Commit 708852dc authored by Jakub Kicinski's avatar Jakub Kicinski
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 

Daniel Borkmann says:

====================
The following pull-request contains BPF updates for your *net-next* tree.

There is a small merge conflict in libbpf (Cc Andrii so he's in the loop
as well):

        for (i = 1; i <= btf__get_nr_types(btf); i++) {
                t = (struct btf_type *)btf__type_by_id(btf, i);

                if (!has_datasec && btf_is_var(t)) {
                        /* replace VAR with INT */
                        t->info = BTF_INFO_ENC(BTF_KIND_INT, 0, 0);
  <<<<<<< HEAD
                        /*
                         * using size = 1 is the safest choice, 4 will be too
                         * big and cause kernel BTF validation failure if
                         * original variable took less than 4 bytes
                         */
                        t->size = 1;
                        *(int *)(t+1) = BTF_INT_ENC(0, 0, 8);
                } else if (!has_datasec && kind == BTF_KIND_DATASEC) {
  =======
                        t->size = sizeof(int);
                        *(int *)(t + 1) = BTF_INT_ENC(0, 0, 32);
                } else if (!has_datasec && btf_is_datasec(t)) {
  >>>>>>> 72ef80b5
                        /* replace DATASEC with STRUCT */

Conflict is between the two commits 1d4126c4 ("libbpf: sanitize VAR to
conservative 1-byte INT") and b03bc685 ("libbpf: convert libbpf code to
use new btf helpers"), so we need to pick the sanitation fixup as well as
use the new btf_is_datasec() helper and the whitespace cleanup. Looks like
the following:

  [...]
                if (!has_datasec && btf_is_var(t)) {
                        /* replace VAR with INT */
                        t->info = BTF_INFO_ENC(BTF_KIND_INT, 0, 0);
                        /*
                         * using size = 1 is the safest choice, 4 will be too
                         * big and cause kernel BTF validation failure if
                         * original variable took less than 4 bytes
                         */
                        t->size = 1;
                        *(int *)(t + 1) = BTF_INT_ENC(0, 0, 8);
                } else if (!has_datasec && btf_is_datasec(t)) {
                        /* replace DATASEC with STRUCT */
  [...]

The main changes are:

1) Addition of core parts of compile once - run everywhere (co-re) effort,
   that is, relocation of fields offsets in libbpf as well as exposure of
   kernel's own BTF via sysfs and loading through libbpf, from Andrii.

   More info on co-re: http://vger.kernel.org/bpfconf2019.html#session-2
   and http://vger.kernel.org/lpc-bpf2018.html#session-2



2) Enable passing input flags to the BPF flow dissector to customize parsing
   and allowing it to stop early similar to the C based one, from Stanislav.

3) Add a BPF helper function that allows generating SYN cookies from XDP and
   tc BPF, from Petar.

4) Add devmap hash-based map type for more flexibility in device lookup for
   redirects, from Toke.

5) Improvements to XDP forwarding sample code now utilizing recently enabled
   devmap lookups, from Jesper.

6) Add support for reporting the effective cgroup progs in bpftool, from Jakub
   and Takshak.

7) Fix reading kernel config from bpftool via /proc/config.gz, from Peter.

8) Fix AF_XDP umem pages mapping for 32 bit architectures, from Ivan.

9) Follow-up to add two more BPF loop tests for the selftest suite, from Alexei.

10) Add perf event output helper also for other skb-based program types, from Allan.

11) Fix a co-re related compilation error in selftests, from Yonghong.
====================

Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
parents a9a96760 72ef80b5

Documentation/ABI/testing/sysfs-kernel-btf

0 → 100644
+17 −0
Original line number Diff line number Diff line 
What:		/sys/kernel/btf

Date:		Aug 2019

KernelVersion:	5.5

Contact:	bpf@vger.kernel.org

Description:

		Contains BTF type information and related data for kernel and

		kernel modules.



What:		/sys/kernel/btf/vmlinux

Date:		Aug 2019

KernelVersion:	5.5

Contact:	bpf@vger.kernel.org

Description:

		Read-only binary attribute exposing kernel's own BTF type

		information with description of all internal kernel types. See

		Documentation/bpf/btf.rst for detailed description of format

		itself.

Documentation/bpf/prog_flow_dissector.rst

+18 −0
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ The inputs are: 
  * ``nhoff`` - initial offset of the networking header

  * ``thoff`` - initial offset of the transport header, initialized to nhoff

  * ``n_proto`` - L3 protocol type, parsed out of L2 header

  * ``flags`` - optional flags



Flow dissector BPF program should fill out the rest of the ``struct

bpf_flow_keys`` fields. Input arguments ``nhoff/thoff/n_proto`` should be
@@ -101,6 +102,23 @@ can be called for both cases and would have to be written carefully to 
handle both cases.





