* Re: [bpf-next v3 05/12] selftests/bpf: Allow passing more information to BPF prog test run
From: Krzesimir Nowak @ 2019-07-11 12:17 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: open list, Alban Crequy, Iago López Galeiras,
Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau, Song Liu,
Yonghong Song, David S. Miller, Jakub Kicinski,
Jesper Dangaard Brouer, John Fastabend, Stanislav Fomichev,
Networking, bpf, xdp-newbies
In-Reply-To: <CAEf4BzYYdrcwJKg271ZL7kPJNYyZEGdxQeuUNbfPk=EjewuHeQ@mail.gmail.com>
On Thu, Jul 11, 2019 at 3:17 AM Andrii Nakryiko
<andrii.nakryiko@gmail.com> wrote:
>
> On Mon, Jul 8, 2019 at 3:42 PM Krzesimir Nowak <krzesimir@kinvolk.io> wrote:
> >
> > The test case can now specify a custom length of the data member,
> > context data and its length, which will be passed to
> > bpf_prog_test_run_xattr. For backward compatilibity, if the data
> > length is 0 (which is what will happen when the field is left
> > unspecified in the designated initializer of a struct), then the
> > length passed to the bpf_prog_test_run_xattr is TEST_DATA_LEN.
> >
> > Also for backward compatilibity, if context data length is 0, NULL is
> > passed as a context to bpf_prog_test_run_xattr. This is to avoid
> > breaking other tests, where context data being NULL and context data
> > length being 0 is handled differently from the case where context data
> > is not NULL and context data length is 0.
> >
> > Custom lengths still can't be greater than hardcoded 64 bytes for data
> > and 192 for context data.
> >
> > 192 for context data was picked to allow passing struct
> > bpf_perf_event_data as a context for perf event programs. The struct
> > is quite large, because it contains struct pt_regs.
> >
> > Test runs for perf event programs will not allow the copying the data
> > back to data_out buffer, so they require data_out_size to be zero and
> > data_out to be NULL. Since test_verifier hardcodes it, make it
> > possible to override the size. Overriding the size to zero will cause
> > the buffer to be NULL.
> >
> > Changes since v2:
> > - Allow overriding the data out size and buffer.
> >
> > Signed-off-by: Krzesimir Nowak <krzesimir@kinvolk.io>
> > ---
> > tools/testing/selftests/bpf/test_verifier.c | 105 +++++++++++++++++---
> > 1 file changed, 93 insertions(+), 12 deletions(-)
> >
> > diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
> > index 1640ba9f12c1..6f124cc4ee34 100644
> > --- a/tools/testing/selftests/bpf/test_verifier.c
> > +++ b/tools/testing/selftests/bpf/test_verifier.c
> > @@ -54,6 +54,7 @@
> > #define MAX_TEST_RUNS 8
> > #define POINTER_VALUE 0xcafe4all
> > #define TEST_DATA_LEN 64
> > +#define TEST_CTX_LEN 192
> >
> > #define F_NEEDS_EFFICIENT_UNALIGNED_ACCESS (1 << 0)
> > #define F_LOAD_WITH_STRICT_ALIGNMENT (1 << 1)
> > @@ -96,7 +97,12 @@ struct bpf_test {
> > enum bpf_prog_type prog_type;
> > uint8_t flags;
> > __u8 data[TEST_DATA_LEN];
> > + __u32 data_len;
> > + __u8 ctx[TEST_CTX_LEN];
> > + __u32 ctx_len;
> > void (*fill_helper)(struct bpf_test *self);
> > + bool override_data_out_len;
> > + __u32 overridden_data_out_len;
> > uint8_t runs;
> > struct {
> > uint32_t retval, retval_unpriv;
> > @@ -104,6 +110,9 @@ struct bpf_test {
> > __u8 data[TEST_DATA_LEN];
> > __u64 data64[TEST_DATA_LEN / 8];
> > };
> > + __u32 data_len;
> > + __u8 ctx[TEST_CTX_LEN];
> > + __u32 ctx_len;
> > } retvals[MAX_TEST_RUNS];
> > };
> >
> > @@ -818,21 +827,35 @@ static int set_admin(bool admin)
> > }
> >
> > static int do_prog_test_run(int fd_prog, bool unpriv, uint32_t expected_val,
> > - void *data, size_t size_data)
> > + void *data, size_t size_data, void *ctx,
> > + size_t size_ctx, u32 *overridden_data_out_size)
> > {
> > - __u8 tmp[TEST_DATA_LEN << 2];
> > - __u32 size_tmp = sizeof(tmp);
> > - int saved_errno;
> > - int err;
> > struct bpf_prog_test_run_attr attr = {
> > .prog_fd = fd_prog,
> > .repeat = 1,
> > .data_in = data,
> > .data_size_in = size_data,
> > - .data_out = tmp,
> > - .data_size_out = size_tmp,
> > + .ctx_in = ctx,
> > + .ctx_size_in = size_ctx,
> > };
> > + __u8 tmp[TEST_DATA_LEN << 2];
> > + __u32 size_tmp = sizeof(tmp);
> > + __u32 size_buf = size_tmp;
> > + __u8 *buf = tmp;
> > + int saved_errno;
> > + int err;
> >
> > + if (overridden_data_out_size)
> > + size_buf = *overridden_data_out_size;
> > + if (size_buf > size_tmp) {
> > + printf("FAIL: out data size (%d) greater than a buffer size (%d) ",
> > + size_buf, size_tmp);
> > + return -EINVAL;
> > + }
> > + if (!size_buf)
> > + buf = NULL;
> > + attr.data_size_out = size_buf;
> > + attr.data_out = buf;
> > if (unpriv)
> > set_admin(true);
> > err = bpf_prog_test_run_xattr(&attr);
> > @@ -956,13 +979,45 @@ static void do_test_single(struct bpf_test *test, bool unpriv,
> > if (!alignment_prevented_execution && fd_prog >= 0) {
> > uint32_t expected_val;
> > int i;
> > + __u32 size_data;
> > + __u32 size_ctx;
> > + bool bad_size;
> > + void *ctx;
> > + __u32 *overridden_data_out_size;
> >
> > if (!test->runs) {
> > + if (test->data_len > 0)
> > + size_data = test->data_len;
> > + else
> > + size_data = sizeof(test->data);
> > + if (test->override_data_out_len)
> > + overridden_data_out_size = &test->overridden_data_out_len;
> > + else
> > + overridden_data_out_size = NULL;
> > + size_ctx = test->ctx_len;
> > + bad_size = false;
>
> I hated all this duplication of logic, which with this patch becomes
> even more expansive, so I removed it. Please see [0]. Can you please
> apply that patch and add all this new logic only once?
>
> [0] https://patchwork.ozlabs.org/patch/1130601/
Will do.
>
> > expected_val = unpriv && test->retval_unpriv ?
> > test->retval_unpriv : test->retval;
> >
> > - err = do_prog_test_run(fd_prog, unpriv, expected_val,
> > - test->data, sizeof(test->data));
> > + if (size_data > sizeof(test->data)) {
> > + printf("FAIL: data size (%u) greater than TEST_DATA_LEN (%lu) ", size_data, sizeof(test->data));
> > + bad_size = true;
> > + }
> > + if (size_ctx > sizeof(test->ctx)) {
> > + printf("FAIL: ctx size (%u) greater than TEST_CTX_LEN (%lu) ", size_ctx, sizeof(test->ctx));
>
> These look like way too long lines, wrap them?
Ah, yeah, these can be wrapped easily. Will do.
>
> > + bad_size = true;
> > + }
> > + if (size_ctx)
> > + ctx = test->ctx;
> > + else
> > + ctx = NULL;
>
> nit: single line:
>
> ctx = size_ctx ? test->ctx : NULL;
>
> > + if (bad_size)
> > + err = 1;
> > + else
> > + err = do_prog_test_run(fd_prog, unpriv, expected_val,
> > + test->data, size_data,
> > + ctx, size_ctx,
> > + overridden_data_out_size);
> > if (err)
> > run_errs++;
> > else
> > @@ -970,14 +1025,40 @@ static void do_test_single(struct bpf_test *test, bool unpriv,
> > }
> >
> > for (i = 0; i < test->runs; i++) {
> > + if (test->retvals[i].data_len > 0)
> > + size_data = test->retvals[i].data_len;
> > + else
> > + size_data = sizeof(test->retvals[i].data);
> > + if (test->override_data_out_len)
> > + overridden_data_out_size = &test->overridden_data_out_len;
> > + else
> > + overridden_data_out_size = NULL;
> > + size_ctx = test->retvals[i].ctx_len;
> > + bad_size = false;
> > if (unpriv && test->retvals[i].retval_unpriv)
> > expected_val = test->retvals[i].retval_unpriv;
> > else
> > expected_val = test->retvals[i].retval;
> >
> > - err = do_prog_test_run(fd_prog, unpriv, expected_val,
> > - test->retvals[i].data,
> > - sizeof(test->retvals[i].data));
> > + if (size_data > sizeof(test->retvals[i].data)) {
> > + printf("FAIL: data size (%u) at run %i greater than TEST_DATA_LEN (%lu) ", size_data, i + 1, sizeof(test->retvals[i].data));
> > + bad_size = true;
> > + }
> > + if (size_ctx > sizeof(test->retvals[i].ctx)) {
> > + printf("FAIL: ctx size (%u) at run %i greater than TEST_CTX_LEN (%lu) ", size_ctx, i + 1, sizeof(test->retvals[i].ctx));
> > + bad_size = true;
> > + }
> > + if (size_ctx)
> > + ctx = test->retvals[i].ctx;
> > + else
> > + ctx = NULL;
> > + if (bad_size)
> > + err = 1;
> > + else
> > + err = do_prog_test_run(fd_prog, unpriv, expected_val,
> > + test->retvals[i].data, size_data,
> > + ctx, size_ctx,
> > + overridden_data_out_size);
> > if (err) {
> > printf("(run %d/%d) ", i + 1, test->runs);
> > run_errs++;
> > --
> > 2.20.1
> >
--
Kinvolk GmbH | Adalbertstr.6a, 10999 Berlin | tel: +491755589364
Geschäftsführer/Directors: Alban Crequy, Chris Kühl, Iago López Galeiras
Registergericht/Court of registration: Amtsgericht Charlottenburg
Registernummer/Registration number: HRB 171414 B
Ust-ID-Nummer/VAT ID number: DE302207000
^ permalink raw reply
* Re: [PATCH bpf-next] selftests/bpf: remove logic duplication in test_verifier.c
From: Krzesimir Nowak @ 2019-07-11 12:13 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: Andrii Nakryiko, kernel-team, ast, Daniel Borkmann, bpf,
Networking
In-Reply-To: <20190711010844.1285018-1-andriin@fb.com>
On Thu, Jul 11, 2019 at 3:08 AM Andrii Nakryiko <andriin@fb.com> wrote:
>
> test_verifier tests can specify single- and multi-runs tests. Internally
> logic of handling them is duplicated. Get rid of it by making single run
> retval specification to be a first retvals spec.
>
> Cc: Krzesimir Nowak <krzesimir@kinvolk.io>
> Signed-off-by: Andrii Nakryiko <andriin@fb.com>
Looks good, one nit below.
Acked-by: Krzesimir Nowak <krzesimir@kinvolk.io>
> ---
> tools/testing/selftests/bpf/test_verifier.c | 37 ++++++++++-----------
> 1 file changed, 18 insertions(+), 19 deletions(-)
>
> diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
> index b0773291012a..120ecdf4a7db 100644
> --- a/tools/testing/selftests/bpf/test_verifier.c
> +++ b/tools/testing/selftests/bpf/test_verifier.c
> @@ -86,7 +86,7 @@ struct bpf_test {
> int fixup_sk_storage_map[MAX_FIXUPS];
> const char *errstr;
> const char *errstr_unpriv;
> - uint32_t retval, retval_unpriv, insn_processed;
> + uint32_t insn_processed;
> int prog_len;
> enum {
> UNDEF,
> @@ -95,16 +95,24 @@ struct bpf_test {
> } result, result_unpriv;
> enum bpf_prog_type prog_type;
> uint8_t flags;
> - __u8 data[TEST_DATA_LEN];
> void (*fill_helper)(struct bpf_test *self);
> uint8_t runs;
> - struct {
> - uint32_t retval, retval_unpriv;
> - union {
> - __u8 data[TEST_DATA_LEN];
> - __u64 data64[TEST_DATA_LEN / 8];
> + union {
> + struct {
Maybe consider moving the struct definition outside to further the
removal of the duplication?
> + uint32_t retval, retval_unpriv;
> + union {
> + __u8 data[TEST_DATA_LEN];
> + __u64 data64[TEST_DATA_LEN / 8];
> + };
> };
> - } retvals[MAX_TEST_RUNS];
> + struct {
> + uint32_t retval, retval_unpriv;
> + union {
> + __u8 data[TEST_DATA_LEN];
> + __u64 data64[TEST_DATA_LEN / 8];
> + };
> + } retvals[MAX_TEST_RUNS];
> + };
> enum bpf_attach_type expected_attach_type;
> };
>
> @@ -949,17 +957,8 @@ static void do_test_single(struct bpf_test *test, bool unpriv,
> uint32_t expected_val;
> int i;
>
> - if (!test->runs) {
> - expected_val = unpriv && test->retval_unpriv ?
> - test->retval_unpriv : test->retval;
> -
> - err = do_prog_test_run(fd_prog, unpriv, expected_val,
> - test->data, sizeof(test->data));
> - if (err)
> - run_errs++;
> - else
> - run_successes++;
> - }
> + if (!test->runs)
> + test->runs = 1;
>
> for (i = 0; i < test->runs; i++) {
> if (unpriv && test->retvals[i].retval_unpriv)
> --
> 2.17.1
>
--
Kinvolk GmbH | Adalbertstr.6a, 10999 Berlin | tel: +491755589364
Geschäftsführer/Directors: Alban Crequy, Chris Kühl, Iago López Galeiras
Registergericht/Court of registration: Amtsgericht Charlottenburg
Registernummer/Registration number: HRB 171414 B
Ust-ID-Nummer/VAT ID number: DE302207000
^ permalink raw reply
* Re: [bpf-next v3 04/12] selftests/bpf: Use bpf_prog_test_run_xattr
From: Krzesimir Nowak @ 2019-07-11 12:07 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: open list, Alban Crequy, Iago López Galeiras,
Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau, Song Liu,
Yonghong Song, David S. Miller, Jakub Kicinski,
Jesper Dangaard Brouer, John Fastabend, Stanislav Fomichev,
Networking, bpf, xdp-newbies
In-Reply-To: <CAEf4BzZoOw=1B8vV53iAxz8LDULOPVF-he4C_usoUQSdXU+oSg@mail.gmail.com>
On Thu, Jul 11, 2019 at 2:03 AM Andrii Nakryiko
<andrii.nakryiko@gmail.com> wrote:
>
> On Mon, Jul 8, 2019 at 3:43 PM Krzesimir Nowak <krzesimir@kinvolk.io> wrote:
> >
> > The bpf_prog_test_run_xattr function gives more options to set up a
> > test run of a BPF program than the bpf_prog_test_run function.
> >
> > We will need this extra flexibility to pass ctx data later.
> >
> > Signed-off-by: Krzesimir Nowak <krzesimir@kinvolk.io>
> > ---
>
> lgtm, with some nits below
>
> Acked-by: Andrii Nakryiko <andriin@fb.com>
>
> > tools/testing/selftests/bpf/test_verifier.c | 16 +++++++++++-----
> > 1 file changed, 11 insertions(+), 5 deletions(-)
> >
> > diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
> > index c7541f572932..1640ba9f12c1 100644
> > --- a/tools/testing/selftests/bpf/test_verifier.c
> > +++ b/tools/testing/selftests/bpf/test_verifier.c
> > @@ -822,14 +822,20 @@ static int do_prog_test_run(int fd_prog, bool unpriv, uint32_t expected_val,
> > {
> > __u8 tmp[TEST_DATA_LEN << 2];
> > __u32 size_tmp = sizeof(tmp);
>
> nit: this is now is not needed as a separate local variable, inline?
I think I'm using this variable in a followup commit, but I'll look closely.
>
> > - uint32_t retval;
> > int saved_errno;
> > int err;
> > + struct bpf_prog_test_run_attr attr = {
> > + .prog_fd = fd_prog,
> > + .repeat = 1,
> > + .data_in = data,
> > + .data_size_in = size_data,
> > + .data_out = tmp,
> > + .data_size_out = size_tmp,
> > + };
> >
> > if (unpriv)
> > set_admin(true);
> > - err = bpf_prog_test_run(fd_prog, 1, data, size_data,
> > - tmp, &size_tmp, &retval, NULL);
> > + err = bpf_prog_test_run_xattr(&attr);
> > saved_errno = errno;
> > if (unpriv)
> > set_admin(false);
> > @@ -846,9 +852,9 @@ static int do_prog_test_run(int fd_prog, bool unpriv, uint32_t expected_val,
> > return err;
> > }
> > }
> > - if (retval != expected_val &&
> > + if (attr.retval != expected_val &&
> > expected_val != POINTER_VALUE) {
>
> this if condition now fits one line, can you please combine? thanks!
Sure.
>
> > - printf("FAIL retval %d != %d ", retval, expected_val);
> > + printf("FAIL retval %d != %d ", attr.retval, expected_val);
> > return 1;
> > }
> >
> > --
> > 2.20.1
> >
--
Kinvolk GmbH | Adalbertstr.6a, 10999 Berlin | tel: +491755589364
Geschäftsführer/Directors: Alban Crequy, Chris Kühl, Iago López Galeiras
Registergericht/Court of registration: Amtsgericht Charlottenburg
Registernummer/Registration number: HRB 171414 B
Ust-ID-Nummer/VAT ID number: DE302207000
^ permalink raw reply
* Re: [bpf-next v3 03/12] selftests/bpf: Avoid another case of errno clobbering
From: Krzesimir Nowak @ 2019-07-11 12:05 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: open list, Alban Crequy, Iago López Galeiras,
Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau, Song Liu,
Yonghong Song, David S. Miller, Jakub Kicinski,
Jesper Dangaard Brouer, John Fastabend, Stanislav Fomichev,
Networking, bpf, xdp-newbies
In-Reply-To: <CAEf4BzbM6EiCkN5mwK1YP-NC2bavkkHV7nFR-PXCWGOvVt7nTg@mail.gmail.com>
On Thu, Jul 11, 2019 at 1:57 AM Andrii Nakryiko
<andrii.nakryiko@gmail.com> wrote:
>
> On Mon, Jul 8, 2019 at 3:43 PM Krzesimir Nowak <krzesimir@kinvolk.io> wrote:
> >
> > Commit 8184d44c9a57 ("selftests/bpf: skip verifier tests for
> > unsupported program types") added a check for an unsupported program
> > type. The function doing it changes errno, so test_verifier should
> > save it before calling it if test_verifier wants to print a reason why
> > verifying a BPF program of a supported type failed.
