From: Thomas Graf <tgraf@suug.ch>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, alexei.starovoitov@gmail.com,
daniel@iogearbox.net, tom@herbertland.com,
roopa@cumulusnetworks.com, hannes@stressinduktion.org
Subject: [PATCH v3 net-next 0/4] bpf: BPF for lightweight tunnel encapsulation
Date: Tue, 29 Nov 2016 14:21:19 +0100 [thread overview]
Message-ID: <cover.1480424542.git.tgraf@suug.ch> (raw)
This series implements BPF program invocation from dst entries via the
lightweight tunnels infrastructure. The BPF program can be attached to
lwtunnel_input(), lwtunnel_output() or lwtunnel_xmit() and see an L3
skb as context. Programs attached to input and output are read-only.
Programs attached to lwtunnel_xmit() can modify and redirect, push headers
and redirect packets.
The facility can be used to:
- Collect statistics and generate sampling data for a subset of traffic
based on the dst utilized by the packet thus allowing to extend the
existing realms.
- Apply additional per route/dst filters to prohibit certain outgoing
or incoming packets based on BPF filters. In particular, this allows
to maintain per dst custom state across multiple packets in BPF maps
and apply filters based on statistics and behaviour observed over time.
- Attachment of L2 headers at transmit where resolving the L2 address
is not required.
- Possibly many more.
v2 -> v3:
- Added real world sample lwt_len_hist_kern.c which demonstrates how to
collect a histogram on packet sizes for all packets flowing through
a number of routes.
- Restricted output to be read-only. Since the header can no longer
be modified, the rerouting functionality has been removed again.
- Added test case which cover destructive modification of packet data.
v1 -> v2:
- Added new BPF_LWT_REROUTE return code for program to indicate
that new route lookup should be performed. Suggested by Tom.
- New sample to illustrate rerouting
- New patch 05: Recursion limit for lwtunnel_output for the case
when user creates circular dst redirection. Also resolves the
issue for ILA.
- Fix to ensure headroom for potential future L2 header is still
guaranteed
Thomas Graf (4):
route: Set orig_output when redirecting to lwt on locally generated
traffic
route: Set lwtstate for local traffic and cached input dsts
bpf: BPF for lightweight tunnel infrastructure
bpf: Add tests and samples for LWT-BPF
include/linux/filter.h | 2 +-
include/uapi/linux/bpf.h | 32 +++-
include/uapi/linux/lwtunnel.h | 23 +++
kernel/bpf/verifier.c | 14 +-
net/Kconfig | 8 +
net/core/Makefile | 1 +
net/core/filter.c | 148 ++++++++++++++-
net/core/lwt_bpf.c | 397 ++++++++++++++++++++++++++++++++++++++++
net/core/lwtunnel.c | 2 +
net/ipv4/route.c | 37 ++--
samples/bpf/Makefile | 4 +
samples/bpf/bpf_helpers.h | 4 +
samples/bpf/lwt_len_hist.sh | 37 ++++
samples/bpf/lwt_len_hist_kern.c | 82 +++++++++
samples/bpf/lwt_len_hist_user.c | 76 ++++++++
samples/bpf/test_lwt_bpf.c | 247 +++++++++++++++++++++++++
samples/bpf/test_lwt_bpf.sh | 385 ++++++++++++++++++++++++++++++++++++++
17 files changed, 1482 insertions(+), 17 deletions(-)
create mode 100644 net/core/lwt_bpf.c
create mode 100755 samples/bpf/lwt_len_hist.sh
create mode 100644 samples/bpf/lwt_len_hist_kern.c
create mode 100644 samples/bpf/lwt_len_hist_user.c
create mode 100644 samples/bpf/test_lwt_bpf.c
create mode 100755 samples/bpf/test_lwt_bpf.sh
--
2.7.4
next reply other threads:[~2016-11-29 13:21 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-29 13:21 Thomas Graf [this message]
2016-11-29 13:21 ` [PATCH net-next v3 1/4] route: Set orig_output when redirecting to lwt on locally generated traffic Thomas Graf
2016-11-29 13:21 ` [PATCH net-next v3 2/4] route: Set lwtstate for local traffic and cached input dsts Thomas Graf
2016-11-29 13:21 ` [PATCH net-next v3 3/4] bpf: BPF for lightweight tunnel infrastructure Thomas Graf
2016-11-30 0:15 ` Alexei Starovoitov
2016-11-30 2:52 ` John Fastabend
2016-11-30 5:37 ` Alexei Starovoitov
2016-11-30 16:57 ` John Fastabend
2016-11-30 6:48 ` Thomas Graf
2016-11-30 7:01 ` Alexei Starovoitov
2016-11-30 8:57 ` Thomas Graf
2016-11-29 13:21 ` [PATCH net-next v3 4/4] bpf: Add tests and samples for LWT-BPF Thomas Graf
2016-11-30 0:17 ` Alexei Starovoitov
2016-11-30 6:52 ` Thomas Graf
2016-11-29 14:15 ` [PATCH v3 net-next 0/4] bpf: BPF for lightweight tunnel encapsulation Hannes Frederic Sowa
2016-11-29 14:58 ` Thomas Graf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1480424542.git.tgraf@suug.ch \
--to=tgraf@suug.ch \
--cc=alexei.starovoitov@gmail.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=hannes@stressinduktion.org \
--cc=netdev@vger.kernel.org \
--cc=roopa@cumulusnetworks.com \
--cc=tom@herbertland.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).