Flags

=====



``flow_keys->flags`` might contain optional input flags that work as follows:



* ``BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG`` - tells BPF flow dissector to

  continue parsing first fragment; the default expected behavior is that

  flow dissector returns as soon as it finds out that the packet is fragmented;

  used by ``eth_get_headlen`` to estimate length of all headers for GRO.

* ``BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL`` - tells BPF flow dissector to

  stop parsing as soon as it reaches IPv6 flow label; used by

  ``___skb_get_hash`` and ``__skb_get_hash_symmetric`` to get flow hash.

* ``BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP`` - tells BPF flow dissector to stop

  parsing as soon as it reaches encapsulated headers; used by routing

  infrastructure.





Reference Implementation

========================

include/linux/bpf.h

+4 −7
Original line number Diff line number Diff line
@@ -713,7 +713,7 @@ struct xdp_buff; 
struct sk_buff;



struct bpf_dtab_netdev *__dev_map_lookup_elem(struct bpf_map *map, u32 key);

void __dev_map_insert_ctx(struct bpf_map *map, u32 index);

struct bpf_dtab_netdev *__dev_map_hash_lookup_elem(struct bpf_map *map, u32 key);

void __dev_map_flush(struct bpf_map *map);

int dev_map_enqueue(struct bpf_dtab_netdev *dst, struct xdp_buff *xdp,

		    struct net_device *dev_rx);
@@ -721,7 +721,6 @@ int dev_map_generic_redirect(struct bpf_dtab_netdev *dst, struct sk_buff *skb, 
			     struct bpf_prog *xdp_prog);



struct bpf_cpu_map_entry *__cpu_map_lookup_elem(struct bpf_map *map, u32 key);

void __cpu_map_insert_ctx(struct bpf_map *map, u32 index);

void __cpu_map_flush(struct bpf_map *map);

int cpu_map_enqueue(struct bpf_cpu_map_entry *rcpu, struct xdp_buff *xdp,

		    struct net_device *dev_rx);
@@ -801,8 +800,10 @@ static inline struct net_device *__dev_map_lookup_elem(struct bpf_map *map, 
	return NULL;

}



static inline void __dev_map_insert_ctx(struct bpf_map *map, u32 index)

static inline struct net_device  *__dev_map_hash_lookup_elem(struct bpf_map *map,

							     u32 key)

{

	return NULL;

}



static inline void __dev_map_flush(struct bpf_map *map)
@@ -834,10 +835,6 @@ struct bpf_cpu_map_entry *__cpu_map_lookup_elem(struct bpf_map *map, u32 key) 
	return NULL;

}



static inline void __cpu_map_insert_ctx(struct bpf_map *map, u32 index)

{

}



static inline void __cpu_map_flush(struct bpf_map *map)

{

}

include/linux/bpf_types.h

+1 −0
Original line number Diff line number Diff line
@@ -62,6 +62,7 @@ BPF_MAP_TYPE(BPF_MAP_TYPE_ARRAY_OF_MAPS, array_of_maps_map_ops) 
BPF_MAP_TYPE(BPF_MAP_TYPE_HASH_OF_MAPS, htab_of_maps_map_ops)

#ifdef CONFIG_NET

BPF_MAP_TYPE(BPF_MAP_TYPE_DEVMAP, dev_map_ops)

BPF_MAP_TYPE(BPF_MAP_TYPE_DEVMAP_HASH, dev_map_hash_ops)

BPF_MAP_TYPE(BPF_MAP_TYPE_SK_STORAGE, sk_storage_map_ops)

#if defined(CONFIG_BPF_STREAM_PARSER)

BPF_MAP_TYPE(BPF_MAP_TYPE_SOCKMAP, sock_map_ops)

include/linux/skbuff.h

+1 −1
Original line number Diff line number Diff line
@@ -1271,7 +1271,7 @@ static inline int skb_flow_dissector_bpf_prog_detach(const union bpf_attr *attr) 


struct bpf_flow_dissector;

bool bpf_flow_dissect(struct bpf_prog *prog, struct bpf_flow_dissector *ctx,

		      __be16 proto, int nhoff, int hlen);

		      __be16 proto, int nhoff, int hlen, unsigned int flags);



bool __skb_flow_dissect(const struct net *net,

			const struct sk_buff *skb,

CRA Git | Maintained and supported by SUSTech CRA and CCSE