> >
> > Changes since v2:
> > - Move the declaration to fit the reverse christmas tree style.
> >
> > Fixes: 8184d44c9a57 ("selftests/bpf: skip verifier tests for unsupported program types")
> > Cc: Stanislav Fomichev <sdf@google.com>
> > Signed-off-by: Krzesimir Nowak <krzesimir@kinvolk.io>
> > ---
>
> Acked-by: Andrii Nakryiko <andriin@fb.com>
>
> > tools/testing/selftests/bpf/test_verifier.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
> > index 3fe126e0083b..c7541f572932 100644
> > --- a/tools/testing/selftests/bpf/test_verifier.c
> > +++ b/tools/testing/selftests/bpf/test_verifier.c
> > @@ -864,6 +864,7 @@ static void do_test_single(struct bpf_test *test, bool unpriv,
> > int run_errs, run_successes;
> > int map_fds[MAX_NR_MAPS];
> > const char *expected_err;
> > + int saved_errno;
> > int fixup_skips;
>
> nit: combine those ints? or even with i and err below as well?
Will do.
>
> > __u32 pflags;
> > int i, err;
> > @@ -894,6 +895,7 @@ static void do_test_single(struct bpf_test *test, bool unpriv,
> > pflags |= BPF_F_ANY_ALIGNMENT;
> > fd_prog = bpf_verify_program(prog_type, prog, prog_len, pflags,
> > "GPL", 0, bpf_vlog, sizeof(bpf_vlog), 4);
> > + saved_errno = errno;
> > if (fd_prog < 0 && !bpf_probe_prog_type(prog_type, 0)) {
> > printf("SKIP (unsupported program type %d)\n", prog_type);
> > skips++;
> > @@ -910,7 +912,7 @@ static void do_test_single(struct bpf_test *test, bool unpriv,
> > if (expected_ret == ACCEPT) {
> > if (fd_prog < 0) {
> > printf("FAIL\nFailed to load prog '%s'!\n",
> > - strerror(errno));
> > + strerror(saved_errno));
> > goto fail_log;
> > }
> > #ifndef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
> > --
> > 2.20.1
> >
--
Kinvolk GmbH | Adalbertstr.6a, 10999 Berlin | tel: +491755589364
Geschäftsführer/Directors: Alban Crequy, Chris Kühl, Iago López Galeiras
Registergericht/Court of registration: Amtsgericht Charlottenburg
Registernummer/Registration number: HRB 171414 B
Ust-ID-Nummer/VAT ID number: DE302207000
^ permalink raw reply
* Re: [bpf-next v3 02/12] selftests/bpf: Avoid a clobbering of errno
From: Krzesimir Nowak @ 2019-07-11 12:04 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: open list, Alban Crequy, Iago López Galeiras,
Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau, Song Liu,
Yonghong Song, David S. Miller, Jakub Kicinski,
Jesper Dangaard Brouer, John Fastabend, Stanislav Fomichev,
Networking, bpf, xdp-newbies
In-Reply-To: <CAEf4BzYra9njHOB8t6kxRu6n5NJdjjAG541OLt8ci=0zbbcUSg@mail.gmail.com>
On Thu, Jul 11, 2019 at 1:52 AM Andrii Nakryiko
<andrii.nakryiko@gmail.com> wrote:
>
> On Mon, Jul 8, 2019 at 3:42 PM Krzesimir Nowak <krzesimir@kinvolk.io> wrote:
> >
> > Save errno right after bpf_prog_test_run returns, so we later check
> > the error code actually set by bpf_prog_test_run, not by some libcap
> > function.
> >
> > Changes since v1:
> > - Fix the "Fixes:" tag to mention actual commit that introduced the
> > bug
> >
> > Changes since v2:
> > - Move the declaration so it fits the reverse christmas tree style.
> >
> > Cc: Daniel Borkmann <daniel@iogearbox.net>
> > Fixes: 832c6f2c29ec ("bpf: test make sure to run unpriv test cases in test_verifier")
> > Signed-off-by: Krzesimir Nowak <krzesimir@kinvolk.io>
> > ---
> > tools/testing/selftests/bpf/test_verifier.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
> > index b8d065623ead..3fe126e0083b 100644
> > --- a/tools/testing/selftests/bpf/test_verifier.c
> > +++ b/tools/testing/selftests/bpf/test_verifier.c
> > @@ -823,16 +823,18 @@ static int do_prog_test_run(int fd_prog, bool unpriv, uint32_t expected_val,
> > __u8 tmp[TEST_DATA_LEN << 2];
> > __u32 size_tmp = sizeof(tmp);
> > uint32_t retval;
> > + int saved_errno;
> > int err;
> >
> > if (unpriv)
> > set_admin(true);
> > err = bpf_prog_test_run(fd_prog, 1, data, size_data,
> > tmp, &size_tmp, &retval, NULL);
>
> Given err is either 0 or -1, how about instead making err useful right
> here without extra variable?
>
> if (bpf_prog_test_run(...))
> err = errno;
I change it later to bpf_prog_test_run_xattr, which can also return
-EINVAL and then errno is not set. But this one probably should not be
triggered by the test code. So not sure, probably would be better to
keep it as is for consistency?
>
> > + saved_errno = errno;
> > if (unpriv)
> > set_admin(false);
> > if (err) {
> > - switch (errno) {
> > + switch (saved_errno) {
> > case 524/*ENOTSUPP*/:
>
> ENOTSUPP is defined in include/linux/errno.h, is there any problem
> with using this in selftests?
I just used whatever there was earlier. Seems like <linux/errno.h> is
not copied to tools include directory.
>
> > printf("Did not run the program (not supported) ");
> > return 0;
> > --
> > 2.20.1
> >
--
Kinvolk GmbH | Adalbertstr.6a, 10999 Berlin | tel: +491755589364
Geschäftsführer/Directors: Alban Crequy, Chris Kühl, Iago López Galeiras
Registergericht/Court of registration: Amtsgericht Charlottenburg
Registernummer/Registration number: HRB 171414 B
Ust-ID-Nummer/VAT ID number: DE302207000
^ permalink raw reply
* Re: [oss-drivers] Re: [RFC bpf-next 2/8] bpf: extend list based insn patching infra to verification layer
From: Jiong Wang @ 2019-07-11 11:59 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: Jiong Wang, Alexei Starovoitov, Daniel Borkmann, Edward Cree,
Naveen N. Rao, Andrii Nakryiko, Jakub Kicinski, bpf, Networking,
oss-drivers
In-Reply-To: <CAEf4BzaF-Bvj9veA1EYu5GWQrWOu=ttX064YTrB4yNQ4neJZOQ@mail.gmail.com>
Andrii Nakryiko writes:
> On Thu, Jul 4, 2019 at 2:32 PM Jiong Wang <jiong.wang@netronome.com> wrote:
>>
>> Verification layer also needs to handle auxiliar info as well as adjusting
>> subprog start.
>>
>> At this layer, insns inside patch buffer could be jump, but they should
>> have been resolved, meaning they shouldn't jump to insn outside of the
>> patch buffer. Lineration function for this layer won't touch insns inside
>> patch buffer.
>>
>> Adjusting subprog is finished along with adjusting jump target when the
>> input will cover bpf to bpf call insn, re-register subprog start is cheap.
>> But adjustment when there is insn deleteion is not considered yet.
>>
>> Signed-off-by: Jiong Wang <jiong.wang@netronome.com>
>> ---
>> kernel/bpf/verifier.c | 150 ++++++++++++++++++++++++++++++++++++++++++++++++++
>> 1 file changed, 150 insertions(+)
>>
>> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
>> index a2e7637..2026d64 100644
>> --- a/kernel/bpf/verifier.c
>> +++ b/kernel/bpf/verifier.c
>> @@ -8350,6 +8350,156 @@ static void opt_hard_wire_dead_code_branches(struct bpf_verifier_env *env)
>> }
>> }
>>
>> +/* Linearize bpf list insn to array (verifier layer). */
>> +static struct bpf_verifier_env *
>> +verifier_linearize_list_insn(struct bpf_verifier_env *env,
>> + struct bpf_list_insn *list)
>
> It's unclear why this returns env back? It's not allocating a new env,
> so it's weird and unnecessary. Just return error code.
The reason is I was thinking we have two layers in BPF, the core and the
verifier.
For core layer (the relevant file is core.c), when doing patching, the
input is insn list and bpf_prog, the linearization should linearize the
insn list into insn array, and also whatever others affect inside bpf_prog
due to changing on insns, for example line info inside prog->aux. So the
return value is bpf_prog for core layer linearization hook.
For verifier layer, it is similar, but the context if bpf_verifier_env, the
linearization hook should linearize the insn list, and also those affected
inside env, for example bpf_insn_aux_data, so the return value is
bpf_verifier_env, meaning returning an updated verifier context
(bpf_verifier_env) after insn list linearization.
Make sense?
Regards,
Jiong
>
>> +{
>> + u32 *idx_map, idx, orig_cnt, fini_cnt = 0;
>> + struct bpf_subprog_info *new_subinfo;
>> + struct bpf_insn_aux_data *new_data;
>> + struct bpf_prog *prog = env->prog;
>> + struct bpf_verifier_env *ret_env;
>> + struct bpf_insn *insns, *insn;
>> + struct bpf_list_insn *elem;
>> + int ret;
>> +
>> + /* Calculate final size. */
>> + for (elem = list; elem; elem = elem->next)
>> + if (!(elem->flag & LIST_INSN_FLAG_REMOVED))
>> + fini_cnt++;
>> +
>> + orig_cnt = prog->len;
>> + insns = prog->insnsi;
>> + /* If prog length remains same, nothing else to do. */
>> + if (fini_cnt == orig_cnt) {
>> + for (insn = insns, elem = list; elem; elem = elem->next, insn++)
>> + *insn = elem->insn;
>> + return env;
>> + }
>> + /* Realloc insn buffer when necessary. */
>> + if (fini_cnt > orig_cnt)
>> + prog = bpf_prog_realloc(prog, bpf_prog_size(fini_cnt),
>> + GFP_USER);
>> + if (!prog)
>> + return ERR_PTR(-ENOMEM);
>> + insns = prog->insnsi;
>> + prog->len = fini_cnt;
>> + ret_env = env;
>> +
>> + /* idx_map[OLD_IDX] = NEW_IDX */
>> + idx_map = kvmalloc(orig_cnt * sizeof(u32), GFP_KERNEL);
>> + if (!idx_map)
>> + return ERR_PTR(-ENOMEM);
>> + memset(idx_map, 0xff, orig_cnt * sizeof(u32));
>> +
>> + /* Use the same alloc method used when allocating env->insn_aux_data. */
>> + new_data = vzalloc(array_size(sizeof(*new_data), fini_cnt));
>> + if (!new_data) {
>> + kvfree(idx_map);
>> + return ERR_PTR(-ENOMEM);
>> + }
>> +
>> + /* Copy over insn + calculate idx_map. */
>> + for (idx = 0, elem = list; elem; elem = elem->next) {
>> + int orig_idx = elem->orig_idx - 1;
>> +
>> + if (orig_idx >= 0) {
>> + idx_map[orig_idx] = idx;
>> +
>> + if (elem->flag & LIST_INSN_FLAG_REMOVED)
>> + continue;
>> +
>> + new_data[idx] = env->insn_aux_data[orig_idx];
>> +
>> + if (elem->flag & LIST_INSN_FLAG_PATCHED)
>> + new_data[idx].zext_dst =
>> + insn_has_def32(env, &elem->insn);
>> + } else {
>> + new_data[idx].seen = true;
>> + new_data[idx].zext_dst = insn_has_def32(env,
>> + &elem->insn);
>> + }
>> + insns[idx++] = elem->insn;
>> + }
>> +
>> + new_subinfo = kvzalloc(sizeof(env->subprog_info), GFP_KERNEL);
>> + if (!new_subinfo) {
>> + kvfree(idx_map);
>> + vfree(new_data);
>> + return ERR_PTR(-ENOMEM);
>> + }
>> + memcpy(new_subinfo, env->subprog_info, sizeof(env->subprog_info));
>> + memset(env->subprog_info, 0, sizeof(env->subprog_info));
>> + env->subprog_cnt = 0;
>> + env->prog = prog;
>> + ret = add_subprog(env, 0);
>> + if (ret < 0) {
>> + ret_env = ERR_PTR(ret);
>> + goto free_all_ret;
>> + }
>> + /* Relocate jumps using idx_map.
>> + * old_dst = jmp_insn.old_target + old_pc + 1;
>> + * new_dst = idx_map[old_dst] = jmp_insn.new_target + new_pc + 1;
>> + * jmp_insn.new_target = new_dst - new_pc - 1;
>> + */
>> + for (idx = 0, elem = list; elem; elem = elem->next) {
>> + int orig_idx = elem->orig_idx;
>> +
>> + if (elem->flag & LIST_INSN_FLAG_REMOVED)
>> + continue;
>> + if ((elem->flag & LIST_INSN_FLAG_PATCHED) || !orig_idx) {
>> + idx++;
>> + continue;
>> + }
>> +
>> + ret = bpf_jit_adj_imm_off(&insns[idx], orig_idx - 1, idx,
>> + idx_map);
>> + if (ret < 0) {
>> + ret_env = ERR_PTR(ret);
>> + goto free_all_ret;
>> + }
>> + /* Recalculate subprog start as we are at bpf2bpf call insn. */
>> + if (ret > 0) {
>> + ret = add_subprog(env, idx + insns[idx].imm + 1);
>> + if (ret < 0) {
>> + ret_env = ERR_PTR(ret);
>> + goto free_all_ret;
>> + }
>> + }
>> + idx++;
>> + }
>> + if (ret < 0) {
>> + ret_env = ERR_PTR(ret);
>> + goto free_all_ret;
>> + }
>> +
>> + env->subprog_info[env->subprog_cnt].start = fini_cnt;
>> + for (idx = 0; idx <= env->subprog_cnt; idx++)
>> + new_subinfo[idx].start = env->subprog_info[idx].start;
>> + memcpy(env->subprog_info, new_subinfo, sizeof(env->subprog_info));
>> +
>> + /* Adjust linfo.
>> + * FIXME: no support for insn removal at the moment.
>> + */
>> + if (prog->aux->nr_linfo) {
>> + struct bpf_line_info *linfo = prog->aux->linfo;
>> + u32 nr_linfo = prog->aux->nr_linfo;
>> +
>> + for (idx = 0; idx < nr_linfo; idx++)
>> + linfo[idx].insn_off = idx_map[linfo[idx].insn_off];
>> + }
>> + vfree(env->insn_aux_data);
>> + env->insn_aux_data = new_data;
>> + goto free_mem_list_ret;
>> +free_all_ret:
>> + vfree(new_data);
>> +free_mem_list_ret:
>> + kvfree(new_subinfo);
>> + kvfree(idx_map);
>> + return ret_env;
>> +}
>> +
>> static int opt_remove_dead_code(struct bpf_verifier_env *env)
>> {
>> struct bpf_insn_aux_data *aux_data = env->insn_aux_data;
>> --
>> 2.7.4
>>
^ permalink raw reply
* Re: [RFC bpf-next 1/8] bpf: introducing list based insn patching infra to core layer
From: Jiong Wang @ 2019-07-11 11:53 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: Jiong Wang, Alexei Starovoitov, Daniel Borkmann, Edward Cree,
Naveen N. Rao, Andrii Nakryiko, Jakub Kicinski, bpf, Networking,
oss-drivers
In-Reply-To: <CAEf4BzbR-MQa=TTVir0m-kMeWOxtgnZx+XqAB6neEW+RMBrKEA@mail.gmail.com>
Andrii Nakryiko writes:
> On Thu, Jul 4, 2019 at 2:32 PM Jiong Wang <jiong.wang@netronome.com> wrote:
>>
>> This patch introduces list based bpf insn patching infra to bpf core layer
>> which is lower than verification layer.
>>
>> This layer has bpf insn sequence as the solo input, therefore the tasks
>> to be finished during list linerization is:
>> - copy insn
>> - relocate jumps
>> - relocation line info.
>>
>> Suggested-by: Alexei Starovoitov <ast@kernel.org>
>> Suggested-by: Edward Cree <ecree@solarflare.com>
>> Signed-off-by: Jiong Wang <jiong.wang@netronome.com>
>> ---
>> include/linux/filter.h | 25 +++++
>> kernel/bpf/core.c | 268 +++++++++++++++++++++++++++++++++++++++++++++++++
>> 2 files changed, 293 insertions(+)
>>
>> diff --git a/include/linux/filter.h b/include/linux/filter.h
>> index 1fe53e7..1fea68c 100644
>> --- a/include/linux/filter.h
>> +++ b/include/linux/filter.h
>> @@ -842,6 +842,31 @@ struct bpf_prog *bpf_patch_insn_single(struct bpf_prog *prog, u32 off,
>> const struct bpf_insn *patch, u32 len);
>> int bpf_remove_insns(struct bpf_prog *prog, u32 off, u32 cnt);
>>
>> +int bpf_jit_adj_imm_off(struct bpf_insn *insn, int old_idx, int new_idx,
>> + int idx_map[]);
>> +
>> +#define LIST_INSN_FLAG_PATCHED 0x1
>> +#define LIST_INSN_FLAG_REMOVED 0x2
>> +struct bpf_list_insn {
>> + struct bpf_insn insn;
>> + struct bpf_list_insn *next;
>> + s32 orig_idx;
>> + u32 flag;
>> +};
>> +
>> +struct bpf_list_insn *bpf_create_list_insn(struct bpf_prog *prog);
>> +void bpf_destroy_list_insn(struct bpf_list_insn *list);
>> +/* Replace LIST_INSN with new list insns generated from PATCH. */
>> +struct bpf_list_insn *bpf_patch_list_insn(struct bpf_list_insn *list_insn,
>> + const struct bpf_insn *patch,
>> + u32 len);
>> +/* Pre-patch list_insn with insns inside PATCH, meaning LIST_INSN is not
>> + * touched. New list insns are inserted before it.
