From: David Ahern <dsahern@gmail.com>
To: Jesper Dangaard Brouer <jbrouer@redhat.com>
Cc: "Toke Høiland-Jørgensen" <toke@redhat.com>,
"Jakub Kicinski" <kuba@kernel.org>,
"David Ahern" <dsahern@kernel.org>,
netdev@vger.kernel.org, prashantbhole.linux@gmail.com,
jasowang@redhat.com, davem@davemloft.net, mst@redhat.com,
toshiaki.makita1@gmail.com, daniel@iogearbox.net,
john.fastabend@gmail.com, ast@kernel.org, kafai@fb.com,
songliubraving@fb.com, yhs@fb.com, andriin@fb.com,
"David Ahern" <dahern@digitalocean.com>
Subject: Re: [PATCH bpf-next 03/12] net: Add IFLA_XDP_EGRESS for XDP programs in the egress path
Date: Sun, 26 Jan 2020 09:38:30 -0700 [thread overview]
Message-ID: <5290f2dd-ade6-ce0f-bf01-0872d4cfe14f@gmail.com> (raw)
In-Reply-To: <20200126134933.2514b2ab@carbon>
On 1/26/20 5:49 AM, Jesper Dangaard Brouer wrote:
>> This has
>> been discussed before as a need (e.g, Toke's reference above), and I am
>> trying to get this initial support done.
>>
>> I very much wanted to avoid copy-paste-modify for the entire XDP API for
>> this. For the most part XDP means ebpf at the NIC driver / hardware
>> level (obviously with the exception of generic mode). The goal is
>> tempered with the need for the verifier to reject rx entries in the
>> xdp_md context. Hence the reason for use of an attach_type - existing
>> infrastructure to test and reject the accesses.
>>
>> That said, Martin's comment throws a wrench in the goal: if the existing
>> code does not enforce expected_attach_type then that option can not be
>> used in which case I guess I have to go with a new program type
>> (BPF_PROG_TYPE_XDP_EGRESS) which takes a new context (xdp_egress_md),
>> has different return codes, etc.
>
> Taking about return codes. Does XDP the return codes make sense for
> this EGRESS hook? (if thinking about this being egress on the real NIC).
>
> E.g. XDP_REDIRECT would have to be supported, which is interesting, but
> also have implications (like looping packets).
>
> E.g. what is the semantics/action of XDP_TX return code?
This has been discussed. XDP_TX in the EGRESS path could arguably be
equal to XDP_PASS.
>
> E.g. I'm considering adding a XDP_CONGESTED return code that can cause
> backpressure towards qdisc layer.
>
> Also think about that if this EGRESS hook uses standard prog type for
> XDP (BPF_PROG_TYPE_XDP), then we need to convert xdp_frame to xdp_buff
> (and also convert SKBs to xdp_buff).
Why? What about the patch set requires that change to be done to have
support for EGRESS path?
>
> Are we sure that reusing the same bpf prog type is the right choice?
>
Martin's comment about existing checking on the expected attach type is
the only reason I have seen so far to not have the same program type.
Looking at the helpers for use in XDP programs do you believe any of
those should not be allowed with EGRESS programs? Do you have any reason
to think that existing XDP capabilities should be prohibited or
different for EGRESS? As mentioned earlier the attach type can be used
to have the verifier handle small context differences (and restrict
helpers if needed).
