From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=auZG=QG=vger.kernel.org=netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-10.6 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_PASS,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 31433C282D7
	for <netdev@archiver.kernel.org>; Wed, 30 Jan 2019 19:48:24 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 02F7321473
	for <netdev@archiver.kernel.org>; Wed, 30 Jan 2019 19:48:24 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="VVJPG58l"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729304AbfA3TsW (ORCPT <rfc822;netdev@archiver.kernel.org>);
        Wed, 30 Jan 2019 14:48:22 -0500
Received: from mail-yb1-f201.google.com ([209.85.219.201]:51477 "EHLO
        mail-yb1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727890AbfA3TsW (ORCPT
        <rfc822;netdev@vger.kernel.org>); Wed, 30 Jan 2019 14:48:22 -0500
Received: by mail-yb1-f201.google.com with SMTP id e10so352740ybr.18
        for <netdev@vger.kernel.org>; Wed, 30 Jan 2019 11:48:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=date:message-id:mime-version:subject:from:to:cc;
        bh=R7lL7mNKv1aglr+OHBQ44WMmoKPgd1h9e88PDrtotZ0=;
        b=VVJPG58lZcHHDdusFTVSGqCQ3pR+18bxmR7W045DFSNJv3lGJqpChwCvRaVzl+XZ8I
         L112dr3s+SA1PT5ir1CqS+h3hnZZ0uhoKVbxn9ZDMsdSSVeI+gJZI3xRKYe0SWaDs9kq
         L9VKmd2k0l0z+hNyBX0fOjJjSiTElxOGcae8ABEiBRg6LgSqiO57p7TFpHqF8uaGiO8Q
         GKfG92Nu+tAfqbnVv8E+tCfcYBolUgPRoe4b7Utj/R6nJNIWw7O9rsq//FK5v1P76n2r
         jDo7zh7LUhDEHqTLMDsiANLVXlcKw2uCBz/P0hHtbl1xcFX7axMqg4e91CjJTwPdQvl8
         OPqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc;
        bh=R7lL7mNKv1aglr+OHBQ44WMmoKPgd1h9e88PDrtotZ0=;
        b=LeVPMraSD8yWvF70WNA0tJedczrOSsP1OQNJP4mKYZqm+y0AianI+0tiDiJhTFvss0
         4khWYojNo73YPhzLWD932HPE5O13B5FzVAVEEf3Lyt63HzuZBQd66+LVzJTFvashSK+s
         8U6pBeZXMxwHKXFZst/Ok8xLylllYvlFSnIsG76ME81p7h1+lMaKywHmlkCD8DHs/0tE
         ECCVIXvgx4Hge29GB4Gx7w4STqJAX45TBCPX4xj5aSKUMFgadJBRkIPik9aBXDeqq2WB
         fFmDovB5zykml7wwuVGXNT47QfTI8o37welqx70ejWtIX0BH2yvsEXBWRlIFbpqP5jza
         Oykw==
X-Gm-Message-State: AHQUAuZqhw9E6popSPt7OF/LaEt9ltqOLzjzbsqJ7/jCbbkhq7iRFsYz
        2tbR28Zgi5A3C43aGKsPzOO44ctV
X-Google-Smtp-Source: AHgI3IarCv4iTqtqms3wDAioOepY1hEaK1kaCpI3p1/dkF3aVi2XY9OgVFRVLdwe539zj9US9FLZQFW9
X-Received: by 2002:a25:bac8:: with SMTP id a8mr3856524ybk.52.1548877701610;
 Wed, 30 Jan 2019 11:48:21 -0800 (PST)
Date:   Wed, 30 Jan 2019 11:48:06 -0800
Message-Id: <20190130194811.239760-1-posk@google.com>
Mime-Version: 1.0
X-Mailer: git-send-email 2.20.1.495.gaa96b0ce6b-goog
Subject: [PATCH bpf-next v4 0/5] bpf: add BPF_LWT_ENCAP_IP option to bpf_lwt_push_encap
From:   Peter Oskolkov <posk@google.com>
To:     Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>, netdev@vger.kernel.org
Cc:     Peter Oskolkov <posk.devel@gmail.com>,
        David Ahern <dsahern@gmail.com>,
        Peter Oskolkov <posk@google.com>
Content-Type: text/plain; charset="UTF-8"
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

This patchset implements BPF_LWT_ENCAP_IP mode in bpf_lwt_push_encap
BPF helper. It enables BPF programs (specifically, BPF_PROG_TYPE_LWT_IN
and BPF_PROG_TYPE_LWT_XMIT prog types) to add IP encapsulation headers
to packets (e.g. IP/GRE, GUE, IPIP).

This is useful when thousands of different short-lived flows should be
encapped, each with different and dynamically determined destination.
Although lwtunnels can be used in some of these scenarios, the ability
to dynamically generate encap headers adds more flexibility, e.g.
when routing depends on the state of the host (reflected in global bpf
maps).

V2 changes: Added flowi-based route lookup, IPv6 encapping, and
encapping on ingress.

V3 changes: incorporated David Ahern's suggestions:
  - added l3mdev check/oif (patch 2)
  - sync bpf.h from include/uapi into tools/include/uapi
  - selftest tweaks

V4 changes: moved route lookup/dst change from bpf_push_ip_encap
  to when BPF_LWT_REROUTE is handled, as suggested by David Ahern.


Peter Oskolkov (5):
  bpf: add plumbing for BPF_LWT_ENCAP_IP in bpf_lwt_push_encap
  bpf: implement BPF_LWT_ENCAP_IP mode in bpf_lwt_push_encap
  bpf: add handling of BPF_LWT_REROUTE to lwt_bpf.c
  bpf: sync <kdir>/<uapi>/bpf.h with tools/<uapi>/bpf.h
  selftests: bpf: add test_lwt_ip_encap selftest

 include/net/lwtunnel.h                        |   3 +
 include/uapi/linux/bpf.h                      |  23 +-
 net/core/filter.c                             |  47 ++-
 net/core/lwt_bpf.c                            | 175 ++++++++++
 tools/include/uapi/linux/bpf.h                |  23 +-
 tools/testing/selftests/bpf/Makefile          |   5 +-
 .../testing/selftests/bpf/test_lwt_ip_encap.c |  84 +++++
 .../selftests/bpf/test_lwt_ip_encap.sh        | 311 ++++++++++++++++++
 8 files changed, 660 insertions(+), 11 deletions(-)
 create mode 100644 tools/testing/selftests/bpf/test_lwt_ip_encap.c
 create mode 100755 tools/testing/selftests/bpf/test_lwt_ip_encap.sh

-- 
2.20.1.495.gaa96b0ce6b-goog