>> + */
>> +struct bpf_list_insn *bpf_prepatch_list_insn(struct bpf_list_insn *list_insn,
>> + const struct bpf_insn *patch,
>> + u32 len);
>> +
>> void bpf_clear_redirect_map(struct bpf_map *map);
>>
>> static inline bool xdp_return_frame_no_direct(void)
>> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
>> index e2c1b43..e60703e 100644
>> --- a/kernel/bpf/core.c
>> +++ b/kernel/bpf/core.c
>> @@ -502,6 +502,274 @@ int bpf_remove_insns(struct bpf_prog *prog, u32 off, u32 cnt)
>> return WARN_ON_ONCE(bpf_adj_branches(prog, off, off + cnt, off, false));
>> }
>>
>> +int bpf_jit_adj_imm_off(struct bpf_insn *insn, int old_idx, int new_idx,
>> + s32 idx_map[])
>> +{
>> + u8 code = insn->code;
>> + s64 imm;
>> + s32 off;
>> +
>> + if (BPF_CLASS(code) != BPF_JMP && BPF_CLASS(code) != BPF_JMP32)
>> + return 0;
>> +
>> + if (BPF_CLASS(code) == BPF_JMP &&
>> + (BPF_OP(code) == BPF_EXIT ||
>> + (BPF_OP(code) == BPF_CALL && insn->src_reg != BPF_PSEUDO_CALL)))
>> + return 0;
>> +
>> + /* BPF to BPF call. */
>> + if (BPF_OP(code) == BPF_CALL) {
>> + imm = idx_map[old_idx + insn->imm + 1] - new_idx - 1;
>> + if (imm < S32_MIN || imm > S32_MAX)
>> + return -ERANGE;
>> + insn->imm = imm;
>> + return 1;
>> + }
>> +
>> + /* Jump. */
>> + off = idx_map[old_idx + insn->off + 1] - new_idx - 1;
>> + if (off < S16_MIN || off > S16_MAX)
>> + return -ERANGE;
>> + insn->off = off;
>> + return 0;
>> +}
>> +
>> +void bpf_destroy_list_insn(struct bpf_list_insn *list)
>> +{
>> + struct bpf_list_insn *elem, *next;
>> +
>> + for (elem = list; elem; elem = next) {
>> + next = elem->next;
>> + kvfree(elem);
>> + }
>> +}
>> +
>> +struct bpf_list_insn *bpf_create_list_insn(struct bpf_prog *prog)
>> +{
>> + unsigned int idx, len = prog->len;
>> + struct bpf_list_insn *hdr, *prev;
>> + struct bpf_insn *insns;
>> +
>> + hdr = kvzalloc(sizeof(*hdr), GFP_KERNEL);
>> + if (!hdr)
>> + return ERR_PTR(-ENOMEM);
>> +
>> + insns = prog->insnsi;
>> + hdr->insn = insns[0];
>> + hdr->orig_idx = 1;
>> + prev = hdr;
>
> I'm not sure why you need this "prologue" instead of handling first
> instruction uniformly in for loop below?
It is because the head of the list doesn't have precessor, so no need of
the prev->next assignment, not could do a check inside the loop to rule the
head out when doing it.
>> +
>> + for (idx = 1; idx < len; idx++) {
>> + struct bpf_list_insn *node = kvzalloc(sizeof(*node),
>> + GFP_KERNEL);
>> +
>> + if (!node) {
>> + /* Destroy what has been allocated. */
>> + bpf_destroy_list_insn(hdr);
>> + return ERR_PTR(-ENOMEM);
>> + }
>> + node->insn = insns[idx];
>> + node->orig_idx = idx + 1;
>
> Why orig_idx is 1-based? It's really confusing.
orig_idx == 0 means one insn is without original insn, means it is an new
insn generated for patching purpose.
While the LIST_INSN_FLAG_PATCHED in the RFC means one insn in original prog
is patched.
I had been trying to differenciate above two cases, but yes, they are
confusing and differenciating them might be useless, if an insn in original
prog is patched, all its info could be treated as clobbered and needing
re-calculating or should do conservative assumption.
>
>> + prev->next = node;
>> + prev = node;
>> + }
>> +
>> + return hdr;
>> +}
>> +
>> +/* Linearize bpf list insn to array. */
>> +static struct bpf_prog *bpf_linearize_list_insn(struct bpf_prog *prog,
>> + struct bpf_list_insn *list)
>> +{
>> + u32 *idx_map, idx, prev_idx, fini_cnt = 0, orig_cnt = prog->len;
>> + struct bpf_insn *insns, *insn;
>> + struct bpf_list_insn *elem;
>> +
>> + /* Calculate final size. */
>> + for (elem = list; elem; elem = elem->next)
>> + if (!(elem->flag & LIST_INSN_FLAG_REMOVED))
>> + fini_cnt++;
>> +
>> + insns = prog->insnsi;
>> + /* If prog length remains same, nothing else to do. */
>> + if (fini_cnt == orig_cnt) {
>> + for (insn = insns, elem = list; elem; elem = elem->next, insn++)
>> + *insn = elem->insn;
>> + return prog;
>> + }
>> + /* Realloc insn buffer when necessary. */
>> + if (fini_cnt > orig_cnt)
>> + prog = bpf_prog_realloc(prog, bpf_prog_size(fini_cnt),
>> + GFP_USER);
>> + if (!prog)
>> + return ERR_PTR(-ENOMEM);
>> + insns = prog->insnsi;
>> + prog->len = fini_cnt;
>> +
>> + /* idx_map[OLD_IDX] = NEW_IDX */
>> + idx_map = kvmalloc(orig_cnt * sizeof(u32), GFP_KERNEL);
>> + if (!idx_map)
>> + return ERR_PTR(-ENOMEM);
>> + memset(idx_map, 0xff, orig_cnt * sizeof(u32));
>> +
>> + /* Copy over insn + calculate idx_map. */
>> + for (idx = 0, elem = list; elem; elem = elem->next) {
>> + int orig_idx = elem->orig_idx - 1;
>> +
>> + if (orig_idx >= 0) {
>> + idx_map[orig_idx] = idx;
>> +
>> + if (elem->flag & LIST_INSN_FLAG_REMOVED)
>> + continue;
>> + }
>> + insns[idx++] = elem->insn;
>> + }
>> +
>> + /* Relocate jumps using idx_map.
>> + * old_dst = jmp_insn.old_target + old_pc + 1;
>> + * new_dst = idx_map[old_dst] = jmp_insn.new_target + new_pc + 1;
>> + * jmp_insn.new_target = new_dst - new_pc - 1;
>> + */
>> + for (idx = 0, prev_idx = 0, elem = list; elem; elem = elem->next) {
>> + int ret, orig_idx;
>> +
>> + /* A removed insn doesn't increase new_pc */
>> + if (elem->flag & LIST_INSN_FLAG_REMOVED)
>> + continue;
>> +
>> + orig_idx = elem->orig_idx - 1;
>> + ret = bpf_jit_adj_imm_off(&insns[idx],
>> + orig_idx >= 0 ? orig_idx : prev_idx,
>> + idx, idx_map);
>> + idx++;
>> + if (ret < 0) {
>> + kvfree(idx_map);
>> + return ERR_PTR(ret);
>> + }
>> + if (orig_idx >= 0)
>> + /* Record prev_idx. it is used for relocating jump insn
>> + * inside patch buffer. For example, when doing jit
>> + * blinding, a jump could be moved to some other
>> + * positions inside the patch buffer, and its old_dst
>> + * could be calculated using prev_idx.
>> + */
>> + prev_idx = orig_idx;
>> + }
>> +
>> + /* Adjust linfo.
>> + *
>> + * NOTE: the prog reached core layer has been adjusted to contain insns
>> + * for single function, however linfo contains information for
>> + * whole program, so we need to make sure linfo beyond current
>> + * function is handled properly.
>> + */
>> + if (prog->aux->nr_linfo) {
>> + u32 linfo_idx, insn_start, insn_end, nr_linfo, idx, delta;
>> + struct bpf_line_info *linfo;
>> +
>> + linfo_idx = prog->aux->linfo_idx;
>> + linfo = &prog->aux->linfo[linfo_idx];
>> + insn_start = linfo[0].insn_off;
>> + insn_end = insn_start + orig_cnt;
>> + nr_linfo = prog->aux->nr_linfo - linfo_idx;
>> + delta = fini_cnt - orig_cnt;
>> + for (idx = 0; idx < nr_linfo; idx++) {
>> + int adj_off;
>> +
>> + if (linfo[idx].insn_off >= insn_end) {
>> + linfo[idx].insn_off += delta;
>> + continue;
>> + }
>> +
>> + adj_off = linfo[idx].insn_off - insn_start;
>> + linfo[idx].insn_off = idx_map[adj_off] + insn_start;
>> + }
>> + }
>> + kvfree(idx_map);
>> +
>> + return prog;
>> +}
>> +
>> +struct bpf_list_insn *bpf_patch_list_insn(struct bpf_list_insn *list_insn,
>> + const struct bpf_insn *patch,
>> + u32 len)
>> +{
>> + struct bpf_list_insn *prev, *next;
>> + u32 insn_delta = len - 1;
>> + u32 idx;
>> +
>> + list_insn->insn = *patch;
>> + list_insn->flag |= LIST_INSN_FLAG_PATCHED;
>> +
>> + /* Since our patchlet doesn't expand the image, we're done. */
>> + if (insn_delta == 0)
>> + return list_insn;
>> +
>> + len--;
>> + patch++;
>> +
>> + prev = list_insn;
>> + next = list_insn->next;
>> + for (idx = 0; idx < len; idx++) {
>> + struct bpf_list_insn *node = kvzalloc(sizeof(*node),
>> + GFP_KERNEL);
>> +
>> + if (!node) {
>> + /* Link what's allocated, so list destroyer could
>> + * free them.
>> + */
>> + prev->next = next;
>
> Why this special handling, if you can just insert element so that list
> is well-formed after each instruction?
Good idea, just always do "node->next = next", the "prev->next = node" in
next round will fix it.
>
>> + return ERR_PTR(-ENOMEM);
>> + }
>> +
>> + node->insn = patch[idx];
>> + prev->next = node;
>> + prev = node;
>
> E.g.,
>
> node->next = next;
> prev->next = node;
> prev = node;
>
>> + }
>> +
>> + prev->next = next;
>
> And no need for this either.
>
>> + return prev;
>> +}
>> +
>> +struct bpf_list_insn *bpf_prepatch_list_insn(struct bpf_list_insn *list_insn,
>> + const struct bpf_insn *patch,
>> + u32 len)
>
> prepatch and patch functions should share the same logic.
>
> Prepend is just that - insert all instructions from buffer before current insns.
> Patch -> replace current one with first instriction in a buffer, then
> prepend remaining ones before the next instruction (so patch should
> call info prepend, with adjusted count and array pointer).
Ack, there indeed has quite a few things to simplify.
>
>> +{
>> + struct bpf_list_insn *prev, *node, *begin_node;
>> + u32 idx;
>> +
>> + if (!len)
>> + return list_insn;
>> +
>> + node = kvzalloc(sizeof(*node), GFP_KERNEL);
>> + if (!node)
>> + return ERR_PTR(-ENOMEM);
>> + node->insn = patch[0];
>> + begin_node = node;
>> + prev = node;
>> +
>> + for (idx = 1; idx < len; idx++) {
>> + node = kvzalloc(sizeof(*node), GFP_KERNEL);
>> + if (!node) {
>> + node = begin_node;
>> + /* Release what's has been allocated. */
>> + while (node) {
>> + struct bpf_list_insn *next = node->next;
>> +
>> + kvfree(node);
>> + node = next;
>> + }
>> + return ERR_PTR(-ENOMEM);
>> + }
>> + node->insn = patch[idx];
>> + prev->next = node;
>> + prev = node;
>> + }
>> +
>> + prev->next = list_insn;
>> + return begin_node;
>> +}
>> +
>> void bpf_prog_kallsyms_del_subprogs(struct bpf_prog *fp)
>> {
>> int i;
>> --
>> 2.7.4
>>
^ permalink raw reply
* Re: Re: linux-next: build failure after merge of the net-next tree
From: Jason Gunthorpe @ 2019-07-11 11:52 UTC (permalink / raw)
To: Bernard Metzler
Cc: Leon Romanovsky, Stephen Rothwell, Doug Ledford, David Miller,
Networking, Linux Next Mailing List, Linux Kernel Mailing List
In-Reply-To: <OF360C0EBE.4A489B94-ON00258434.002B10B7-00258434.002C0536@notes.na.collabserv.com>
On Thu, Jul 11, 2019 at 08:00:49AM +0000, Bernard Metzler wrote:
> That listen will not sleep. The socket is just marked
> listening.
Eh? siw_listen_address() calls siw_cep_alloc() which does:
struct siw_cep *cep = kzalloc(sizeof(*cep), GFP_KERNEL);
Which is sleeping. Many other cases too.
Jason
^ permalink raw reply
* Re: [RFC] virtio-net: share receive_*() and add_recvbuf_*() with virtio-vsock
From: Stefano Garzarella @ 2019-07-11 11:41 UTC (permalink / raw)
To: Jason Wang, Michael S. Tsirkin, Stefan Hajnoczi; +Cc: virtualization, netdev
In-Reply-To: <9574bc38-4c5c-2325-986b-430e4a2b6661@redhat.com>
On Thu, Jul 11, 2019 at 03:37:00PM +0800, Jason Wang wrote:
>
> On 2019/7/10 下午11:37, Stefano Garzarella wrote:
> > Hi,
> > as Jason suggested some months ago, I looked better at the virtio-net driver to
> > understand if we can reuse some parts also in the virtio-vsock driver, since we
> > have similar challenges (mergeable buffers, page allocation, small
> > packets, etc.).
> >
> > Initially, I would add the skbuff in the virtio-vsock in order to re-use
> > receive_*() functions.
>
>
> Yes, that will be a good step.
>
Okay, I'll go on this way.
>
> > Then I would move receive_[small, big, mergeable]() and
> > add_recvbuf_[small, big, mergeable]() outside of virtio-net driver, in order to
> > call them also from virtio-vsock. I need to do some refactoring (e.g. leave the
> > XDP part on the virtio-net driver), but I think it is feasible.
> >
> > The idea is to create a virtio-skb.[h,c] where put these functions and a new
> > object where stores some attributes needed (e.g. hdr_len ) and status (e.g.
> > some fields of struct receive_queue).
>
>
> My understanding is we could be more ambitious here. Do you see any blocker
> for reusing virtio-net directly? It's better to reuse not only the functions
> but also the logic like NAPI to avoid re-inventing something buggy and
> duplicated.
>
These are my concerns:
- virtio-vsock is not a "net_device", so a lot of code related to
ethtool, net devices (MAC address, MTU, speed, VLAN, XDP, offloading) will be
not used by virtio-vsock.
- virtio-vsock has a different header. We can consider it as part of
virtio_net payload, but it precludes the compatibility with old hosts. This
was one of the major doubts that made me think about using only the
send/recv skbuff functions, that it shouldn't break the compatibility.
>
> > This is an idea of virtio-skb.h that
> > I have in mind:
> > struct virtskb;
>
>
> What fields do you want to store in virtskb? It looks to be exist sk_buff is
> flexible enough to us?
My idea is to store queues information, like struct receive_queue or
struct send_queue, and some device attributes (e.g. hdr_len ).
>
>
> >
> > struct sk_buff *virtskb_receive_small(struct virtskb *vs, ...);
> > struct sk_buff *virtskb_receive_big(struct virtskb *vs, ...);
> > struct sk_buff *virtskb_receive_mergeable(struct virtskb *vs, ...);
> >
> > int virtskb_add_recvbuf_small(struct virtskb*vs, ...);
> > int virtskb_add_recvbuf_big(struct virtskb *vs, ...);
> > int virtskb_add_recvbuf_mergeable(struct virtskb *vs, ...);
> >
> > For the Guest->Host path it should be easier, so maybe I can add a
> > "virtskb_send(struct virtskb *vs, struct sk_buff *skb)" with a part of the code
> > of xmit_skb().
>
>
> I may miss something, but I don't see any thing that prevents us from using
> xmit_skb() directly.
>
Yes, but my initial idea was to make it more parametric and not related to the
virtio_net_hdr, so the 'hdr_len' could be a parameter and the
'num_buffers' should be handled by the caller.
>
> >
> > Let me know if you have in mind better names or if I should put these function
> > in another place.
> >
> > I would like to leave the control part completely separate, so, for example,
> > the two drivers will negotiate the features independently and they will call
> > the right virtskb_receive_*() function based on the negotiation.
>
>
> If it's one the issue of negotiation, we can simply change the
> virtnet_probe() to deal with different devices.
>
>
> >
> > I already started to work on it, but before to do more steps and send an RFC
> > patch, I would like to hear your opinion.
> > Do you think that makes sense?
> > Do you see any issue or a better solution?
>
>
> I still think we need to seek a way of adding some codes on virtio-net.c
> directly if there's no huge different in the processing of TX/RX. That would
> save us a lot time.
After the reading of the buffers from the virtqueue I think the process
is slightly different, because virtio-net will interface with the network
stack, while virtio-vsock will interface with the vsock-core (socket).
So the virtio-vsock implements the following:
- control flow mechanism to avoid to loose packets, informing the peer
about the amount of memory available in the receive queue using some
fields in the virtio_vsock_hdr
- de-multiplexing parsing the virtio_vsock_hdr and choosing the right
socket depending on the port
- socket state handling
We can use the virtio-net as transport, but we should add a lot of
code to skip "net device" stuff when it is used by the virtio-vsock.
This could break something in virtio-net, for this reason, I thought to reuse
only the send/recv functions starting from the idea to split the virtio-net
driver in two parts:
a. one with all stuff related to the network stack
b. one with the stuff needed to communicate with the host
And use skbuff to communicate between parts. In this way, virtio-vsock
can use only the b part.