next prev parent reply other threads:[~2020-01-26 16:38 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-23 1:41 [PATCH bpf-next 00/12] Add support for XDP in egress path David Ahern
2020-01-23 1:41 ` [PATCH bpf-next 01/12] net: Add new XDP setup and query commands David Ahern
2020-01-23 1:42 ` [PATCH bpf-next 02/12] net: Add BPF_XDP_EGRESS as a bpf_attach_type David Ahern
2020-01-23 11:34 ` Toke Høiland-Jørgensen
2020-01-23 21:32 ` David Ahern
2020-01-24 9:49 ` Toke Høiland-Jørgensen
2020-01-24 7:33 ` Martin Lau
2020-01-23 1:42 ` [PATCH bpf-next 03/12] net: Add IFLA_XDP_EGRESS for XDP programs in the egress path David Ahern
2020-01-23 11:35 ` Toke Høiland-Jørgensen
2020-01-23 21:33 ` David Ahern
2020-01-24 15:21 ` Jakub Kicinski
2020-01-24 15:36 ` Toke Høiland-Jørgensen
2020-01-26 1:43 ` David Ahern
2020-01-26 4:54 ` Alexei Starovoitov
2020-02-02 17:59 ` David Ahern
2020-01-26 12:49 ` Jesper Dangaard Brouer
2020-01-26 16:38 ` David Ahern [this message]
2020-01-26 22:17 ` Jakub Kicinski
2020-01-28 14:13 ` Jesper Dangaard Brouer
2020-01-30 14:45 ` Jakub Kicinski
2020-02-01 16:03 ` Toke Høiland-Jørgensen
2020-02-02 17:48 ` David Ahern
2020-01-26 22:11 ` Jakub Kicinski
2020-01-27 4:03 ` David Ahern
2020-01-27 14:16 ` Jakub Kicinski
2020-01-28 3:43 ` David Ahern
2020-01-28 13:57 ` Jakub Kicinski
2020-02-01 16:24 ` Toke Høiland-Jørgensen
2020-02-01 17:08 ` Jakub Kicinski
2020-02-01 20:05 ` Toke Høiland-Jørgensen
2020-02-02 4:15 ` Jakub Kicinski
2020-02-03 19:56 ` Toke Høiland-Jørgensen
2020-02-03 20:13 ` Toke Høiland-Jørgensen
2020-02-03 22:15 ` Jesper Dangaard Brouer
2020-02-04 11:00 ` Toke Høiland-Jørgensen
2020-02-04 17:09 ` Jakub Kicinski
2020-02-05 15:30 ` Toke Høiland-Jørgensen
2020-02-02 17:45 ` David Ahern
2020-02-02 19:12 ` Jakub Kicinski
2020-02-02 17:43 ` David Ahern
2020-02-02 19:31 ` Jakub Kicinski
2020-02-02 21:51 ` David Ahern
2020-02-01 15:59 ` Toke Høiland-Jørgensen
2020-02-02 17:54 ` David Ahern
2020-02-03 20:09 ` Toke Høiland-Jørgensen
2020-01-23 1:42 ` [PATCH bpf-next 04/12] net: core: rename netif_receive_generic_xdp() to do_generic_xdp_core() David Ahern
2020-01-23 1:42 ` [PATCH bpf-next 05/12] tuntap: check tun_msg_ctl type at necessary places David Ahern
2020-01-23 1:42 ` [PATCH bpf-next 06/12] tun: move shared functions to if_tun.h David Ahern
2020-01-23 1:42 ` [PATCH bpf-next 07/12] vhost_net: user tap recvmsg api to access ptr ring David Ahern
2020-01-23 8:26 ` Michael S. Tsirkin
2020-01-23 1:42 ` [PATCH bpf-next 08/12] tuntap: remove usage of ptr ring in vhost_net David Ahern
2020-01-23 1:42 ` [PATCH bpf-next 09/12] tun: set egress XDP program David Ahern
2020-01-23 1:42 ` [PATCH bpf-next 10/12] tun: run XDP program in tx path David Ahern
2020-01-23 8:23 ` Michael S. Tsirkin
2020-01-24 13:36 ` Prashant Bhole
2020-01-24 13:44 ` Prashant Bhole
2020-01-23 1:42 ` [PATCH bpf-next 11/12] libbpf: Add egress XDP support David Ahern
2020-01-23 1:42 ` [PATCH bpf-next 12/12] samples/bpf: xdp1, add " David Ahern
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5290f2dd-ade6-ce0f-bf01-0872d4cfe14f@gmail.com \
--to=dsahern@gmail.com \
--cc=andriin@fb.com \
--cc=ast@kernel.org \
--cc=dahern@digitalocean.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=jasowang@redhat.com \
--cc=jbrouer@redhat.com \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=kuba@kernel.org \
--cc=mst@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=prashantbhole.linux@gmail.com \
--cc=songliubraving@fb.com \
--cc=toke@redhat.com \
--cc=toshiaki.makita1@gmail.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).