From: Prashant Bhole <prashantbhole.linux@gmail.com> To: "David S . Miller" <davem@davemloft.net>, "Michael S . Tsirkin" <mst@redhat.com> Cc: Jason Wang <jasowang@redhat.com>, Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Jakub Kicinski <jakub.kicinski@netronome.com>, Jesper Dangaard Brouer <hawk@kernel.org>, John Fastabend <john.fastabend@gmail.com>, Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>, Andrii Nakryiko <andriin@fb.com>, netdev@vger.kernel.org, qemu-devel@nongnu.org, kvm@vger.kernel.org, Prashant Bhole <prashantbhole.linux@gmail.com> Subject: [RFC net-next 01/18] bpf: introduce bpf_prog_offload_verifier_setup() Date: Tue, 26 Nov 2019 19:07:27 +0900 [thread overview] Message-ID: <20191126100744.5083-2-prashantbhole.linux@gmail.com> (raw) In-Reply-To: <20191126100744.5083-1-prashantbhole.linux@gmail.com> From: Jason Wang <jasowang@redhat.com> Background: This change was initiated from virtio_net XDP offload work. As per the implementation plan, a copy of original program with map fds from guest replaced with map fds from host needs to be offloaded to the host. To implement this fd replacement, insn_hook() must provide an insn with map fd intact. bpf_map and driver specific map data can be derived from map_fd. Since verifier calls all the offload callbacks after replacing map fds, it was difficult to implement virtio_net XDP offload feature. If virtio_net gets only one callback with original bpf program, it will get a chance to perform the fd replacement in its own copy of the program. Solution: Let's introduce a setup() callback in bpf_prog_offload_ops. It will be non mandetory. The verifier will call it just before replacing the map fds. Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Prashant Bhole <prashantbhole.linux@gmail.com> --- include/linux/bpf.h | 1 + include/linux/bpf_verifier.h | 1 + kernel/bpf/offload.c | 14 ++++++++++++++ kernel/bpf/verifier.c | 6 ++++++ 4 files changed, 22 insertions(+) diff --git a/include/linux/bpf.h b/include/linux/bpf.h index 35903f148be5..1cdba120357c 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h @@ -361,6 +361,7 @@ struct bpf_prog_offload_ops { struct bpf_insn *insn); int (*remove_insns)(struct bpf_verifier_env *env, u32 off, u32 cnt); /* program management callbacks */ + int (*setup)(struct bpf_prog *prog); int (*prepare)(struct bpf_prog *prog); int (*translate)(struct bpf_prog *prog); void (*destroy)(struct bpf_prog *prog); diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index 26e40de9ef55..de7028e17c0d 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h @@ -418,6 +418,7 @@ static inline struct bpf_reg_state *cur_regs(struct bpf_verifier_env *env) return cur_func(env)->regs; } +int bpf_prog_offload_verifier_setup(struct bpf_prog *prog); int bpf_prog_offload_verifier_prep(struct bpf_prog *prog); int bpf_prog_offload_verify_insn(struct bpf_verifier_env *env, int insn_idx, int prev_insn_idx); diff --git a/kernel/bpf/offload.c b/kernel/bpf/offload.c index 5b9da0954a27..04ca7a31d947 100644 --- a/kernel/bpf/offload.c +++ b/kernel/bpf/offload.c @@ -124,6 +124,20 @@ int bpf_prog_offload_init(struct bpf_prog *prog, union bpf_attr *attr) return err; } +int bpf_prog_offload_verifier_setup(struct bpf_prog *prog) +{ + struct bpf_prog_offload *offload; + int ret = 0; + + down_read(&bpf_devs_lock); + offload = prog->aux->offload; + if (offload && offload->offdev->ops->setup) + ret = offload->offdev->ops->setup(prog); + up_read(&bpf_devs_lock); + + return ret; +} + int bpf_prog_offload_verifier_prep(struct bpf_prog *prog) { struct bpf_prog_offload *offload; diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index a0482e1c4a77..94b43542439e 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -9737,6 +9737,12 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, env->allow_ptr_leaks = is_priv; + if (bpf_prog_is_dev_bound(env->prog->aux)) { + ret = bpf_prog_offload_verifier_setup(env->prog); + if (ret) + goto skip_full_check; + } + if (is_priv) env->test_state_freq = attr->prog_flags & BPF_F_TEST_STATE_FREQ; -- 2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Prashant Bhole <prashantbhole.linux@gmail.com> To: "David S . Miller" <davem@davemloft.net>, "Michael S . Tsirkin" <mst@redhat.com> Cc: Song Liu <songliubraving@fb.com>, Jakub Kicinski <jakub.kicinski@netronome.com>, Jesper Dangaard Brouer <hawk@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, netdev@vger.kernel.org, Jason Wang <jasowang@redhat.com>, John Fastabend <john.fastabend@gmail.com>, Alexei Starovoitov <ast@kernel.org>, qemu-devel@nongnu.org, Prashant Bhole <prashantbhole.linux@gmail.com>, kvm@vger.kernel.org, Yonghong Song <yhs@fb.com>, Andrii Nakryiko <andriin@fb.com>, Martin KaFai Lau <kafai@fb.com> Subject: [RFC net-next 01/18] bpf: introduce bpf_prog_offload_verifier_setup() Date: Tue, 26 Nov 2019 19:07:27 +0900 [thread overview] Message-ID: <20191126100744.5083-2-prashantbhole.linux@gmail.com> (raw) In-Reply-To: <20191126100744.5083-1-prashantbhole.linux@gmail.com> From: Jason Wang <jasowang@redhat.com> Background: This change was initiated from virtio_net XDP offload work. As per the implementation plan, a copy of original program with map fds from guest replaced with map fds from host needs to be offloaded to the host. To implement this fd replacement, insn_hook() must provide an insn with map fd intact. bpf_map and driver specific map data can be derived from map_fd. Since verifier calls all the offload callbacks after replacing map fds, it was difficult to implement virtio_net XDP offload feature. If virtio_net gets only one callback with original bpf program, it will get a chance to perform the fd replacement in its own copy of the program. Solution: Let's introduce a setup() callback in bpf_prog_offload_ops. It will be non mandetory. The verifier will call it just before replacing the map fds. Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Prashant Bhole <prashantbhole.linux@gmail.com> --- include/linux/bpf.h | 1 + include/linux/bpf_verifier.h | 1 + kernel/bpf/offload.c | 14 ++++++++++++++ kernel/bpf/verifier.c | 6 ++++++ 4 files changed, 22 insertions(+) diff --git a/include/linux/bpf.h b/include/linux/bpf.h index 35903f148be5..1cdba120357c 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h @@ -361,6 +361,7 @@ struct bpf_prog_offload_ops { struct bpf_insn *insn); int (*remove_insns)(struct bpf_verifier_env *env, u32 off, u32 cnt); /* program management callbacks */ + int (*setup)(struct bpf_prog *prog); int (*prepare)(struct bpf_prog *prog); int (*translate)(struct bpf_prog *prog); void (*destroy)(struct bpf_prog *prog); diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index 26e40de9ef55..de7028e17c0d 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h @@ -418,6 +418,7 @@ static inline struct bpf_reg_state *cur_regs(struct bpf_verifier_env *env) return cur_func(env)->regs; } +int bpf_prog_offload_verifier_setup(struct bpf_prog *prog); int bpf_prog_offload_verifier_prep(struct bpf_prog *prog); int bpf_prog_offload_verify_insn(struct bpf_verifier_env *env, int insn_idx, int prev_insn_idx); diff --git a/kernel/bpf/offload.c b/kernel/bpf/offload.c index 5b9da0954a27..04ca7a31d947 100644 --- a/kernel/bpf/offload.c +++ b/kernel/bpf/offload.c @@ -124,6 +124,20 @@ int bpf_prog_offload_init(struct bpf_prog *prog, union bpf_attr *attr) return err; } +int bpf_prog_offload_verifier_setup(struct bpf_prog *prog) +{ + struct bpf_prog_offload *offload; + int ret = 0; + + down_read(&bpf_devs_lock); + offload = prog->aux->offload; + if (offload && offload->offdev->ops->setup) + ret = offload->offdev->ops->setup(prog); + up_read(&bpf_devs_lock); + + return ret; +} + int bpf_prog_offload_verifier_prep(struct bpf_prog *prog) { struct bpf_prog_offload *offload; diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index a0482e1c4a77..94b43542439e 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -9737,6 +9737,12 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, env->allow_ptr_leaks = is_priv; + if (bpf_prog_is_dev_bound(env->prog->aux)) { + ret = bpf_prog_offload_verifier_setup(env->prog); + if (ret) + goto skip_full_check; + } + if (is_priv) env->test_state_freq = attr->prog_flags & BPF_F_TEST_STATE_FREQ; -- 2.20.1
next prev parent reply other threads:[~2019-11-26 10:08 UTC|newest] Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-11-26 10:07 [RFC net-next 00/18] virtio_net XDP offload Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole [this message] 2019-11-26 10:07 ` [RFC net-next 01/18] bpf: introduce bpf_prog_offload_verifier_setup() Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 02/18] net: core: rename netif_receive_generic_xdp() to do_generic_xdp_core() Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 03/18] net: core: export do_xdp_generic_core() Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 04/18] tuntap: check tun_msg_ctl type at necessary places Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 05/18] vhost_net: user tap recvmsg api to access ptr ring Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 06/18] tuntap: remove usage of ptr ring in vhost_net Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 07/18] tun: set offloaded xdp program Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-12-01 16:35 ` David Ahern 2019-12-01 16:35 ` David Ahern 2019-12-02 2:44 ` Jason Wang 2019-12-02 2:44 ` Jason Wang 2019-12-01 16:45 ` David Ahern 2019-12-01 16:45 ` David Ahern 2019-12-02 2:47 ` Jason Wang 2019-12-02 2:47 ` Jason Wang 2019-12-09 0:24 ` Prashant Bhole 2019-12-09 0:24 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 08/18] tun: run offloaded XDP program in Tx path Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-12-01 16:39 ` David Ahern 2019-12-01 16:39 ` David Ahern 2019-12-01 20:56 ` David Miller 2019-12-01 20:56 ` David Miller 2019-12-01 21:40 ` Michael S. Tsirkin 2019-12-01 21:40 ` Michael S. Tsirkin 2019-12-01 21:54 ` David Miller 2019-12-01 21:54 ` David Miller 2019-12-02 2:56 ` Jason Wang 2019-12-02 2:56 ` Jason Wang 2019-12-02 2:45 ` Jason Wang 2019-12-02 2:45 ` Jason Wang 2019-11-26 10:07 ` [RFC net-next 09/18] tun: add a way to inject Tx path packet into Rx path Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 10/18] tun: handle XDP_TX action of offloaded program Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 11/18] tun: run xdp prog when tun is read from file interface Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 12/18] virtio-net: store xdp_prog in device Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 13/18] virtio_net: use XDP attachment helpers Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 14/18] virtio_net: add XDP prog offload infrastructure Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 15/18] virtio_net: implement XDP prog offload functionality Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-27 20:42 ` Michael S. Tsirkin 2019-11-27 20:42 ` Michael S. Tsirkin 2019-11-28 2:53 ` Prashant Bhole 2019-11-28 2:53 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 16/18] bpf: export function __bpf_map_get Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 10:07 ` [RFC net-next 17/18] virtio_net: implment XDP map offload functionality Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 20:19 ` kbuild test robot 2019-11-26 10:07 ` [RFC net-next 18/18] virtio_net: restrict bpf helper calls from offloaded program Prashant Bhole 2019-11-26 10:07 ` Prashant Bhole 2019-11-26 20:35 ` [RFC net-next 00/18] virtio_net XDP offload Jakub Kicinski 2019-11-26 20:35 ` Jakub Kicinski 2019-11-27 2:59 ` Jason Wang 2019-11-27 2:59 ` Jason Wang 2019-11-27 19:49 ` Jakub Kicinski 2019-11-27 19:49 ` Jakub Kicinski 2019-11-28 3:41 ` Jason Wang 2019-11-28 3:41 ` Jason Wang 2019-11-27 20:32 ` Michael S. Tsirkin 2019-11-27 20:32 ` Michael S. Tsirkin 2019-11-27 23:40 ` Jakub Kicinski 2019-11-27 23:40 ` Jakub Kicinski 2019-12-02 15:29 ` Michael S. Tsirkin 2019-12-02 15:29 ` Michael S. Tsirkin 2019-11-28 3:32 ` Alexei Starovoitov 2019-11-28 3:32 ` Alexei Starovoitov 2019-11-28 4:18 ` Jason Wang 2019-11-28 4:18 ` Jason Wang 2019-12-01 16:54 ` David Ahern 2019-12-01 16:54 ` David Ahern 2019-12-02 2:48 ` Jason Wang 2019-12-02 2:48 ` Jason Wang
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20191126100744.5083-2-prashantbhole.linux@gmail.com \ --to=prashantbhole.linux@gmail.com \ --cc=andriin@fb.com \ --cc=ast@kernel.org \ --cc=daniel@iogearbox.net \ --cc=davem@davemloft.net \ --cc=hawk@kernel.org \ --cc=jakub.kicinski@netronome.com \ --cc=jasowang@redhat.com \ --cc=john.fastabend@gmail.com \ --cc=kafai@fb.com \ --cc=kvm@vger.kernel.org \ --cc=mst@redhat.com \ --cc=netdev@vger.kernel.org \ --cc=qemu-devel@nongnu.org \ --cc=songliubraving@fb.com \ --cc=yhs@fb.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.