Maybe we can do this split in a better way, but I'm not sure it is
simple.
Thanks,
Stefano
^ permalink raw reply
* Re: [bpf-next v3 01/12] selftests/bpf: Print a message when tester could not run a program
From: Krzesimir Nowak @ 2019-07-11 11:36 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: open list, Alban Crequy, Iago López Galeiras,
Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau, Song Liu,
Yonghong Song, David S. Miller, Jakub Kicinski,
Jesper Dangaard Brouer, John Fastabend, Stanislav Fomichev,
Networking, bpf, xdp-newbies
In-Reply-To: <CAEf4BzYDOyU52wdCinm9cxxvNijpTJgQbCg9UxcO1QKk6vWhNA@mail.gmail.com>
On Thu, Jul 11, 2019 at 1:45 AM Andrii Nakryiko
<andrii.nakryiko@gmail.com> wrote:
>
> On Mon, Jul 8, 2019 at 3:42 PM Krzesimir Nowak <krzesimir@kinvolk.io> wrote:
> >
> > This prints a message when the error is about program type being not
> > supported by the test runner or because of permissions problem. This
> > is to see if the program we expected to run was actually executed.
> >
> > The messages are open-coded because strerror(ENOTSUPP) returns
> > "Unknown error 524".
> >
> > Changes since v2:
> > - Also print "FAIL" on an unexpected bpf_prog_test_run error, so there
> > is a corresponding "FAIL" message for each failed test.
> >
> > Signed-off-by: Krzesimir Nowak <krzesimir@kinvolk.io>
> > ---
> > tools/testing/selftests/bpf/test_verifier.c | 17 +++++++++++++----
> > 1 file changed, 13 insertions(+), 4 deletions(-)
> >
> > diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
> > index c5514daf8865..b8d065623ead 100644
> > --- a/tools/testing/selftests/bpf/test_verifier.c
> > +++ b/tools/testing/selftests/bpf/test_verifier.c
> > @@ -831,11 +831,20 @@ static int do_prog_test_run(int fd_prog, bool unpriv, uint32_t expected_val,
> > tmp, &size_tmp, &retval, NULL);
> > if (unpriv)
> > set_admin(false);
> > - if (err && errno != 524/*ENOTSUPP*/ && errno != EPERM) {
> > - printf("Unexpected bpf_prog_test_run error ");
> > - return err;
> > + if (err) {
> > + switch (errno) {
> > + case 524/*ENOTSUPP*/:
> > + printf("Did not run the program (not supported) ");
> > + return 0;
> > + case EPERM:
> > + printf("Did not run the program (no permission) ");
>
> Let's add "SKIP: " prefix to these?
Not sure about it. The important part of the test (the program being
verified by the kernel's verifier) was still executed, so the test is
not really skipped.
>
> > + return 0;
> > + default:
> > + printf("FAIL: Unexpected bpf_prog_test_run error (%s) ", strerror(saved_errno));
> > + return err;
> > + }
> > }
> > - if (!err && retval != expected_val &&
> > + if (retval != expected_val &&
> > expected_val != POINTER_VALUE) {
> > printf("FAIL retval %d != %d ", retval, expected_val);
> > return 1;
> > --
> > 2.20.1
> >
--
Kinvolk GmbH | Adalbertstr.6a, 10999 Berlin | tel: +491755589364
Geschäftsführer/Directors: Alban Crequy, Chris Kühl, Iago López Galeiras
Registergericht/Court of registration: Amtsgericht Charlottenburg
Registernummer/Registration number: HRB 171414 B
Ust-ID-Nummer/VAT ID number: DE302207000
^ permalink raw reply
* Re: [RFC bpf-next 0/8] bpf: accelerate insn patching speed
From: Jiong Wang @ 2019-07-11 11:22 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: Jiong Wang, Alexei Starovoitov, Daniel Borkmann, Edward Cree,
Naveen N. Rao, Andrii Nakryiko, Jakub Kicinski, bpf, Networking,
oss-drivers
In-Reply-To: <CAEf4BzavePpW-C+zORN1kwSUJAWuJ3LxZ6QGxqaE9msxCq8ZLA@mail.gmail.com>
Andrii Nakryiko writes:
> On Thu, Jul 4, 2019 at 2:31 PM Jiong Wang <jiong.wang@netronome.com> wrote:
>>
>> This is an RFC based on latest bpf-next about acclerating insn patching
>> speed, it is now near the shape of final PATCH set, and we could see the
>> changes migrating to list patching would brings, so send out for
>> comments. Most of the info are in cover letter. I splitted the code in a
>> way to show API migration more easily.
>
>
> Hey Jiong,
>
>
> Sorry, took me a while to get to this and learn more about instruction
> patching. Overall this looks good and I think is a good direction.
> I'll post high-level feedback here, and some more
> implementation-specific ones in corresponding patches.
Great, thanks very much for the feedbacks. Most of your feedbacks are
hitting those pain points I exactly had ran into. For some of them, I
thought similar solutions like yours, but failed due to various
reasons. Let's go through them again, I could have missed some important
things.
Please see my replies below.
>>
>> Test Results
>> ===
>> - Full pass on test_verifier/test_prog/test_prog_32 under all three
>> modes (interpreter, JIT, JIT with blinding).
>>
>> - Benchmarking shows 10 ~ 15x faster on medium sized prog, and reduce
>> patching time from 5100s (nearly one and a half hour) to less than
>> 0.5s for 1M insn patching.
>>
>> Known Issues
>> ===
>> - The following warning is triggered when running scale test which
>> contains 1M insns and patching:
>> warning of mm/page_alloc.c:4639 __alloc_pages_nodemask+0x29e/0x330
>>
>> This is caused by existing code, it can be reproduced on bpf-next
>> master with jit blinding enabled, then run scale unit test, it will
>> shown up after half an hour. After this set, patching is very fast, so
>> it shows up quickly.
>>
>> - No line info adjustment support when doing insn delete, subprog adj
>> is with bug when doing insn delete as well. Generally, removal of insns
>> could possibly cause remove of entire line or subprog, therefore
>> entries of prog->aux->linfo or env->subprog needs to be deleted. I
>> don't have good idea and clean code for integrating this into the
>> linearization code at the moment, will do more experimenting,
>> appreciate ideas and suggestions on this.
>
> Is there any specific problem to detect which line info to delete? Or
> what am I missing besides careful implementation?
Mostly line info and subprog info are range info which covers a range of
insns. Deleting insns could causing you adjusting the range or removing one
range entirely. subprog info could be fully recalcuated during
linearization while line info I need some careful implementation and I
failed to have clean code for this during linearization also as said no
unit tests to help me understand whether the code is correct or not.
I will described this latter, spent too much time writing the following
reply. Might worth an separate discussion thread.
>>
>> Insn delete doesn't happen on normal programs, for example Cilium
>> benchmarks, and happens rarely on test_progs, so the test coverage is
>> not good. That's also why this RFC have a full pass on selftest with
>> this known issue.
>
> I hope you'll add test for deletion (and w/ corresponding line info)
> in final patch set :)
Will try. Need to spend some time on BTF format.
>
>>
>> - Could further use mem pool to accelerate the speed, changes are trivial
>> on top of this RFC, and could be 2x extra faster. Not included in this
>> RFC as reducing the algo complexity from quadratic to linear of insn
>> number is the first step.
>
> Honestly, I think that would add more complexity than necessary, and I
> think we can further speed up performance without that, see below.
>
>>
>> Background
>> ===
>> This RFC aims to accelerate BPF insn patching speed, patching means expand
>> one bpf insn at any offset inside bpf prog into a set of new insns, or
>> remove insns.
>>
>> At the moment, insn patching is quadratic of insn number, this is due to
>> branch targets of jump insns needs to be adjusted, and the algo used is:
>>
>> for insn inside prog
>> patch insn + regeneate bpf prog
>> for insn inside new prog
>> adjust jump target
>>
>> This is causing significant time spending when a bpf prog requires large
>> amount of patching on different insns. Benchmarking shows it could take
>> more than half minutes to finish patching when patching number is more
>> than 50K, and the time spent could be more than one hour when patching
>> number is around 1M.
>>
>> 15000 : 3s
>> 45000 : 29s
>> 95000 : 125s
>> 195000 : 712s
>> 1000000 : 5100s
>>
>> This RFC introduces new patching infrastructure. Before doing insn
>> patching, insns in bpf prog are turned into a singly linked list, insert
>> new insns just insert new list node, delete insns just set delete flag.
>> And finally, the list is linearized back into array, and branch target
>> adjustment is done for all jump insns during linearization. This algo
>> brings the time complexity from quadratic to linear of insn number.
>>
>> Benchmarking shows the new patching infrastructure could be 10 ~ 15x faster
>> on medium sized prog, and for a 1M patching it reduce the time from 5100s
>> to less than 0.5s.
>>
>> Patching API
>> ===
>> Insn patching could happen on two layers inside BPF. One is "core layer"
>> where only BPF insns are patched. The other is "verification layer" where
>> insns have corresponding aux info as well high level subprog info, so
>> insn patching means aux info needs to be patched as well, and subprog info
>> needs to be adjusted. BPF prog also has debug info associated, so line info
>> should always be updated after insn patching.
>>
>> So, list creation, destroy, insert, delete is the same for both layer,
>> but lineration is different. "verification layer" patching require extra
>> work. Therefore the patch APIs are:
>>
>> list creation: bpf_create_list_insn
>> list patch: bpf_patch_list_insn
>> list pre-patch: bpf_prepatch_list_insn
>
> I think pre-patch name is very confusing, until I read full
> description I couldn't understand what it's supposed to be used for.
> Speaking of bpf_patch_list_insn, patch is also generic enough to leave
> me wondering whether instruction buffer is inserted after instruction,
> or instruction is replaced with a bunch of instructions.
>
> So how about two more specific names:
> bpf_patch_list_insn -> bpf_list_insn_replace (meaning replace given
> instruction with a list of patch instructions)
> bpf_prepatch_list_insn -> bpf_list_insn_prepend (well, I think this
> one is pretty clear).
My sense on English word is not great, will switch to above which indeed
reads more clear.
>> list lineration (core layer): prog = bpf_linearize_list_insn(prog, list)
>> list lineration (veri layer): env = verifier_linearize_list_insn(env, list)
>
> These two functions are both quite involved, as well as share a lot of
> common code. I'd rather have one linearize instruction, that takes env
> as an optional parameter. If env is specified (which is the case for
> all cases except for constant blinding pass), then adjust aux_data and
> subprogs along the way.
Two version of lineration and how to unify them was a painpoint to me. I
thought to factor out some of the common code out, but it actually doesn't
count much, the final size counting + insnsi resize parts are the same,
then things start to diverge since the "Copy over insn" loop.
verifier layer needs to copy and initialize aux data etc. And jump
relocation is different. At core layer, the use case is JIT blinding which
could expand an jump_imm insn into a and/or/jump_reg sequence, and the
jump_reg is at the end of the patch buffer, it should be relocated. While
all use case in verifier layer, no jump in the prog will be patched and all
new jumps in patch buffer will jump inside the buffer locally so no need to
resolve.
And yes we could unify them into one and control the diverge using
argument, but then where to place the function is an issue. My
understanding is verifier.c is designed to be on top of core.c and core.c
should not reference and no need to be aware of any verifier specific data
structures, for example env or bpf_aux_insn_data etc.
So, in this RFC, I had choosed to write separate linerization function for
core and verifier layer. Does this make sense?
>
> This would keep logic less duplicated and shouldn't complexity beyond
> few null checks in few places.
>
>> list destroy: bpf_destroy_list_insn
>>
>
> I'd also add a macro foreach_list_insn instead of explicit for loops
> in multiple places. That would also allow to skip deleted instructions
> transparently.
>
>> list patch could change the insn at patch point, it will invalid the aux
>
> typo: invalid -> invalidate
Ack.
>
>> info at patching point. list pre-patch insert new insns before patch point
>> where the insn and associated aux info are not touched, it is used for
>> example in convert_ctx_access when generating prologue.
>>
>> Typical API sequence for one patching pass:
>>
>> struct bpf_list_insn list = bpf_create_list_insn(struct bpf_prog);
>> for (elem = list; elem; elem = elem->next)
>> patch_buf = gen_patch_buf_logic;
>> elem = bpf_patch_list_insn(elem, patch_buf, cnt);
>> bpf_prog = bpf_linearize_list_insn(list)
>> bpf_destroy_list_insn(list)
>>
>> Several patching passes could also share the same list:
>>
>> struct bpf_list_insn list = bpf_create_list_insn(struct bpf_prog);
>> for (elem = list; elem; elem = elem->next)
>> patch_buf = gen_patch_buf_logic1;
>> elem = bpf_patch_list_insn(elem, patch_buf, cnt);
>> for (elem = list; elem; elem = elem->next)
>> patch_buf = gen_patch_buf_logic2;
>> elem = bpf_patch_list_insn(elem, patch_buf, cnt);
>> bpf_prog = bpf_linearize_list_insn(list)
>> bpf_destroy_list_insn(list)
>>
>> but note new inserted insns int early passes won't have aux info except
>> zext info. So, if one patch pass requires all aux info updated and
>> recalculated for all insns including those pathced, it should first
>> linearize the old list, then re-create the list. The RFC always create and
>> linearize the list for each migrated patching pass separately.
>
> I think we should do just one list creation, few passes of patching
> and then linearize once. That will save quite a lot of memory
> allocation and will speed up a lot of things. All the verifier
> patching happens one after the other without any other functionality
> in between, so there shouldn't be any problem.
Yes, as mentioned above, it is possible and I had tried to do it in an very
initial impl. IIRC convert_ctx_access + fixup_bpf_calls could share the
same list, but then the 32-bit zero extension insertion pass requires
aux.zext_dst set properly for all instructions including those patched
one which we need to linearize the list first (as we set zext_dst during
linerization), or the other choice is we do the zext_dst initialization
during bpf_patch_list_insn, but this then make bpf_patch_list_insn diverge
between core and verifier layer.
> As for aux_data. We can solve that even more simply and reliably by
> storing a pointer along the struct bpf_list_insn
This is exactly what I had implemented initially, but then the issue is how
to handle aux_data for patched insn? IIRC I was leave it as a NULL pointer,
but later found zext_dst info is required for all insns, so I end up
duplicating zext_dst in bpf_list_insn.
This leads me worrying we need to keep duplicating fields there as soon as
there is new similar requirements in future patching pass and I thought it
might be better to just reference the aux_data inside env using orig_idx,
this avoids duplicating information, but we need to make sure used fields
inside aux_data for patched insn update-to-date during linearization or
patching list.
> (btw, how about calling it bpf_patchable_insn?).
No preference, will use this one.
> Here's how I propose to represent this patchable instruction:
>
> struct bpf_list_insn {
> struct bpf_insn insn;
> struct bpf_list_insn *next;
> struct bpf_list_insn *target;
> struct bpf_insn_aux_data *aux_data;
> s32 orig_idx; // can repurpose this to have three meanings:
> // -2 - deleted
> // -1 - patched/inserted insn
> // >=0 - original idx
I actually had experimented the -2/-1/0 trick, exactly the same number
assignment :) IIRC the code was not clear compared with using flag, the
reason seems to be:
1. we still need orig_idx of an patched insn somehow, meaning negate the
index.
2. somehow somecode need to know whether one insn is deleted or patched
after the negation, so I end up with some ugly code.
Anyway, I might had not thought hard enough on this, I will retry using the
special index instead of flag, hopefully I could have clean code this time.
> };
>
> The idea would be as follows:
> 1. when creating original list, target pointer will point directly to
> a patchable instruction wrapper for jumps/calls. This will allow to
> stop tracking and re-calculating jump offsets and instruction indicies
> until linearization.
Not sure I have followed the idea of "target" pointer. At the moment we are
using index mapping array (generated as by-product during coping insn).
While the "target" pointer means to during list initialization, each jump
insn will have target initialized to the list node of the converted jump
destination insn, and all those non-jump insns are with NULL? Then during
linearization you assign index to each list node (could be done as
by-product of other pass) before insn coping which could then relocate the
insn during the coping as the "target" would have final index calculated?
Am I following correctly?
> 2. aux_data is also filled at that point. Later at linearization time
> you'd just iterate over all the instructions in final order and copy
> original aux_data, if it's present. And then just repace env's
> aux_data array at the end, should be very simple and fast.
As explained, I am worried making aux_data a pointer will causing
duplicating some fields into list_insn if the fields are required for
patched insns.
> 3. during fix_bpf_calls, zext, ctx rewrite passes, we'll reuse the
> same list of instructions and those passes will just keep inserting
> instruction buffers. Given we have restriction that all the jumps are
> only within patch buffer, it will be trivial to construct proper
> patchable instruction wrappers for newly added instructions, with NULL
> for aux_data and possibly non-NULL target (if it's a JMP insn).
> 4. After those passes, linearize, adjust subprogs (for this you'll
> probably still need to create index mapping, right?), copy or create
> new aux_data.
> 5. Done.
>
> What do you think? I think this should be overall simpler and faster.
> But let me know if I'm missing something.
Thanks for all these thoughts, they are very good suggestions and reminds
me to revisit some points I had forgotten. I will do the following things:
1. retry the negative index solution to eliminate flag if the result code
could be clean.
2. the "target" pointer seems make sense, it makes list_insn bigger but
normally space trade with time, so I will try to implement it to see
how the code looks like.
3. I still have concerns on making aux_data as pointer. Mostly due to
patched insn will have NULL pointer and in case aux info of patched
insn is required, we need to duplicate info inside list_insn. For
example 32-bit zext opt requires zext_dst.
Regards,
Jiong
>>
>> Compared with old patching code, this new infrastructure has much less core
>> code, even though the final code has a couple of extra lines but that is
>> mostly due to for list based infrastructure, we need to do more error
>> checks, so the list and associated aux data structure could be freed when
>> errors happens.
>>
>> Patching Restrictions
>> ===
>> - For core layer, the linearization assume no new jumps inside patch buf.
>> Currently, the only user of this layer is jit blinding.
>> - For verifier layer, there could be new jumps inside patch buf, but
>> they should have branch target resolved themselves, meaning new jumps
>> doesn't jump to insns out of the patch buf. This is the case for all
>> existing verifier layer users.
>> - bpf_insn_aux_data for all patched insns including the one at patch
>> point are invalidated, only 32-bit zext info will be recalcuated.
>> If the aux data of insn at patch point needs to be retained, it is
>> purely insn insertion, so need to use the pre-patch API.
>>
>> I plan to send out a PATCH set once I finished insn deletion line info adj
>> support, please have a looks at this RFC, and appreciate feedbacks.
>>
>> Jiong Wang (8):
>> bpf: introducing list based insn patching infra to core layer
>> bpf: extend list based insn patching infra to verification layer
>> bpf: migrate jit blinding to list patching infra
>> bpf: migrate convert_ctx_accesses to list patching infra
>> bpf: migrate fixup_bpf_calls to list patching infra
>> bpf: migrate zero extension opt to list patching infra
>> bpf: migrate insn remove to list patching infra
>> bpf: delete all those code around old insn patching infrastructure
>>
>> include/linux/bpf_verifier.h | 1 -
>> include/linux/filter.h | 27 +-
>> kernel/bpf/core.c | 431 +++++++++++++++++-----------
>> kernel/bpf/verifier.c | 649 +++++++++++++++++++------------------------
>> 4 files changed, 580 insertions(+), 528 deletions(-)
>>
>> --
>> 2.7.4
>>
^ permalink raw reply
* Re: [PATCH net 2/4] tcp: tcp_fragment() should apply sane memory limits
From: Eric Dumazet @ 2019-07-11 10:18 UTC (permalink / raw)
To: Christoph Paasch, Eric Dumazet
Cc: Prout, Andrew - LLSC - MITLL, David Miller, netdev,
Greg Kroah-Hartman, Jonathan Looney, Neal Cardwell, Tyler Hicks,
Yuchung Cheng, Bruce Curtis, Jonathan Lemon, Dustin Marquess
In-Reply-To: <B600B3AB-559E-44C1-869C-7309DB28850E@gmail.com>
On 7/11/19 9:28 AM, Christoph Paasch wrote:
>
> Would it make sense to always allow the alloc in tcp_fragment when coming from __tcp_retransmit_skb() through the retransmit-timer ?
>
> AFAICS, the crasher was when an attacker sends "fake" SACK-blocks. Thus, we would still be protected from too much fragmentation, but at least would always allow the retransmission to go out.
>
>
I guess this could be done and hopefully something that can be backported without too much pain,
but I am sure some people will complain because reverting to timeouts might still
show regressions :/
^ permalink raw reply
* Re: general protection fault in inet_accept
From: Karsten Graul @ 2019-07-11 10:17 UTC (permalink / raw)
To: syzbot, davem, Ursula Braun, netdev, syzkaller-bugs
In-Reply-To: <0000000000006e1bbe0570bea62e@google.com>
#syz fix: net/smc: propagate file from SMC to TCP socket
On 11/07/2018 21:57, syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: 0026129c8629 rhashtable: add restart routine in rhashtable..
> git tree: net
> console output: https://syzkaller.appspot.com/x/log.txt?x=10ed430c400000
> kernel config: https://syzkaller.appspot.com/x/.config?x=b88de6eac8694da6
> dashboard link: https://syzkaller.appspot.com/bug?extid=2e9616288940d15a6476
> compiler: gcc (GCC) 8.0.1 20180413 (experimental)
>
> Unfortunately, I don't have any reproducer for this crash yet.
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+2e9616288940d15a6476@syzkaller.appspotmail.com
>
> kasan: CONFIG_KASAN_INLINE enabled
> kasan: GPF could be caused by NULL-ptr deref or user memory access
> general protection fault: 0000 [#1] SMP KASAN
> CPU: 1 PID: 27 Comm: kworker/1:1 Not tainted 4.18.0-rc3+ #5
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
> Workqueue: events smc_tcp_listen_work
> RIP: 0010:inet_accept+0xf2/0x9f0 net/ipv4/af_inet.c:734
> Code: 84 d2 74 09 80 fa 03 0f 8e 93 07 00 00 48 8d 78 28 41 c7 46 80 ea ff ff ff 48 ba 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 94 07 00 00 48 b9 00 00 00 00 00 fc ff df 48 8b
> RSP: 0018:ffff8801d94574b0 EFLAGS: 00010206
> RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000005
> RDX: dffffc0000000000 RSI: ffffffff86751b46 RDI: 0000000000000028
> RBP: ffff8801d9457598 R08: ffff8801d9448700 R09: ffffed00367a0f6f
> R10: ffffed00367a0f6f R11: ffff8801b3d07b7b R12: ffff8801b3d07ac0
> R13: ffff8801d94574f0 R14: ffff8801d9457570 R15: 0000000000000000
> FS: 0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 0000001b30220000 CR3: 00000001d711f000 CR4: 00000000001406e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> Call Trace:
> kernel_accept+0x136/0x310 net/socket.c:3251
> smc_clcsock_accept net/smc/af_smc.c:701 [inline]
> smc_tcp_listen_work+0x222/0xef0 net/smc/af_smc.c:1114
> process_one_work+0xc73/0x1ba0 kernel/workqueue.c:2153
> worker_thread+0x189/0x13c0 kernel/workqueue.c:2296
> kthread+0x345/0x410 kernel/kthread.c:240
> ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:412
> Modules linked in:
> Dumping ftrace buffer:
> (ftrace buffer empty)
> ---[ end trace 0d34e5471cc130cb ]---
> RIP: 0010:inet_accept+0xf2/0x9f0 net/ipv4/af_inet.c:734
> Code: 84 d2 74 09 80 fa 03 0f 8e 93 07 00 00 48 8d 78 28 41 c7 46 80 ea ff ff ff 48 ba 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 <80> 3c 11 00 0f 85 94 07 00 00 48 b9 00 00 00 00 00 fc ff df 48 8b
> RSP: 0018:ffff8801d94574b0 EFLAGS: 00010206
> RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000005
> RDX: dffffc0000000000 RSI: ffffffff86751b46 RDI: 0000000000000028
> RBP: ffff8801d9457598 R08: ffff8801d9448700 R09: ffffed00367a0f6f
> R10: ffffed00367a0f6f R11: ffff8801b3d07b7b R12: ffff8801b3d07ac0
> R13: ffff8801d94574f0 R14: ffff8801d9457570 R15: 0000000000000000
> FS: 0000000000000000(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 0000001b30220000 CR3: 0000000008e6a000 CR4: 00000000001406e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
>
>
> ---
> This bug is generated by a bot. It may contain errors.
> See https://goo.gl/tpsmEJ for more information about syzbot.
> syzbot engineers can be reached at syzkaller@googlegroups.com.
>
> syzbot will keep track of this bug report. See:
> https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with syzbot.
>
>
>
--
Karsten
(I'm a dude)
^ permalink raw reply
* Re: [PATCH bpf-next v3 1/6] xsk: replace ndo_xsk_async_xmit with ndo_xsk_wakeup
From: Magnus Karlsson @ 2019-07-11 9:52 UTC (permalink / raw)
To: Daniel Borkmann
Cc: Magnus Karlsson, Björn Töpel, Alexei Starovoitov,
Network Development, Jesper Dangaard Brouer, bpf,
bruce.richardson, ciara.loftus, Jakub Kicinski, Ye Xiaolong,
Zhang, Qi Z, Maxim Mikityanskiy, Samudrala, Sridhar, kevin.laatz,
ilias.apalodimas, Kiran, axboe, Fijalkowski, Maciej,
Maciej Fijalkowski, intel-wired-lan
In-Reply-To: <57e022b7-ac0e-6a9c-5078-c44988fd9fe6@iogearbox.net>
On Tue, Jul 9, 2019 at 1:50 AM Daniel Borkmann <daniel@iogearbox.net> wrote:
>
> On 07/04/2019 02:42 PM, Magnus Karlsson wrote:
> > This commit replaces ndo_xsk_async_xmit with ndo_xsk_wakeup. This new
> > ndo provides the same functionality as before but with the addition of
> > a new flags field that is used to specifiy if Rx, Tx or both should be
> > woken up. The previous ndo only woke up Tx, as implied by the
> > name. The i40e and ixgbe drivers (which are all the supported ones)
> > are updated with this new interface.
> >
> > This new ndo will be used by the new need_wakeup functionality of XDP
> > sockets that need to be able to wake up both Rx and Tx driver
> > processing.
> >
> > Signed-off-by: Magnus Karlsson <magnus.karlsson@intel.com>
> > ---
> > drivers/net/ethernet/intel/i40e/i40e_main.c | 5 +++--
> > drivers/net/ethernet/intel/i40e/i40e_xsk.c | 7 ++++---
> > drivers/net/ethernet/intel/i40e/i40e_xsk.h | 2 +-
> > drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 5 +++--
> > drivers/net/ethernet/intel/ixgbe/ixgbe_txrx_common.h | 2 +-
> > drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 4 ++--
> > drivers/net/ethernet/mellanox/mlx5/core/en/xsk/tx.c | 2 +-
> > drivers/net/ethernet/mellanox/mlx5/core/en/xsk/tx.h | 2 +-
> > drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 +-
> > include/linux/netdevice.h | 14 ++++++++++++--
> > net/xdp/xdp_umem.c | 3 +--
> > net/xdp/xsk.c | 3 ++-
> > 12 files changed, 32 insertions(+), 19 deletions(-)
>
> Looks good, but given driver changes to support the AF_XDP need_wakeup
> feature are quite trivial, is there a reason that you updated mlx5 here
> but not for the actual support such that all three in-tree drivers are
> supported?
It should be easy to add it mlx5 for someone familiar with the driver.
I will send Maxim a mail and see if he can contribute a small patch
adding the support.
Thanks: Magnus
> Thanks,
> Daniel
^ permalink raw reply
* [PATCH 0/2] [RESEND] Fold checksum at the end of bpf_csum_diff and fix
From: Paolo Pisati @ 2019-07-11 9:40 UTC (permalink / raw)
To: --to=Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau,
Song Liu, Yonghong Song, David S . Miller, Shuah Khan,
Jakub Kicinski, Jiong Wang
Cc: netdev, bpf, linux-kselftest, linux-kernel
In-Reply-To: <20190710231439.GD32439@tassilo.jf.intel.com>
From: Paolo Pisati <paolo.pisati@canonical.com>
After applying patch 0001, all checksum implementations i could test (x86-64, arm64 and
arm), now agree on the return value.
Patch 0002 fix the expected return value for test #13: i did the calculation manually,
and it correspond.
Unfortunately, after applying patch 0001, other test cases now fail in
test_verifier:
$ sudo ./tools/testing/selftests/bpf/test_verifier
...
#417/p helper access to variable memory: size = 0 allowed on NULL (ARG_PTR_TO_MEM_OR_NULL) FAIL retval 65535 != 0
#419/p helper access to variable memory: size = 0 allowed on != NULL stack pointer (ARG_PTR_TO_MEM_OR_NULL) FAIL retval 65535 != 0
#423/p helper access to variable memory: size possible = 0 allowed on != NULL packet pointer (ARG_PTR_TO_MEM_OR_NULL) FAIL retval 65535 != 0
...
Summary: 1500 PASSED, 0 SKIPPED, 3 FAILED
And there are probably other fallouts in other selftests - someone familiar
should take a look before applying these patches.
Paolo Pisati (2):
bpf: bpf_csum_diff: fold the checksum before returning the
value
bpf, selftest: fix checksum value for test #13
net/core/filter.c | 2 +-
tools/testing/selftests/bpf/verifier/array_access.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--
2.17.1
^ permalink raw reply
* [PATCH 2/2] bpf, selftest: fix checksum value for test #13
From: Paolo Pisati @ 2019-07-11 9:40 UTC (permalink / raw)
To: --to=Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau,
Song Liu, Yonghong Song, David S . Miller, Shuah Khan,
Jakub Kicinski, Jiong Wang
Cc: netdev, bpf, linux-kselftest, linux-kernel
In-Reply-To: <1562838037-1884-1-git-send-email-p.pisati@gmail.com>
From: Paolo Pisati <paolo.pisati@canonical.com>
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
tools/testing/selftests/bpf/verifier/array_access.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/bpf/verifier/array_access.c b/tools/testing/selftests/bpf/verifier/array_access.c
index bcb83196e459..4698f560d756 100644
--- a/tools/testing/selftests/bpf/verifier/array_access.c
+++ b/tools/testing/selftests/bpf/verifier/array_access.c
@@ -255,7 +255,7 @@
.prog_type = BPF_PROG_TYPE_SCHED_CLS,
.fixup_map_array_ro = { 3 },
.result = ACCEPT,
- .retval = -29,
+ .retval = 28,
},
{
"invalid write map access into a read-only array 1",
--
2.17.1
^ permalink raw reply related
* [PATCH 1/2] bpf: bpf_csum_diff: fold the checksum before returning the value
From: Paolo Pisati @ 2019-07-11 9:40 UTC (permalink / raw)
To: --to=Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau,
Song Liu, Yonghong Song, David S . Miller, Shuah Khan,
Jakub Kicinski, Jiong Wang
Cc: netdev, bpf, linux-kselftest, linux-kernel
In-Reply-To: <1562838037-1884-1-git-send-email-p.pisati@gmail.com>
From: Paolo Pisati <paolo.pisati@canonical.com>
With this change, bpf_csum_diff behave homogeneously among different
checksum calculation code / csum_partial() (tested on x86-64, arm64 and
arm).
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
net/core/filter.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/core/filter.c b/net/core/filter.c
index f615e42cf4ef..8db7f58f1ea1 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -1990,7 +1990,7 @@ BPF_CALL_5(bpf_csum_diff, __be32 *, from, u32, from_size,
for (i = 0; i < to_size / sizeof(__be32); i++, j++)
sp->diff[j] = to[i];
- return csum_partial(sp->diff, diff_size, seed);
+ return csum_fold(csum_partial(sp->diff, diff_size, seed));
}
static const struct bpf_func_proto bpf_csum_diff_proto = {
--
2.17.1
^ permalink raw reply related
* [PATCH 0/2] Fold checksum at the end of bpf_csum_diff and fix
From: Paolo Pisati @ 2019-07-11 9:31 UTC (permalink / raw)
To: --in-reply-to=, Alexei Starovoitov, Daniel Borkmann,
Martin KaFai Lau, Song Liu, Yonghong Song, David S . Miller,
Shuah Khan, Jakub Kicinski, Jiong Wang
Cc: netdev, bpf, linux-kselftest, linux-kernel
From: Paolo Pisati <paolo.pisati@canonical.com>
After applying patch 0001, all checksum implementations i could test (x86-64, arm64 and
arm), now agree on the return value.
Patch 0002 fix the expected return value for test #13: i did the calculation manually,
and it correspond.
Unfortunately, after applying patch 0001, other test cases now fail in
test_verifier:
$ sudo ./tools/testing/selftests/bpf/test_verifier
...
#417/p helper access to variable memory: size = 0 allowed on NULL (ARG_PTR_TO_MEM_OR_NULL) FAIL retval 65535 != 0
#419/p helper access to variable memory: size = 0 allowed on != NULL stack pointer (ARG_PTR_TO_MEM_OR_NULL) FAIL retval 65535 != 0
#423/p helper access to variable memory: size possible = 0 allowed on != NULL packet pointer (ARG_PTR_TO_MEM_OR_NULL) FAIL retval 65535 != 0
...
Summary: 1500 PASSED, 0 SKIPPED, 3 FAILED
And there are probably other fallouts in other selftests - someone familiar
should take a look before applying these patches.
Paolo Pisati (2):
bpf: bpf_csum_diff: fold the checksum before returning the
value
bpf, selftest: fix checksum value for test #13
net/core/filter.c | 2 +-
tools/testing/selftests/bpf/verifier/array_access.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--
2.17.1
^ permalink raw reply
* [PATCH 1/2] bpf: bpf_csum_diff: fold the checksum before returning the value
From: Paolo Pisati @ 2019-07-11 9:31 UTC (permalink / raw)
To: --in-reply-to=, Alexei Starovoitov, Daniel Borkmann,
Martin KaFai Lau, Song Liu, Yonghong Song, David S . Miller,
Shuah Khan, Jakub Kicinski, Jiong Wang
Cc: netdev, bpf, linux-kselftest, linux-kernel
In-Reply-To: <1562837513-745-1-git-send-email-p.pisati@gmail.com>
From: Paolo Pisati <paolo.pisati@canonical.com>
With this change, bpf_csum_diff behave homogeneously among different
checksum calculation code / csum_partial() (tested on x86-64, arm64 and
arm).
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
net/core/filter.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/core/filter.c b/net/core/filter.c
index f615e42cf4ef..8db7f58f1ea1 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -1990,7 +1990,7 @@ BPF_CALL_5(bpf_csum_diff, __be32 *, from, u32, from_size,
for (i = 0; i < to_size / sizeof(__be32); i++, j++)
sp->diff[j] = to[i];
- return csum_partial(sp->diff, diff_size, seed);
+ return csum_fold(csum_partial(sp->diff, diff_size, seed));
}
static const struct bpf_func_proto bpf_csum_diff_proto = {
--
2.17.1
^ permalink raw reply related
* [PATCH 2/2] bpf, selftest: fix checksum value for test #13
From: Paolo Pisati @ 2019-07-11 9:31 UTC (permalink / raw)
To: --in-reply-to=, Alexei Starovoitov, Daniel Borkmann,
Martin KaFai Lau, Song Liu, Yonghong Song, David S . Miller,
Shuah Khan, Jakub Kicinski, Jiong Wang
Cc: netdev, bpf, linux-kselftest, linux-kernel
In-Reply-To: <1562837513-745-1-git-send-email-p.pisati@gmail.com>
From: Paolo Pisati <paolo.pisati@canonical.com>
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
tools/testing/selftests/bpf/verifier/array_access.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/bpf/verifier/array_access.c b/tools/testing/selftests/bpf/verifier/array_access.c
index bcb83196e459..4698f560d756 100644
--- a/tools/testing/selftests/bpf/verifier/array_access.c
+++ b/tools/testing/selftests/bpf/verifier/array_access.c
@@ -255,7 +255,7 @@
.prog_type = BPF_PROG_TYPE_SCHED_CLS,
.fixup_map_array_ro = { 3 },
.result = ACCEPT,
- .retval = -29,
+ .retval = 28,
},
{
"invalid write map access into a read-only array 1",
--
2.17.1
^ permalink raw reply related
* Re: [PATCH net 2/4] tcp: tcp_fragment() should apply sane memory limits
From: Eric Dumazet @ 2019-07-11 9:19 UTC (permalink / raw)
To: Christoph Paasch, Eric Dumazet
Cc: Prout, Andrew - LLSC - MITLL, David Miller, netdev,
Greg Kroah-Hartman, Jonathan Looney, Neal Cardwell, Tyler Hicks,
Yuchung Cheng, Bruce Curtis, Jonathan Lemon, Dustin Marquess
In-Reply-To: <B600B3AB-559E-44C1-869C-7309DB28850E@gmail.com>
On 7/11/19 9:28 AM, Christoph Paasch wrote:
>
>
>> On Jul 10, 2019, at 9:26 PM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
>>
>>
>>
>> On 7/10/19 8:53 PM, Prout, Andrew - LLSC - MITLL wrote:
>>>
>>> Our initial rollout was v4.14.130, but I reproduced it with v4.14.132 as well, reliably for the samba test and once (not reliably) with synthetic test I was trying. A patched v4.14.132 with this patch partially reverted (just the four lines from tcp_fragment deleted) passed the samba test.
>>>
>>> The synthetic test was a pair of simple send/recv test programs under the following conditions:
>>> -The send socket was non-blocking
>>> -SO_SNDBUF set to 128KiB
>>> -The receiver NIC was being flooded with traffic from multiple hosts (to induce packet loss/retransmits)
>>> -Load was on both systems: a while(1) program spinning on each CPU core
>>> -The receiver was on an older unaffected kernel
>>>
>>
>> SO_SNDBUF to 128KB does not permit to recover from heavy losses,
>> since skbs needs to be allocated for retransmits.
>
> Would it make sense to always allow the alloc in tcp_fragment when coming from __tcp_retransmit_skb() through the retransmit-timer ?
4.15+ kernels have :
if (unlikely((sk->sk_wmem_queued >> 1) > sk->sk_sndbuf &&
tcp_queue != TCP_FRAG_IN_WRITE_QUEUE)) {
Meaning that things like TLP will succeed.
Anything we add in TCP stack to overcome the SO_SNDBUF by twice the limit _will_ be exploited at scale.
I am not sure we want to continue to support small SO_SNDBUF values, as this makes no sense today.
We use 64 MB auto tuning limit, and /proc/sys/net/ipv4/tcp_notsent_lowat to 1 MB.
I would rather work (when net-next reopens) on better collapsing at rtx to allow reduction of the overhead.
Something like :
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index f6a9c95a48edb234e4d4e21bf585744fbaf9a0a7..d5c85986209cd162cf39edb787b1385cb2c8b630 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -2860,7 +2860,7 @@ static int __net_init tcp_sk_init(struct net *net)
net->ipv4.sysctl_tcp_early_retrans = 3;
net->ipv4.sysctl_tcp_recovery = TCP_RACK_LOSS_DETECTION;
net->ipv4.sysctl_tcp_slow_start_after_idle = 1; /* By default, RFC2861 behavior. */
- net->ipv4.sysctl_tcp_retrans_collapse = 1;
+ net->ipv4.sysctl_tcp_retrans_collapse = 3;
net->ipv4.sysctl_tcp_max_reordering = 300;
net->ipv4.sysctl_tcp_dsack = 1;
net->ipv4.sysctl_tcp_app_win = 31;
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index d61264cf89ef66b229ecf797c1abfb7fcdab009f..05cd264f98b084f62eaf2ef9d6e14a392670d02c 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -3015,8 +3015,6 @@ static bool tcp_collapse_retrans(struct sock *sk, struct sk_buff *skb)
next_skb_size = next_skb->len;
- BUG_ON(tcp_skb_pcount(skb) != 1 || tcp_skb_pcount(next_skb) != 1);
-
if (next_skb_size) {
if (next_skb_size <= skb_availroom(skb))
skb_copy_bits(next_skb, 0, skb_put(skb, next_skb_size),
@@ -3054,8 +3052,6 @@ static bool tcp_collapse_retrans(struct sock *sk, struct sk_buff *skb)
/* Check if coalescing SKBs is legal. */
static bool tcp_can_collapse(const struct sock *sk, const struct sk_buff *skb)
{
- if (tcp_skb_pcount(skb) > 1)
- return false;
if (skb_cloned(skb))
return false;
/* Some heuristics for collapsing over SACK'd could be invented */
@@ -3114,7 +3110,7 @@ int __tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb, int segs)
struct inet_connection_sock *icsk = inet_csk(sk);
struct tcp_sock *tp = tcp_sk(sk);
unsigned int cur_mss;
- int diff, len, err;
+ int diff, len, maxlen, err;
/* Inconclusive MTU probe */
@@ -3165,12 +3161,13 @@ int __tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb, int segs)
return -ENOMEM;
diff = tcp_skb_pcount(skb);
+ maxlen = (sock_net(sk)->ipv4.sysctl_tcp_retrans_collapse & 2) ? len : cur_mss;
+ if (skb->len < maxlen)
+ tcp_retrans_try_collapse(sk, skb, maxlen);
tcp_set_skb_tso_segs(skb, cur_mss);
diff -= tcp_skb_pcount(skb);
if (diff)
tcp_adjust_pcount(sk, skb, diff);
- if (skb->len < cur_mss)
- tcp_retrans_try_collapse(sk, skb, cur_mss);
}
/* RFC3168, section 6.1.1.1. ECN fallback */
^ permalink raw reply related
* Re: [PATCH net-next] net/mlx5e: Provide cb_list pointer when setting up tc block on rep
From: Vlad Buslov @ 2019-07-11 9:13 UTC (permalink / raw)
To: wenxu
Cc: Vlad Buslov, netdev@vger.kernel.org, jhs@mojatatu.com,
xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net,
pablo@netfilter.org, Saeed Mahameed
In-Reply-To: <6465040c-d22f-f4b6-0232-11ff4af81753@ucloud.cn>
On Thu 11 Jul 2019 at 03:35, wenxu <wenxu@ucloud.cn> wrote:
> 在 2019/7/11 2:25, Vlad Buslov 写道:
>> Recent refactoring of tc block offloads infrastructure introduced new
>> flow_block_cb_setup_simple() method intended to be used as unified way for
>> all drivers to register offload callbacks. However, commit that actually
>> extended all users (drivers) with block cb list and provided it to
>> flow_block infra missed mlx5 en_rep. This leads to following NULL-pointer
>> dereference when creating Qdisc:
>>
>> [ 278.385175] BUG: kernel NULL pointer dereference, address: 0000000000000000
>> [ 278.393233] #PF: supervisor read access in kernel mode
>> [ 278.399446] #PF: error_code(0x0000) - not-present page
>> [ 278.405847] PGD 8000000850e73067 P4D 8000000850e73067 PUD 8620cd067 PMD 0
>> [ 278.414141] Oops: 0000 [#1] SMP PTI
>> [ 278.419019] CPU: 7 PID: 3369 Comm: tc Not tainted 5.2.0-rc6+ #492
>> [ 278.426580] Hardware name: Supermicro SYS-2028TP-DECR/X10DRT-P, BIOS 2.0b 03/30/2017
>> [ 278.435853] RIP: 0010:flow_block_cb_setup_simple+0xc4/0x190
>> [ 278.442953] Code: 10 48 89 42 08 48 89 10 48 b8 00 01 00 00 00 00 ad de 49 89 00 48 05 00 01 00 00 49 89 40 08 31 c0 c3 b8 a1 ff ff ff c3 f3 c3 <48> 8b 06 48 39 c6 75 0a eb 1a 48 8b 00 48 39 c6 74 12
>> 48 3b 50 28
>> [ 278.464829] RSP: 0018:ffffaf07c3f97990 EFLAGS: 00010246
>> [ 278.471648] RAX: 0000000000000000 RBX: ffff9b43ed4c7680 RCX: ffff9b43d5f80840
>> [ 278.480408] RDX: ffffffffc0491650 RSI: 0000000000000000 RDI: ffffaf07c3f97998
>> [ 278.489110] RBP: ffff9b43ddff9000 R08: ffff9b43d5f80840 R09: 0000000000000001
>> [ 278.497838] R10: 0000000000000009 R11: 00000000000003ad R12: ffffaf07c3f97c08
>> [ 278.506595] R13: ffff9b43d5f80000 R14: ffff9b43ed4c7680 R15: ffff9b43dfa20b40
>> [ 278.515374] FS: 00007f796be1b400(0000) GS:ffff9b43ef840000(0000) knlGS:0000000000000000
>> [ 278.525099] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>> [ 278.532453] CR2: 0000000000000000 CR3: 0000000840398002 CR4: 00000000001606e0
>> [ 278.541197] Call Trace:
>> [ 278.545252] tcf_block_offload_cmd.isra.52+0x7e/0xb0
>> [ 278.551871] tcf_block_get_ext+0x365/0x3e0
>> [ 278.557569] qdisc_create+0x15c/0x4e0
>> [ 278.562859] ? kmem_cache_alloc_trace+0x1a2/0x1c0
>> [ 278.569235] tc_modify_qdisc+0x1c8/0x780
>> [ 278.574761] rtnetlink_rcv_msg+0x291/0x340
>> [ 278.580518] ? _cond_resched+0x15/0x40
>> [ 278.585856] ? rtnl_calcit.isra.29+0x120/0x120
>> [ 278.591868] netlink_rcv_skb+0x4a/0x110
>> [ 278.597198] netlink_unicast+0x1a0/0x250
>> [ 278.602601] netlink_sendmsg+0x2c1/0x3c0
>> [ 278.608022] sock_sendmsg+0x5b/0x60
>> [ 278.612969] ___sys_sendmsg+0x289/0x310
>> [ 278.618231] ? do_wp_page+0x99/0x730
>> [ 278.623216] ? page_add_new_anon_rmap+0xbe/0x140
>> [ 278.629298] ? __handle_mm_fault+0xc84/0x1360
>> [ 278.635113] ? __sys_sendmsg+0x5e/0xa0
>> [ 278.640285] __sys_sendmsg+0x5e/0xa0
>> [ 278.645239] do_syscall_64+0x5b/0x1b0
>> [ 278.650274] entry_SYSCALL_64_after_hwframe+0x44/0xa9
>> [ 278.656697] RIP: 0033:0x7f796abdeb87
>> [ 278.661628] Code: 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 80 00 00 00 00 8b 05 6a 2b 2c 00 48 63 d2 48 63 ff 85 c0 75 18 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 59 f3 c3 0f 1f 80 00 00 00 00 53
>> 48 89 f3 48
>> [ 278.683248] RSP: 002b:00007ffde213ba48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
>> [ 278.692245] RAX: ffffffffffffffda RBX: 000000005d261e6f RCX: 00007f796abdeb87
>> [ 278.700862] RDX: 0000000000000000 RSI: 00007ffde213bab0 RDI: 0000000000000003
>> [ 278.709527] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000006
>> [ 278.718167] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001
>> [ 278.726743] R13: 000000000067b580 R14: 0000000000000000 R15: 0000000000000000
>> [ 278.735302] Modules linked in: dummy vxlan ip6_udp_tunnel udp_tunnel sch_ingress nfsv3 nfs_acl nfs lockd grace fscache bridge stp llc sunrpc mlx5_ib ib_uverbs intel_rapl ib_core sb_edac x86_pkg_temp_
>> thermal intel_powerclamp coretemp kvm_intel kvm mlx5_core irqbypass crct10dif_pclmul crc32_pclmul crc32c_intel igb ghash_clmulni_intel ses mei_me enclosure mlxfw ipmi_ssif intel_cstate iTCO_wdt ptp mei
>> pps_core iTCO_vendor_support pcspkr joydev intel_uncore i2c_i801 ipmi_si lpc_ich intel_rapl_perf ioatdma wmi dca pcc_cpufreq ipmi_devintf ipmi_msghandler acpi_power_meter acpi_pad ast i2c_algo_bit drm_k
>> ms_helper ttm drm mpt3sas raid_class scsi_transport_sas
>> [ 278.802263] CR2: 0000000000000000
>> [ 278.807170] ---[ end trace b1f0a442a279e66f ]---
>>
>> Extend en_rep with new static mlx5e_rep_block_cb_list list and pass it to
>> flow_block_cb_setup_simple() function instead of hardcoded NULL pointer.
>>
>> Fixes: 955bcb6ea0df ("drivers: net: use flow block API")
>> Signed-off-by: Vlad Buslov <vladbu@mellanox.com>
>> ---
>> drivers/net/ethernet/mellanox/mlx5/core/en_rep.c | 5 ++++-
>> 1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_rep.c b/drivers/net/ethernet/mellanox/mlx5/core/en_rep.c
>> index 10ef90a7bddd..7245d287633d 100644
>> --- a/drivers/net/ethernet/mellanox/mlx5/core/en_rep.c
>> +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_rep.c
>> @@ -1175,6 +1175,8 @@ static int mlx5e_rep_setup_tc_cb(enum tc_setup_type type, void *type_data,
>> }
>> }
>>
>> +static LIST_HEAD(mlx5e_rep_block_cb_list);
>> +
>
> I think it is not necessary needs a extra LIST_HEAD, the early mlx5e_block_cb_list is ok
>
> The early patch http://patchwork.ozlabs.org/patch/1130439/ is enough.
Yes, but in that case we will mix mlx5e_rep_setup_tc_cb rep callback and
mlx5e_rep_indr_setup_block_cb indirect callback in single list. I might
be missing something, but I don't see why we would want that.
>
>> static int mlx5e_rep_setup_tc(struct net_device *dev, enum tc_setup_type type,
>> void *type_data)
>> {
>> @@ -1182,7 +1184,8 @@ static int mlx5e_rep_setup_tc(struct net_device *dev, enum tc_setup_type type,
>>
>> switch (type) {
>> case TC_SETUP_BLOCK:
>> - return flow_block_cb_setup_simple(type_data, NULL,
>> + return flow_block_cb_setup_simple(type_data,
>> + &mlx5e_rep_block_cb_list,
>> mlx5e_rep_setup_tc_cb,
>> priv, priv, true);
>> default:
^ permalink raw reply
* [PATCH v3 bpf] selftests/bpf: do not ignore clang failures
From: Ilya Leoshkevich @ 2019-07-11 9:12 UTC (permalink / raw)
To: bpf, netdev; +Cc: andrii.nakryiko, daniel, liu.song.a23, Ilya Leoshkevich
When compiling an eBPF prog fails, make still returns 0, because
failing clang command's output is piped to llc and therefore its
exit status is ignored.
When clang fails, pipe the string "clang failed" to llc. This will make
llc fail with an informative error message. This solution was chosen
over using pipefail, having separate targets or getting rid of llc
invocation due to its simplicity.
In addition, pull Kbuild.include in order to get .DELETE_ON_ERROR target,
which would cause partial .o files to be removed.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
---
v1->v2: use intermediate targets instead of pipefail
v2->v3: pipe "clang failed" instead of using intermediate targets
tools/testing/selftests/bpf/Makefile | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile
index e36356e2377e..e375f399b7a6 100644
--- a/tools/testing/selftests/bpf/Makefile
+++ b/tools/testing/selftests/bpf/Makefile
@@ -1,4 +1,5 @@
# SPDX-License-Identifier: GPL-2.0
+include ../../../../scripts/Kbuild.include
LIBDIR := ../../../lib
BPFDIR := $(LIBDIR)/bpf
@@ -185,8 +186,8 @@ $(ALU32_BUILD_DIR)/test_progs_32: prog_tests/*.c
$(ALU32_BUILD_DIR)/%.o: progs/%.c $(ALU32_BUILD_DIR) \
$(ALU32_BUILD_DIR)/test_progs_32
- $(CLANG) $(CLANG_FLAGS) \
- -O2 -target bpf -emit-llvm -c $< -o - | \
+ ($(CLANG) $(CLANG_FLAGS) -O2 -target bpf -emit-llvm -c $< -o - || \
+ echo "clang failed") | \
$(LLC) -march=bpf -mattr=+alu32 -mcpu=$(CPU) $(LLC_FLAGS) \
-filetype=obj -o $@
ifeq ($(DWARF2BTF),y)
@@ -197,16 +198,16 @@ endif
# Have one program compiled without "-target bpf" to test whether libbpf loads
# it successfully
$(OUTPUT)/test_xdp.o: progs/test_xdp.c
- $(CLANG) $(CLANG_FLAGS) \
- -O2 -emit-llvm -c $< -o - | \
+ ($(CLANG) $(CLANG_FLAGS) -O2 -emit-llvm -c $< -o - || \
+ echo "clang failed") | \
$(LLC) -march=bpf -mcpu=$(CPU) $(LLC_FLAGS) -filetype=obj -o $@
ifeq ($(DWARF2BTF),y)
$(BTF_PAHOLE) -J $@
endif
$(OUTPUT)/%.o: progs/%.c
- $(CLANG) $(CLANG_FLAGS) \
- -O2 -target bpf -emit-llvm -c $< -o - | \
+ ($(CLANG) $(CLANG_FLAGS) -O2 -target bpf -emit-llvm -c $< -o - || \
+ echo "clang failed") | \
$(LLC) -march=bpf -mcpu=$(CPU) $(LLC_FLAGS) -filetype=obj -o $@
ifeq ($(DWARF2BTF),y)
$(BTF_PAHOLE) -J $@
--
2.21.0
^ permalink raw reply related
* [PATCH net-next iproute2 v2 3/3] tc: flower: Add matching on conntrack info
From: Paul Blakey @ 2019-07-11 8:14 UTC (permalink / raw)
To: Jiri Pirko, Paul Blakey, Roi Dayan, Yossi Kuperman, Oz Shlomo,
Marcelo Ricardo Leitner, netdev, David Miller, Aaron Conole,
Zhike Wang
Cc: Rony Efraim, nst-kernel, John Hurley, Simon Horman, Justin Pettit
In-Reply-To: <1562832867-32347-1-git-send-email-paulb@mellanox.com>
Matches on conntrack state, zone, mark, and label.
