/Documentation/block/bpf_io_filter.rst b/Documentation/block/bpf_io_filter.rst
new file mode 100644
index 000000000000..956997576ae5
--- /dev/null
+++ b/Documentation/block/bpf_io_filter.rst
@@ -0,0 +1,28 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+======================
+IO Filtering with eBPF
+======================
+
+Bio requests can be filtered with the eBPF IO filter program type (BPF_PROG_TYPE_IO_FILTER). To use this program type, the kernel must be compiled with CONFIG_BPF_IO_FILTER.
+
+Attachment
+==========
+
+IO filter programs can be attached to disks using the  BPF_BIO_SUBMIT attach type. Up to 64 filter programs can be attached to a single disk. References to the attached programs are stored in the gendisk struct as a bpf_prog_array.
+
+API
+===
+
+Data is passed between the userspace and kernel eBPF code via a new struct bpf_io_request. This struct contains three fields: sector_start (starting sector of the bio request), sector_cnt (size of the request in sectors), and opf (operation information, opf field from the bio).
+
+Hook
+====
+
+The eBPF programs for a given disk are run whenever a bio request is submitted to that disk. The eBPF programs return IO_BLOCK or IO_ALLOW. If any of the programs return IO_BLOCK, the bio request is blocked. Because of the placement of the hook in submit_bio, as of this version, mechanisms which bypass submit_bio, such as SG_IO and NVMe passthrough, are not able to be filtered.
+
+Example
+=======
+
+An example, protect_gpt, is provided in the /samples/bpf/ folder. This sample uses an IO filter program to protect the GUID partition table by preventing writes to the first 34 sectors.
+
diff --git a/Documentation/block/index.rst b/Documentation/block/index.rst
index 026addfc69bc..145930622a92 100644
--- a/Documentation/block/index.rst
+++ b/Documentation/block/index.rst
@@ -24,3 +24,4 @@ Block
    stat
    switching-sched
    writeback_cache_control
+   bpf-io-filter
-- 
2.28.0.236.gb10cc79966-goog


  parent reply	other threads:[~2020-08-12 16:33 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-12 16:33 [RFC PATCH 0/4] block/bpf: add eBPF based block layer IO filtering Leah Rumancik
2020-08-12 16:33 ` [RFC PATCH 1/4] bpf: add new prog_type BPF_PROG_TYPE_IO_FILTER Leah Rumancik
2020-08-13 23:00   ` Martin KaFai Lau
2020-09-04 15:43     ` Leah Rumancik
2020-08-17 14:18   ` Bob Liu
2020-08-17 16:32     ` Alexei Starovoitov
2020-09-04 16:46       ` Leah Rumancik
2020-09-04 18:50         ` Alexei Starovoitov
2020-09-17 18:33           ` Leah Rumancik
2020-09-01 16:53     ` Leah Rumancik
2020-09-02  7:36       ` Bob Liu
2020-08-18 12:53   ` Jakub Sitnicki
2020-09-04 17:29     ` Leah Rumancik
2020-08-12 16:33 ` [RFC PATCH 2/4] bpf: add protect_gpt sample program Leah Rumancik
2020-08-13 22:58   ` Martin KaFai Lau
2020-09-01 16:33     ` Leah Rumancik
2020-08-12 16:33 ` Leah Rumancik [this message]
2020-08-12 17:04   ` [RFC PATCH 3/4] bpf: add eBPF IO filter documentation Bart Van Assche
2020-08-12 17:50   ` Jonathan Corbet
2020-09-01 15:35     ` Leah Rumancik
2020-08-12 16:33 ` [RFC PATCH 4/4] bpf: add BPF_PROG_TYPE_LSM to bpftool name array Leah Rumancik
2020-08-12 17:00   ` Bart Van Assche
2020-08-12 18:17   ` Tobias Klauser
2020-09-01 15:18     ` Leah Rumancik
2020-08-17  6:37 ` [RFC PATCH 0/4] block/bpf: add eBPF based block layer IO filtering Christoph Hellwig
2020-08-18  2:44 ` Ming Lei

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200812163305.545447-4-leah.rumancik@gmail.com \
    --to=leah.rumancik@gmail.com \
    --cc=bpf@vger.kernel.org \
    --cc=bvanassche@google.com \
    --cc=harshads@google.com \
    --cc=jasiu@google.com \
    --cc=linux-block@vger.kernel.org \
    --cc=orbekk@google.com \
    --cc=saranyamohan@google.com \
    --cc=tytso@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox