From: Jay Vosburgh <jay.vosburgh@canonical.com>
To: joamaki@gmail.com
Cc: bpf@vger.kernel.org, netdev@vger.kernel.org,
daniel@iogearbox.net, andy@greyhouse.net, vfalico@gmail.com,
andrii@kernel.org, maciej.fijalkowski@intel.com,
magnus.karlsson@intel.com
Subject: Re: [PATCH bpf-next v2 4/4] devmap: Exclude XDP broadcast to master device
Date: Thu, 01 Jul 2021 11:12:47 -0700 [thread overview]
Message-ID: <31210.1625163167@famine> (raw)
In-Reply-To: <20210624091843.5151-5-joamaki@gmail.com>
joamaki@gmail.com wrote:
>From: Jussi Maki <joamaki@gmail.com>
>
>If the ingress device is bond slave, do not broadcast back
>through it or the bond master.
>
>Signed-off-by: Jussi Maki <joamaki@gmail.com>
>---
> kernel/bpf/devmap.c | 34 ++++++++++++++++++++++++++++------
> 1 file changed, 28 insertions(+), 6 deletions(-)
>
>diff --git a/kernel/bpf/devmap.c b/kernel/bpf/devmap.c
>index 2a75e6c2d27d..0864fb28c8b5 100644
>--- a/kernel/bpf/devmap.c
>+++ b/kernel/bpf/devmap.c
>@@ -514,9 +514,11 @@ int dev_map_enqueue(struct bpf_dtab_netdev *dst, struct xdp_buff *xdp,
> }
>
> static bool is_valid_dst(struct bpf_dtab_netdev *obj, struct xdp_buff *xdp,
>- int exclude_ifindex)
>+ int exclude_ifindex, int exclude_ifindex_master)
> {
>- if (!obj || obj->dev->ifindex == exclude_ifindex ||
>+ if (!obj ||
>+ obj->dev->ifindex == exclude_ifindex ||
>+ obj->dev->ifindex == exclude_ifindex_master ||
> !obj->dev->netdev_ops->ndo_xdp_xmit)
> return false;
>
>@@ -546,12 +548,19 @@ int dev_map_enqueue_multi(struct xdp_buff *xdp, struct net_device *dev_rx,
> {
> struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map);
> int exclude_ifindex = exclude_ingress ? dev_rx->ifindex : 0;
>+ int exclude_ifindex_master = 0;
> struct bpf_dtab_netdev *dst, *last_dst = NULL;
> struct hlist_head *head;
> struct xdp_frame *xdpf;
> unsigned int i;
> int err;
>
>+ if (static_branch_unlikely(&bpf_master_redirect_enabled_key)) {
>+ struct net_device *master = netdev_master_upper_dev_get_rcu(dev_rx);
>+
>+ exclude_ifindex_master = (master && exclude_ingress) ? master->ifindex : 0;
>+ }
>+
Will the above logic do what is intended if the device stacking
isn't a simple bond -> ethX arrangement? I.e., bond -> VLAN.?? -> ethX
or perhaps even bondA -> VLAN.?? -> bondB -> ethX ?
-J
> xdpf = xdp_convert_buff_to_frame(xdp);
> if (unlikely(!xdpf))
> return -EOVERFLOW;
>@@ -559,7 +568,7 @@ int dev_map_enqueue_multi(struct xdp_buff *xdp, struct net_device *dev_rx,
> if (map->map_type == BPF_MAP_TYPE_DEVMAP) {
> for (i = 0; i < map->max_entries; i++) {
> dst = READ_ONCE(dtab->netdev_map[i]);
>- if (!is_valid_dst(dst, xdp, exclude_ifindex))
>+ if (!is_valid_dst(dst, xdp, exclude_ifindex, exclude_ifindex_master))
> continue;
>
> /* we only need n-1 clones; last_dst enqueued below */
>@@ -579,7 +588,9 @@ int dev_map_enqueue_multi(struct xdp_buff *xdp, struct net_device *dev_rx,
> head = dev_map_index_hash(dtab, i);
> hlist_for_each_entry_rcu(dst, head, index_hlist,
> lockdep_is_held(&dtab->index_lock)) {
>- if (!is_valid_dst(dst, xdp, exclude_ifindex))
>+ if (!is_valid_dst(dst, xdp,
>+ exclude_ifindex,
>+ exclude_ifindex_master))
> continue;
>
> /* we only need n-1 clones; last_dst enqueued below */
>@@ -646,16 +657,25 @@ int dev_map_redirect_multi(struct net_device *dev, struct sk_buff *skb,
> {
> struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map);
> int exclude_ifindex = exclude_ingress ? dev->ifindex : 0;
>+ int exclude_ifindex_master = 0;
> struct bpf_dtab_netdev *dst, *last_dst = NULL;
> struct hlist_head *head;
> struct hlist_node *next;
> unsigned int i;
> int err;
>
>+ if (static_branch_unlikely(&bpf_master_redirect_enabled_key)) {
>+ struct net_device *master = netdev_master_upper_dev_get_rcu(dev);
>+
>+ exclude_ifindex_master = (master && exclude_ingress) ? master->ifindex : 0;
>+ }
>+
> if (map->map_type == BPF_MAP_TYPE_DEVMAP) {
> for (i = 0; i < map->max_entries; i++) {
> dst = READ_ONCE(dtab->netdev_map[i]);
>- if (!dst || dst->dev->ifindex == exclude_ifindex)
>+ if (!dst ||
>+ dst->dev->ifindex == exclude_ifindex ||
>+ dst->dev->ifindex == exclude_ifindex_master)
> continue;
>
> /* we only need n-1 clones; last_dst enqueued below */
>@@ -674,7 +694,9 @@ int dev_map_redirect_multi(struct net_device *dev, struct sk_buff *skb,
> for (i = 0; i < dtab->n_buckets; i++) {
> head = dev_map_index_hash(dtab, i);
> hlist_for_each_entry_safe(dst, next, head, index_hlist) {
>- if (!dst || dst->dev->ifindex == exclude_ifindex)
>+ if (!dst ||
>+ dst->dev->ifindex == exclude_ifindex ||
>+ dst->dev->ifindex == exclude_ifindex_master)
> continue;
>
> /* we only need n-1 clones; last_dst enqueued below */
>--
>2.27.0
>
---
-Jay Vosburgh, jay.vosburgh@canonical.com
next prev parent reply other threads:[~2021-07-01 18:12 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-09 13:55 [PATCH bpf-next 0/3] XDP bonding support Jussi Maki
2021-06-09 13:55 ` [PATCH bpf-next 1/3] net: bonding: Add XDP support to the bonding driver Jussi Maki
2021-06-09 22:29 ` Maciej Fijalkowski
2021-06-09 23:29 ` Jay Vosburgh
2021-06-14 8:02 ` Jussi Maki
2021-06-17 3:40 ` kernel test robot
2021-06-17 3:40 ` kernel test robot
2021-06-17 6:35 ` kernel test robot
2021-06-17 6:35 ` kernel test robot
2021-06-22 7:24 ` kernel test robot
2021-06-22 7:24 ` kernel test robot
2021-06-09 13:55 ` [PATCH bpf-next 2/3] net: bonding: Use per-cpu rr_tx_counter Jussi Maki
2021-06-10 0:04 ` Jay Vosburgh
2021-06-14 7:54 ` Jussi Maki
2021-06-09 13:55 ` [PATCH bpf-next 3/3] selftests/bpf: Add tests for XDP bonding Jussi Maki
2021-06-09 22:07 ` Maciej Fijalkowski
2021-06-14 8:08 ` Jussi Maki
2021-06-14 8:48 ` Magnus Karlsson
2021-06-14 12:20 ` Jussi Maki
2021-06-10 17:24 ` [PATCH bpf-next 0/3] XDP bonding support Andrii Nakryiko
2021-06-14 12:25 ` Jussi Maki
2021-06-14 15:37 ` Jay Vosburgh
2021-06-15 5:34 ` Andrii Nakryiko
2021-06-24 9:18 ` [PATCH bpf-next v2 0/4] " joamaki
2021-06-24 9:18 ` [PATCH bpf-next v2 1/4] net: bonding: Refactor bond_xmit_hash for use with xdp_buff joamaki
2021-06-24 9:18 ` [PATCH bpf-next v2 2/4] net: core: Add support for XDP redirection to slave device joamaki
2021-06-24 9:18 ` [PATCH bpf-next v2 3/4] net: bonding: Add XDP support to the bonding driver joamaki
2021-06-24 9:18 ` [PATCH bpf-next v2 4/4] devmap: Exclude XDP broadcast to master device joamaki
2021-07-01 18:12 ` Jay Vosburgh [this message]
2021-07-05 11:44 ` Jussi Maki
2021-07-01 18:20 ` [PATCH bpf-next v2 0/4] XDP bonding support Jay Vosburgh
2021-07-05 10:32 ` Jussi Maki
2021-07-07 11:25 ` [PATCH bpf-next v3 0/5] " Jussi Maki
2021-07-07 11:25 ` [PATCH bpf-next v3 1/5] net: bonding: Refactor bond_xmit_hash for use with xdp_buff Jussi Maki
2021-07-07 11:25 ` [PATCH bpf-next v3 2/5] net: core: Add support for XDP redirection to slave device Jussi Maki
2021-07-07 11:25 ` [PATCH bpf-next v3 3/5] net: bonding: Add XDP support to the bonding driver Jussi Maki
2021-07-13 7:14 ` kernel test robot
2021-07-13 7:14 ` kernel test robot
2021-07-07 11:25 ` [PATCH bpf-next v3 4/5] devmap: Exclude XDP broadcast to master device Jussi Maki
2021-07-07 11:25 ` [PATCH bpf-next v3 5/5] net: core: Allow netdev_lower_get_next_private_rcu in bh context Jussi Maki
2021-07-28 23:43 ` [PATCH bpf-next v4 0/6] XDP bonding support joamaki
2021-07-28 23:43 ` [PATCH bpf-next v4 1/6] net: bonding: Refactor bond_xmit_hash for use with xdp_buff joamaki
2021-07-28 23:43 ` [PATCH bpf-next v4 2/6] net: core: Add support for XDP redirection to slave device joamaki
2021-07-28 23:43 ` [PATCH bpf-next v4 3/6] net: bonding: Add XDP support to the bonding driver joamaki
2021-07-28 23:43 ` [PATCH bpf-next v4 4/6] devmap: Exclude XDP broadcast to master device joamaki
2021-07-28 23:43 ` [PATCH bpf-next v4 5/6] net: core: Allow netdev_lower_get_next_private_rcu in bh context joamaki
2021-07-28 23:43 ` [PATCH bpf-next v4 6/6] selftests/bpf: Add tests for XDP bonding joamaki
2021-08-03 0:19 ` Andrii Nakryiko
2021-08-03 9:40 ` Jussi Maki
2021-07-30 6:18 ` [PATCH bpf-next v5 0/7] XDP bonding support Jussi Maki
2021-07-30 6:18 ` [PATCH bpf-next v5 1/7] net: bonding: Refactor bond_xmit_hash for use with xdp_buff Jussi Maki
2021-07-30 6:18 ` [PATCH bpf-next v5 2/7] net: core: Add support for XDP redirection to slave device Jussi Maki
2021-07-30 6:18 ` [PATCH bpf-next v5 3/7] net: bonding: Add XDP support to the bonding driver Jussi Maki
2021-07-30 6:18 ` [PATCH bpf-next v5 4/7] devmap: Exclude XDP broadcast to master device Jussi Maki
2021-07-30 6:18 ` [PATCH bpf-next v5 5/7] net: core: Allow netdev_lower_get_next_private_rcu in bh context Jussi Maki
2021-07-30 6:18 ` [PATCH bpf-next v5 6/7] selftests/bpf: Fix xdp_tx.c prog section name Jussi Maki
2021-08-04 23:35 ` Andrii Nakryiko
2021-07-30 6:18 ` [PATCH bpf-next v5 7/7] selftests/bpf: Add tests for XDP bonding Jussi Maki
2021-08-04 23:33 ` Andrii Nakryiko
2021-07-31 5:57 ` [PATCH bpf-next v6 0/7]: XDP bonding support Jussi Maki
2021-07-31 5:57 ` [PATCH bpf-next v6 1/7] net: bonding: Refactor bond_xmit_hash for use with xdp_buff Jussi Maki
2021-08-11 1:52 ` Jonathan Toppins
2021-08-11 8:22 ` Jussi Maki
2021-08-11 14:05 ` Jonathan Toppins
2021-08-16 9:05 ` Jussi Maki
2021-07-31 5:57 ` [PATCH bpf-next v6 2/7] net: core: Add support for XDP redirection to slave device Jussi Maki
2021-07-31 5:57 ` [PATCH bpf-next v6 3/7] net: bonding: Add XDP support to the bonding driver Jussi Maki
2021-07-31 5:57 ` [PATCH bpf-next v6 4/7] devmap: Exclude XDP broadcast to master device Jussi Maki
2021-07-31 5:57 ` [PATCH bpf-next v6 5/7] net: core: Allow netdev_lower_get_next_private_rcu in bh context Jussi Maki
2021-07-31 5:57 ` [PATCH bpf-next v6 6/7] selftests/bpf: Fix xdp_tx.c prog section name Jussi Maki
2021-08-06 22:53 ` Andrii Nakryiko
2021-07-31 5:57 ` [PATCH bpf-next v6 7/7] selftests/bpf: Add tests for XDP bonding Jussi Maki
2021-08-06 22:50 ` Andrii Nakryiko
2021-08-09 14:24 ` Jussi Maki
2021-08-09 21:41 ` Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=31210.1625163167@famine \
--to=jay.vosburgh@canonical.com \
--cc=andrii@kernel.org \
--cc=andy@greyhouse.net \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=joamaki@gmail.com \
--cc=maciej.fijalkowski@intel.com \
--cc=magnus.karlsson@intel.com \
--cc=netdev@vger.kernel.org \
--cc=vfalico@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.