Signed-off-by: Paul Blakey <paulb@mellanox.com>
Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: Yossi Kuperman <yossiku@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Acked-by: Roi Dayan <roid@mellanox.com>
---
man/man8/tc-flower.8 | 35 +++++++
tc/f_flower.c | 276 ++++++++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 310 insertions(+), 1 deletion(-)
diff --git a/man/man8/tc-flower.8 b/man/man8/tc-flower.8
index adff41e..04ee194 100644
--- a/man/man8/tc-flower.8
+++ b/man/man8/tc-flower.8
@@ -289,6 +289,41 @@ bits is assumed.
.TQ
.BI enc_ttl " NUMBER"
.TQ
+.BR
+.TP
+.BI ct_state " CT_STATE"
+.TQ
+.BI ct_zone " CT_MASKED_ZONE"
+.TQ
+.BI ct_mark " CT_MASKED_MARK"
+.TQ
+.BI ct_label " CT_MASKED_LABEL"
+Matches on connection tracking info
+.RS
+.TP
+.I CT_STATE
+Match the connection state, and can ne combination of [{+|-}flag] flags, where flag can be one of
+.RS
+.TP
+trk - Tracked connection.
+.TP
+new - New connection.
+.TP
+est - Established connection.
+.TP
+Example: +trk+est
+.RE
+.TP
+.I CT_MASKED_ZONE
+Match the connection zone, and can be masked.
+.TP
+.I CT_MASKED_MARK
+32bit match on the connection mark, and can be masked.
+.TP
+.I CT_MASKED_LABEL
+128bit match on the connection label, and can be masked.
+.RE
+.TP
.BI geneve_opts " OPTIONS"
Match on IP tunnel metadata. Key id
.I NUMBER
diff --git a/tc/f_flower.c b/tc/f_flower.c
index 70d40d3..a2a2301 100644
--- a/tc/f_flower.c
+++ b/tc/f_flower.c
@@ -82,9 +82,14 @@ static void explain(void)
" enc_ttl MASKED-IP_TTL |\n"
" geneve_opts MASKED-OPTIONS |\n"
" ip_flags IP-FLAGS | \n"
- " enc_dst_port [ port_number ] }\n"
+ " enc_dst_port [ port_number ] |\n"
+ " ct_state MASKED_CT_STATE |\n"
+ " ct_label MASKED_CT_LABEL |\n"
+ " ct_mark MASKED_CT_MARK |\n"
+ " ct_zone MASKED_CT_ZONE }\n"
" FILTERID := X:Y:Z\n"
" MASKED_LLADDR := { LLADDR | LLADDR/MASK | LLADDR/BITS }\n"
+ " MASKED_CT_STATE := combination of {+|-} and flags trk,est,new\n"
" ACTION-SPEC := ... look at individual actions\n"
"\n"
"NOTE: CLASSID, IP-PROTO are parsed as hexadecimal input.\n"
@@ -214,6 +219,159 @@ static int flower_parse_matching_flags(char *str,
return 0;
}
+static int flower_parse_u16(char *str, int value_type, int mask_type,
+ struct nlmsghdr *n)
+{
+ __u16 value, mask;
+ char *slash;
+
+ slash = strchr(str, '/');
+ if (slash)
+ *slash = '\0';
+
+ if (get_u16(&value, str, 0))
+ return -1;
+
+ if (slash) {
+ if (get_u16(&mask, slash + 1, 0))
+ return -1;
+ } else {
+ mask = UINT16_MAX;
+ }
+
+ addattr16(n, MAX_MSG, value_type, value);
+ addattr16(n, MAX_MSG, mask_type, mask);
+
+ return 0;
+}
+
+static int flower_parse_u32(char *str, int value_type, int mask_type,
+ struct nlmsghdr *n)
+{
+ __u32 value, mask;
+ char *slash;
+
+ slash = strchr(str, '/');
+ if (slash)
+ *slash = '\0';
+
+ if (get_u32(&value, str, 0))
+ return -1;
+
+ if (slash) {
+ if (get_u32(&mask, slash + 1, 0))
+ return -1;
+ } else {
+ mask = UINT32_MAX;
+ }
+
+ addattr32(n, MAX_MSG, value_type, value);
+ addattr32(n, MAX_MSG, mask_type, mask);
+
+ return 0;
+}
+
+static int flower_parse_ct_mark(char *str, struct nlmsghdr *n)
+{
+ return flower_parse_u32(str,
+ TCA_FLOWER_KEY_CT_MARK,
+ TCA_FLOWER_KEY_CT_MARK_MASK,
+ n);
+}
+
+static int flower_parse_ct_zone(char *str, struct nlmsghdr *n)
+{
+ return flower_parse_u16(str,
+ TCA_FLOWER_KEY_CT_ZONE,
+ TCA_FLOWER_KEY_CT_ZONE_MASK,
+ n);
+}
+
+static int flower_parse_ct_labels(char *str, struct nlmsghdr *n)
+{
+#define LABELS_SIZE 16
+ uint8_t labels[LABELS_SIZE], lmask[LABELS_SIZE];
+ char *slash, *mask = NULL;
+ size_t slen, slen_mask = 0;
+
+ slash = index(str, '/');
+ if (slash) {
+ *slash = 0;
+ mask = slash + 1;
+ slen_mask = strlen(mask);
+ }
+
+ slen = strlen(str);
+ if (slen > LABELS_SIZE * 2 || slen_mask > LABELS_SIZE * 2) {
+ char errmsg[128];
+
+ snprintf(errmsg, sizeof(errmsg),
+ "%zd Max allowed size %d",
+ slen, LABELS_SIZE*2);
+ invarg(errmsg, str);
+ }
+
+ if (hex2mem(str, labels, slen / 2) < 0)
+ invarg("labels must be a hex string\n", str);
+ addattr_l(n, MAX_MSG, TCA_FLOWER_KEY_CT_LABELS, labels, slen / 2);
+
+ if (mask) {
+ if (hex2mem(mask, lmask, slen_mask / 2) < 0)
+ invarg("labels mask must be a hex string\n", mask);
+ } else {
+ memset(lmask, 0xff, sizeof(lmask));
+ slen_mask = sizeof(lmask) * 2;
+ }
+ addattr_l(n, MAX_MSG, TCA_FLOWER_KEY_CT_LABELS_MASK, lmask,
+ slen_mask / 2);
+
+ return 0;
+}
+
+static struct flower_ct_states {
+ char *str;
+ int flag;
+} flower_ct_states[] = {
+ { "trk", TCA_FLOWER_KEY_CT_FLAGS_TRACKED },
+ { "new", TCA_FLOWER_KEY_CT_FLAGS_NEW },
+ { "est", TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED },
+};
+
+static int flower_parse_ct_state(char *str, struct nlmsghdr *n)
+{
+ int flags = 0, mask = 0, len, i;
+ bool p;
+
+ while (*str != '\0') {
+ if (*str == '+')
+ p = true;
+ else if (*str == '-')
+ p = false;
+ else
+ return -1;
+
+ for (i = 0; i < ARRAY_SIZE(flower_ct_states); i++) {
+ len = strlen(flower_ct_states[i].str);
+ if (strncmp(str + 1, flower_ct_states[i].str, len))
+ continue;
+
+ if (p)
+ flags |= flower_ct_states[i].flag;
+ mask |= flower_ct_states[i].flag;
+ break;
+ }
+
+ if (i == ARRAY_SIZE(flower_ct_states))
+ return -1;
+
+ str += len + 1;
+ }
+
+ addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CT_STATE, flags);
+ addattr16(n, MAX_MSG, TCA_FLOWER_KEY_CT_STATE_MASK, mask);
+ return 0;
+}
+
static int flower_parse_ip_proto(char *str, __be16 eth_type, int type,
__u8 *p_ip_proto, struct nlmsghdr *n)
{
@@ -898,6 +1056,34 @@ static int flower_parse_opt(struct filter_util *qu, char *handle,
flags |= TCA_CLS_FLAGS_SKIP_HW;
} else if (matches(*argv, "skip_sw") == 0) {
flags |= TCA_CLS_FLAGS_SKIP_SW;
+ } else if (matches(*argv, "ct_state") == 0) {
+ NEXT_ARG();
+ ret = flower_parse_ct_state(*argv, n);
+ if (ret < 0) {
+ fprintf(stderr, "Illegal \"ct_state\"\n");
+ return -1;
+ }
+ } else if (matches(*argv, "ct_zone") == 0) {
+ NEXT_ARG();
+ ret = flower_parse_ct_zone(*argv, n);
+ if (ret < 0) {
+ fprintf(stderr, "Illegal \"ct_zone\"\n");
+ return -1;
+ }
+ } else if (matches(*argv, "ct_mark") == 0) {
+ NEXT_ARG();
+ ret = flower_parse_ct_mark(*argv, n);
+ if (ret < 0) {
+ fprintf(stderr, "Illegal \"ct_mark\"\n");
+ return -1;
+ }
+ } else if (matches(*argv, "ct_label") == 0) {
+ NEXT_ARG();
+ ret = flower_parse_ct_labels(*argv, n);
+ if (ret < 0) {
+ fprintf(stderr, "Illegal \"ct_label\"\n");
+ return -1;
+ }
} else if (matches(*argv, "indev") == 0) {
NEXT_ARG();
if (check_ifname(*argv))
@@ -1590,6 +1776,85 @@ static void flower_print_tcp_flags(const char *name, struct rtattr *flags_attr,
print_string(PRINT_ANY, name, namefrm, out);
}
+static void flower_print_ct_state(struct rtattr *flags_attr,
+ struct rtattr *mask_attr)
+{
+ SPRINT_BUF(out);
+ uint16_t state;
+ uint16_t state_mask;
+ size_t done = 0;
+ int i;
+
+ if (!flags_attr)
+ return;
+
+ state = rta_getattr_u16(flags_attr);
+ if (mask_attr)
+ state_mask = rta_getattr_u16(mask_attr);
+ else
+ state_mask = UINT16_MAX;
+
+ for (i = 0; i < ARRAY_SIZE(flower_ct_states); i++) {
+ if (!(state_mask & flower_ct_states[i].flag))
+ continue;
+
+ if (state & flower_ct_states[i].flag)
+ done += sprintf(out + done, "+%s",
+ flower_ct_states[i].str);
+ else
+ done += sprintf(out + done, "-%s",
+ flower_ct_states[i].str);
+ }
+
+ print_string(PRINT_ANY, "ct_state", "\n ct_state %s", out);
+}
+
+static void flower_print_ct_label(struct rtattr *attr,
+ struct rtattr *mask_attr)
+{
+ const unsigned char *str;
+ bool print_mask = false;
+ int data_len, i;
+ SPRINT_BUF(out);
+ char *p;
+
+ if (!attr)
+ return;
+
+ data_len = RTA_PAYLOAD(attr);
+ hexstring_n2a(RTA_DATA(attr), data_len, out, sizeof(out));
+ p = out + data_len*2;
+
+ data_len = RTA_PAYLOAD(attr);
+ str = RTA_DATA(mask_attr);
+ if (data_len != 16)
+ print_mask = true;
+ for (i = 0; !print_mask && i < data_len; i++) {
+ if (str[i] != 0xff)
+ print_mask = true;
+ }
+ if (print_mask) {
+ *p++ = '/';
+ hexstring_n2a(RTA_DATA(mask_attr), data_len, p,
+ sizeof(out)-(p-out));
+ p += data_len*2;
+ }
+ *p = '\0';
+
+ print_string(PRINT_ANY, "ct_label", "\n ct_label %s", out);
+}
+
+static void flower_print_ct_zone(struct rtattr *attr,
+ struct rtattr *mask_attr)
+{
+ print_masked_u16("ct_zone", attr, mask_attr);
+}
+
+static void flower_print_ct_mark(struct rtattr *attr,
+ struct rtattr *mask_attr)
+{
+ print_masked_u32("ct_mark", attr, mask_attr);
+}
static void flower_print_key_id(const char *name, struct rtattr *attr)
{
@@ -1949,6 +2214,15 @@ static int flower_print_opt(struct filter_util *qu, FILE *f,
tb[TCA_FLOWER_KEY_FLAGS],
tb[TCA_FLOWER_KEY_FLAGS_MASK]);
+ flower_print_ct_state(tb[TCA_FLOWER_KEY_CT_STATE],
+ tb[TCA_FLOWER_KEY_CT_STATE_MASK]);
+ flower_print_ct_zone(tb[TCA_FLOWER_KEY_CT_ZONE],
+ tb[TCA_FLOWER_KEY_CT_ZONE_MASK]);
+ flower_print_ct_mark(tb[TCA_FLOWER_KEY_CT_MARK],
+ tb[TCA_FLOWER_KEY_CT_MARK_MASK]);
+ flower_print_ct_label(tb[TCA_FLOWER_KEY_CT_LABELS],
+ tb[TCA_FLOWER_KEY_CT_LABELS_MASK]);
+
close_json_object();
if (tb[TCA_FLOWER_FLAGS]) {
--
1.8.3.1
^ permalink raw reply related
* [PATCH net-next iproute2 v2 2/3] tc: Introduce tc ct action
From: Paul Blakey @ 2019-07-11 8:14 UTC (permalink / raw)
To: Jiri Pirko, Paul Blakey, Roi Dayan, Yossi Kuperman, Oz Shlomo,
Marcelo Ricardo Leitner, netdev, David Miller, Aaron Conole,
Zhike Wang
Cc: Rony Efraim, nst-kernel, John Hurley, Simon Horman, Justin Pettit
In-Reply-To: <1562832867-32347-1-git-send-email-paulb@mellanox.com>
New tc action to send packets to conntrack module, commit
them, and set a zone, labels, mark, and nat on the connection.
It can also clear the packet's conntrack state by using clear.
Usage:
ct clear
ct commit [force] [zone] [mark] [label] [nat]
ct [nat] [zone]
Signed-off-by: Paul Blakey <paulb@mellanox.com>
Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: Yossi Kuperman <yossiku@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Acked-by: Roi Dayan <roid@mellanox.com>
---
include/uapi/linux/tc_act/tc_ct.h | 41 ++++
tc/Makefile | 1 +
tc/m_ct.c | 497 ++++++++++++++++++++++++++++++++++++++
tc/tc_util.c | 44 ++++
tc/tc_util.h | 4 +
5 files changed, 587 insertions(+)
create mode 100644 include/uapi/linux/tc_act/tc_ct.h
create mode 100644 tc/m_ct.c
diff --git a/include/uapi/linux/tc_act/tc_ct.h b/include/uapi/linux/tc_act/tc_ct.h
new file mode 100644
index 0000000..5fb1d7a
--- /dev/null
+++ b/include/uapi/linux/tc_act/tc_ct.h
@@ -0,0 +1,41 @@
+/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
+#ifndef __UAPI_TC_CT_H
+#define __UAPI_TC_CT_H
+
+#include <linux/types.h>
+#include <linux/pkt_cls.h>
+
+enum {
+ TCA_CT_UNSPEC,
+ TCA_CT_PARMS,
+ TCA_CT_TM,
+ TCA_CT_ACTION, /* u16 */
+ TCA_CT_ZONE, /* u16 */
+ TCA_CT_MARK, /* u32 */
+ TCA_CT_MARK_MASK, /* u32 */
+ TCA_CT_LABELS, /* u128 */
+ TCA_CT_LABELS_MASK, /* u128 */
+ TCA_CT_NAT_IPV4_MIN, /* be32 */
+ TCA_CT_NAT_IPV4_MAX, /* be32 */
+ TCA_CT_NAT_IPV6_MIN, /* struct in6_addr */
+ TCA_CT_NAT_IPV6_MAX, /* struct in6_addr */
+ TCA_CT_NAT_PORT_MIN, /* be16 */
+ TCA_CT_NAT_PORT_MAX, /* be16 */
+ TCA_CT_PAD,
+ __TCA_CT_MAX
+};
+
+#define TCA_CT_MAX (__TCA_CT_MAX - 1)
+
+#define TCA_CT_ACT_COMMIT (1 << 0)
+#define TCA_CT_ACT_FORCE (1 << 1)
+#define TCA_CT_ACT_CLEAR (1 << 2)
+#define TCA_CT_ACT_NAT (1 << 3)
+#define TCA_CT_ACT_NAT_SRC (1 << 4)
+#define TCA_CT_ACT_NAT_DST (1 << 5)
+
+struct tc_ct {
+ tc_gen;
+};
+
+#endif /* __UAPI_TC_CT_H */
diff --git a/tc/Makefile b/tc/Makefile
index 09ff369..14171a2 100644
--- a/tc/Makefile
+++ b/tc/Makefile
@@ -53,6 +53,7 @@ TCMODULES += m_ctinfo.o
TCMODULES += m_bpf.o
TCMODULES += m_tunnel_key.o
TCMODULES += m_sample.o
+TCMODULES += m_ct.o
TCMODULES += p_ip.o
TCMODULES += p_ip6.o
TCMODULES += p_icmp.o
diff --git a/tc/m_ct.c b/tc/m_ct.c
new file mode 100644
index 0000000..8589cb9
--- /dev/null
+++ b/tc/m_ct.c
@@ -0,0 +1,497 @@
+// SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB
+/* -
+ * m_ct.c Connection tracking action
+ *
+ * Authors: Paul Blakey <paulb@mellanox.com>
+ * Yossi Kuperman <yossiku@mellanox.com>
+ * Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include "utils.h"
+#include "tc_util.h"
+#include <linux/tc_act/tc_ct.h>
+
+static void
+usage(void)
+{
+ fprintf(stderr,
+ "Usage: ct clear\n"
+ " ct commit [force] [zone ZONE] [mark MASKED_MARK] [label MASKED_LABEL] [nat NAT_SPEC]\n"
+ " ct [nat] [zone ZONE]\n"
+ "Where: ZONE is the conntrack zone table number\n"
+ " NAT_SPEC is {src|dst} addr addr1[-addr2] [port port1[-port2]]\n"
+ "\n");
+ exit(-1);
+}
+
+static int ct_parse_nat_addr_range(const char *str, struct nlmsghdr *n)
+{
+ inet_prefix addr = { .family = AF_UNSPEC, };
+ char *addr1, *addr2 = 0;
+ SPRINT_BUF(buffer);
+ int attr;
+ int ret;
+
+ strncpy(buffer, str, sizeof(buffer) - 1);
+
+ addr1 = buffer;
+ addr2 = strchr(addr1, '-');
+ if (addr2) {
+ *addr2 = '\0';
+ addr2++;
+ }
+
+ ret = get_addr(&addr, addr1, AF_UNSPEC);
+ if (ret)
+ return ret;
+ attr = addr.family == AF_INET ? TCA_CT_NAT_IPV4_MIN :
+ TCA_CT_NAT_IPV6_MIN;
+ addattr_l(n, MAX_MSG, attr, addr.data, addr.bytelen);
+
+ if (addr2) {
+ ret = get_addr(&addr, addr2, addr.family);
+ if (ret)
+ return ret;
+ }
+ attr = addr.family == AF_INET ? TCA_CT_NAT_IPV4_MAX :
+ TCA_CT_NAT_IPV6_MAX;
+ addattr_l(n, MAX_MSG, attr, addr.data, addr.bytelen);
+
+ return 0;
+}
+
+static int ct_parse_nat_port_range(const char *str, struct nlmsghdr *n)
+{
+ char *port1, *port2 = 0;
+ SPRINT_BUF(buffer);
+ __be16 port;
+ int ret;
+
+ strncpy(buffer, str, sizeof(buffer) - 1);
+
+ port1 = buffer;
+ port2 = strchr(port1, '-');
+ if (port2) {
+ *port2 = '\0';
+ port2++;
+ }
+
+ ret = get_be16(&port, port1, 10);
+ if (ret)
+ return -1;
+ addattr16(n, MAX_MSG, TCA_CT_NAT_PORT_MIN, port);
+
+ if (port2) {
+ ret = get_be16(&port, port2, 10);
+ if (ret)
+ return -1;
+ }
+ addattr16(n, MAX_MSG, TCA_CT_NAT_PORT_MAX, port);
+
+ return 0;
+}
+
+
+static int ct_parse_u16(char *str, int value_type, int mask_type,
+ struct nlmsghdr *n)
+{
+ __u16 value, mask;
+ char *slash = 0;
+
+ if (mask_type != TCA_CT_UNSPEC) {
+ slash = strchr(str, '/');
+ if (slash)
+ *slash = '\0';
+ }
+
+ if (get_u16(&value, str, 0))
+ return -1;
+
+ if (slash) {
+ if (get_u16(&mask, slash + 1, 0))
+ return -1;
+ } else {
+ mask = UINT16_MAX;
+ }
+
+ addattr16(n, MAX_MSG, value_type, value);
+ if (mask_type != TCA_CT_UNSPEC)
+ addattr16(n, MAX_MSG, mask_type, mask);
+
+ return 0;
+}
+
+static int ct_parse_u32(char *str, int value_type, int mask_type,
+ struct nlmsghdr *n)
+{
+ __u32 value, mask;
+ char *slash;
+
+ slash = strchr(str, '/');
+ if (slash)
+ *slash = '\0';
+
+ if (get_u32(&value, str, 0))
+ return -1;
+
+ if (slash) {
+ if (get_u32(&mask, slash + 1, 0))
+ return -1;
+ } else {
+ mask = UINT32_MAX;
+ }
+
+ addattr32(n, MAX_MSG, value_type, value);
+ addattr32(n, MAX_MSG, mask_type, mask);
+
+ return 0;
+}
+
+static int ct_parse_mark(char *str, struct nlmsghdr *n)
+{
+ return ct_parse_u32(str, TCA_CT_MARK, TCA_CT_MARK_MASK, n);
+}
+
+static int ct_parse_labels(char *str, struct nlmsghdr *n)
+{
+#define LABELS_SIZE 16
+ uint8_t labels[LABELS_SIZE], lmask[LABELS_SIZE];
+ char *slash, *mask = NULL;
+ size_t slen, slen_mask = 0;
+
+ slash = index(str, '/');
+ if (slash) {
+ *slash = 0;
+ mask = slash+1;
+ slen_mask = strlen(mask);
+ }
+
+ slen = strlen(str);
+ if (slen > LABELS_SIZE*2 || slen_mask > LABELS_SIZE*2) {
+ char errmsg[128];
+
+ snprintf(errmsg, sizeof(errmsg),
+ "%zd Max allowed size %d",
+ slen, LABELS_SIZE*2);
+ invarg(errmsg, str);
+ }
+
+ if (hex2mem(str, labels, slen/2) < 0)
+ invarg("ct: labels must be a hex string\n", str);
+ addattr_l(n, MAX_MSG, TCA_CT_LABELS, labels, slen/2);
+
+ if (mask) {
+ if (hex2mem(mask, lmask, slen_mask/2) < 0)
+ invarg("ct: labels mask must be a hex string\n", mask);
+ } else {
+ memset(lmask, 0xff, sizeof(lmask));
+ slen_mask = sizeof(lmask)*2;
+ }
+ addattr_l(n, MAX_MSG, TCA_CT_LABELS_MASK, lmask, slen_mask/2);
+
+ return 0;
+}
+
+static int
+parse_ct(struct action_util *a, int *argc_p, char ***argv_p, int tca_id,
+ struct nlmsghdr *n)
+{
+ struct tc_ct sel = {};
+ char **argv = *argv_p;
+ struct rtattr *tail;
+ int argc = *argc_p;
+ int ct_action = 0;
+ int ret;
+
+ tail = addattr_nest(n, MAX_MSG, tca_id);
+
+ if (argc && matches(*argv, "ct") == 0)
+ NEXT_ARG_FWD();
+
+ while (argc > 0) {
+ if (matches(*argv, "zone") == 0) {
+ NEXT_ARG();
+
+ if (ct_parse_u16(*argv,
+ TCA_CT_ZONE, TCA_CT_UNSPEC, n)) {
+ fprintf(stderr, "ct: Illegal \"zone\"\n");
+ return -1;
+ }
+ } else if (matches(*argv, "nat") == 0) {
+ ct_action |= TCA_CT_ACT_NAT;
+
+ NEXT_ARG();
+ if (matches(*argv, "src") == 0)
+ ct_action |= TCA_CT_ACT_NAT_SRC;
+ else if (matches(*argv, "dst") == 0)
+ ct_action |= TCA_CT_ACT_NAT_DST;
+ else
+ continue;
+
+ NEXT_ARG();
+ if (matches(*argv, "addr") != 0)
+ usage();
+
+ NEXT_ARG();
+ ret = ct_parse_nat_addr_range(*argv, n);
+ if (ret) {
+ fprintf(stderr, "ct: Illegal nat address range\n");
+ return -1;
+ }
+
+ NEXT_ARG_FWD();
+ if (matches(*argv, "port") != 0)
+ continue;
+
+ NEXT_ARG();
+ ret = ct_parse_nat_port_range(*argv, n);
+ if (ret) {
+ fprintf(stderr, "ct: Illegal nat port range\n");
+ return -1;
+ }
+ } else if (matches(*argv, "clear") == 0) {
+ ct_action |= TCA_CT_ACT_CLEAR;
+ } else if (matches(*argv, "commit") == 0) {
+ ct_action |= TCA_CT_ACT_COMMIT;
+ } else if (matches(*argv, "force") == 0) {
+ ct_action |= TCA_CT_ACT_FORCE;
+ } else if (matches(*argv, "index") == 0) {
+ NEXT_ARG();
+ if (get_u32(&sel.index, *argv, 10)) {
+ fprintf(stderr, "ct: Illegal \"index\"\n");
+ return -1;
+ }
+ } else if (matches(*argv, "mark") == 0) {
+ NEXT_ARG();
+
+ ret = ct_parse_mark(*argv, n);
+ if (ret) {
+ fprintf(stderr, "ct: Illegal \"mark\"\n");
+ return -1;
+ }
+ } else if (matches(*argv, "label") == 0) {
+ NEXT_ARG();
+
+ ret = ct_parse_labels(*argv, n);
+ if (ret) {
+ fprintf(stderr, "ct: Illegal \"label\"\n");
+ return -1;
+ }
+ } else if (matches(*argv, "help") == 0) {
+ usage();
+ } else {
+ break;
+ }
+ NEXT_ARG_FWD();
+ }
+
+ if (ct_action & TCA_CT_ACT_CLEAR &&
+ ct_action & ~TCA_CT_ACT_CLEAR) {
+ fprintf(stderr, "ct: clear can only be used alone\n");
+ return -1;
+ }
+
+ if (ct_action & TCA_CT_ACT_NAT_SRC &&
+ ct_action & TCA_CT_ACT_NAT_DST) {
+ fprintf(stderr, "ct: src and dst nat can't be used together\n");
+ return -1;
+ }
+
+ if ((ct_action & TCA_CT_ACT_COMMIT) &&
+ (ct_action & TCA_CT_ACT_NAT) &&
+ !(ct_action & (TCA_CT_ACT_NAT_SRC | TCA_CT_ACT_NAT_DST))) {
+ fprintf(stderr, "ct: commit and nat must set src or dst\n");
+ return -1;
+ }
+
+ if (!(ct_action & TCA_CT_ACT_COMMIT) &&
+ (ct_action & (TCA_CT_ACT_NAT_SRC | TCA_CT_ACT_NAT_DST))) {
+ fprintf(stderr, "ct: src or dst is only valid if commit is set\n");
+ return -1;
+ }
+
+ parse_action_control_dflt(&argc, &argv, &sel.action, false,
+ TC_ACT_PIPE);
+ NEXT_ARG_FWD();
+
+ addattr16(n, MAX_MSG, TCA_CT_ACTION, ct_action);
+ addattr_l(n, MAX_MSG, TCA_CT_PARMS, &sel, sizeof(sel));
+ addattr_nest_end(n, tail);
+
+ *argc_p = argc;
+ *argv_p = argv;
+ return 0;
+}
+
+static int ct_sprint_port(char *buf, const char *prefix, struct rtattr *attr)
+{
+ if (!attr)
+ return 0;
+
+ return sprintf(buf, "%s%d", prefix, rta_getattr_be16(attr));
+}
+
+static int ct_sprint_ip_addr(char *buf, const char *prefix,
+ struct rtattr *attr)
+{
+ int family;
+ size_t len;
+
+ if (!attr)
+ return 0;
+
+ len = RTA_PAYLOAD(attr);
+
+ if (len == 4)
+ family = AF_INET;
+ else if (len == 16)
+ family = AF_INET6;
+ else
+ return 0;
+
+ return sprintf(buf, "%s%s", prefix, rt_addr_n2a_rta(family, attr));
+}
+
+static void ct_print_nat(int ct_action, struct rtattr **tb)
+{
+ size_t done = 0;
+ char out[256] = "";
+ bool nat;
+
+ if (!(ct_action & TCA_CT_ACT_NAT))
+ return;
+
+ if (ct_action & TCA_CT_ACT_NAT_SRC) {
+ nat = true;
+ done += sprintf(out + done, "src");
+ } else if (ct_action & TCA_CT_ACT_NAT_DST) {
+ nat = true;
+ done += sprintf(out + done, "dst");
+ }
+
+ if (nat) {
+ done += ct_sprint_ip_addr(out + done, " addr ",
+ tb[TCA_CT_NAT_IPV4_MIN]);
+ done += ct_sprint_ip_addr(out + done, " addr ",
+ tb[TCA_CT_NAT_IPV6_MIN]);
+ if (tb[TCA_CT_NAT_IPV4_MAX] &&
+ memcmp(RTA_DATA(tb[TCA_CT_NAT_IPV4_MIN]),
+ RTA_DATA(tb[TCA_CT_NAT_IPV4_MAX]), 4))
+ done += ct_sprint_ip_addr(out + done, "-",
+ tb[TCA_CT_NAT_IPV4_MAX]);
+ else if (tb[TCA_CT_NAT_IPV6_MAX] &&
+ memcmp(RTA_DATA(tb[TCA_CT_NAT_IPV6_MIN]),
+ RTA_DATA(tb[TCA_CT_NAT_IPV6_MAX]), 16))
+ done += ct_sprint_ip_addr(out + done, "-",
+ tb[TCA_CT_NAT_IPV6_MAX]);
+ done += ct_sprint_port(out + done, " port ",
+ tb[TCA_CT_NAT_PORT_MIN]);
+ if (tb[TCA_CT_NAT_PORT_MAX] &&
+ memcmp(RTA_DATA(tb[TCA_CT_NAT_PORT_MIN]),
+ RTA_DATA(tb[TCA_CT_NAT_PORT_MAX]), 2))
+ done += ct_sprint_port(out + done, "-",
+ tb[TCA_CT_NAT_PORT_MAX]);
+ }
+
+ if (done)
+ print_string(PRINT_ANY, "nat", " nat %s", out);
+ else
+ print_string(PRINT_ANY, "nat", " nat", "");
+}
+
+static void ct_print_labels(struct rtattr *attr,
+ struct rtattr *mask_attr)
+{
+ const unsigned char *str;
+ bool print_mask = false;
+ char out[256], *p;
+ int data_len, i;
+
+ if (!attr)
+ return;
+
+ data_len = RTA_PAYLOAD(attr);
+ hexstring_n2a(RTA_DATA(attr), data_len, out, sizeof(out));
+ p = out + data_len*2;
+
+ data_len = RTA_PAYLOAD(attr);
+ str = RTA_DATA(mask_attr);
+ if (data_len != 16)
+ print_mask = true;
+ for (i = 0; !print_mask && i < data_len; i++) {
+ if (str[i] != 0xff)
+ print_mask = true;
+ }
+ if (print_mask) {
+ *p++ = '/';
+ hexstring_n2a(RTA_DATA(mask_attr), data_len, p,
+ sizeof(out)-(p-out));
+ p += data_len*2;
+ }
+ *p = '\0';
+
+ print_string(PRINT_ANY, "label", " label %s", out);
+}
+
+static int print_ct(struct action_util *au, FILE *f, struct rtattr *arg)
+{
+ struct rtattr *tb[TCA_CT_MAX + 1];
+ const char *commit;
+ struct tc_ct *p;
+ int ct_action = 0;
+
+ if (arg == NULL)
+ return -1;
+
+ parse_rtattr_nested(tb, TCA_CT_MAX, arg);
+ if (tb[TCA_CT_PARMS] == NULL) {
+ print_string(PRINT_FP, NULL, "%s", "[NULL ct parameters]");
+ return -1;
+ }
+
+ p = RTA_DATA(tb[TCA_CT_PARMS]);
+
+ print_string(PRINT_ANY, "kind", "%s", "ct");
+
+ if (tb[TCA_CT_ACTION])
+ ct_action = rta_getattr_u16(tb[TCA_CT_ACTION]);
+ if (ct_action & TCA_CT_ACT_COMMIT) {
+ commit = ct_action & TCA_CT_ACT_FORCE ?
+ "commit force" : "commit";
+ print_string(PRINT_ANY, "action", " %s", commit);
+ } else if (ct_action & TCA_CT_ACT_CLEAR) {
+ print_string(PRINT_ANY, "action", " %s", "clear");
+ }
+
+ print_masked_u32("mark", tb[TCA_CT_MARK], tb[TCA_CT_MARK_MASK]);
+ print_masked_u16("zone", tb[TCA_CT_ZONE], NULL);
+ ct_print_labels(tb[TCA_CT_LABELS], tb[TCA_CT_LABELS_MASK]);
+ ct_print_nat(ct_action, tb);
+
+ print_action_control(f, " ", p->action, "");
+
+ print_uint(PRINT_ANY, "index", "\n\t index %u", p->index);
+ print_int(PRINT_ANY, "ref", " ref %d", p->refcnt);
+ print_int(PRINT_ANY, "bind", " bind %d", p->bindcnt);
+
+ if (show_stats) {
+ if (tb[TCA_CT_TM]) {
+ struct tcf_t *tm = RTA_DATA(tb[TCA_CT_TM]);
+
+ print_tm(f, tm);
+ }
+ }
+ print_string(PRINT_FP, NULL, "%s", "\n ");
+
+ return 0;
+}
+
+struct action_util ct_action_util = {
+ .id = "ct",
+ .parse_aopt = parse_ct,
+ .print_aopt = print_ct,
+};
diff --git a/tc/tc_util.c b/tc/tc_util.c
index 53d15e0..8e461ba 100644
--- a/tc/tc_util.c
+++ b/tc/tc_util.c
@@ -913,3 +913,47 @@ compat_xstats:
if (tb[TCA_XSTATS] && xstats)
*xstats = tb[TCA_XSTATS];
}
+
+void print_masked_u32(const char *name, struct rtattr *attr,
+ struct rtattr *mask_attr)
+{
+ __u32 value, mask;
+ SPRINT_BUF(namefrm);
+ SPRINT_BUF(out);
+ size_t done;
+
+ if (!attr)
+ return;
+
+ value = rta_getattr_u32(attr);
+ mask = mask_attr ? rta_getattr_u32(mask_attr) : UINT32_MAX;
+
+ done = sprintf(out, "%u", value);
+ if (mask != UINT32_MAX)
+ sprintf(out + done, "/0x%x", mask);
+
+ sprintf(namefrm, " %s %%s", name);
+ print_string(PRINT_ANY, name, namefrm, out);
+}
+
+void print_masked_u16(const char *name, struct rtattr *attr,
+ struct rtattr *mask_attr)
+{
+ __u16 value, mask;
+ SPRINT_BUF(namefrm);
+ SPRINT_BUF(out);
+ size_t done;
+
+ if (!attr)
+ return;
+
+ value = rta_getattr_u16(attr);
+ mask = mask_attr ? rta_getattr_u16(mask_attr) : UINT16_MAX;
+
+ done = sprintf(out, "%u", value);
+ if (mask != UINT16_MAX)
+ sprintf(out + done, "/0x%x", mask);
+
+ sprintf(namefrm, " %s %%s", name);
+ print_string(PRINT_ANY, name, namefrm, out);
+}
diff --git a/tc/tc_util.h b/tc/tc_util.h
index eb4b60d..0c3425a 100644
--- a/tc/tc_util.h
+++ b/tc/tc_util.h
@@ -127,4 +127,8 @@ int action_a2n(char *arg, int *result, bool allow_num);
bool tc_qdisc_block_exists(__u32 block_index);
+void print_masked_u32(const char *name, struct rtattr *attr,
+ struct rtattr *mask_attr);
+void print_masked_u16(const char *name, struct rtattr *attr,
+ struct rtattr *mask_attr);
#endif
--
1.8.3.1
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox