From: Daniel Borkmann <daniel@iogearbox.net>
To: Roman Gushchin <guro@fb.com>, netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, kernel-team@fb.com,
Alexei Starovoitov <ast@kernel.org>,
Martin KaFai Lau <kafai@fb.com>
Subject: Re: [PATCH v6 bpf-next 00/14] bpf: cgroup local storage
Date: Thu, 2 Aug 2018 10:53:02 +0200 [thread overview]
Message-ID: <682e9adf-5826-d590-1c26-d536814bb566@iogearbox.net> (raw)
In-Reply-To: <20180801223740.11252-1-guro@fb.com>
On 08/02/2018 12:37 AM, Roman Gushchin wrote:
> This patchset implements cgroup local storage for bpf programs.
> The main idea is to provide a fast accessible memory for storing
> various per-cgroup data, e.g. number of transmitted packets.
>
> Cgroup local storage looks as a special type of map for userspace,
> and is accessible using generic bpf maps API for reading and
> updating of the data. The (cgroup inode id, attachment type) pair
> is used as a map key.
>
> A user can't create new entries or destroy existing entries;
> it happens automatically when a user attaches/detaches a bpf program
> to a cgroup.
>
> From a bpf program's point of view, cgroup storage is accessible
> without lookup using the special get_local_storage() helper function.
> It takes a map fd as an argument. It always returns a valid pointer
> to the corresponding memory area.
> To implement such a lookup-free access a pointer to the cgroup
> storage is saved for an attachment of a bpf program to a cgroup,
> if required by the program. Before running the program, it's saved
> in a special global per-cpu variable, which is accessible from the
> get_local_storage() helper.
>
> This patchset implement only cgroup local storage, however the API
> is intentionally made extensible to support other local storage types
> further: e.g. thread local storage, socket local storage, etc.
>
> Patch (1) adds an ability to charge bpf maps for consuming memory
> dynamically.
> Patch (2) introduces cgroup storage maps.
> Patch (3) implements a mechanism to pass cgroup storage pointer
> to a bpf program.
> Patch (4) implements allocation/releasing of cgroup local storage
> on attaching/detaching of a bpf program to/from a cgroup.
> Patch (5) extends bpf_prog_array to store cgroup storage pointers.
> Patch (6) introduces BPF_PTR_TO_MAP_VALUE, required to skip
> non-necessary NULL-check in bpf programs.
> Patch (7) disables creation of maps of cgroup storage maps.
> Patch (8) introduces the get_local_storage() helper.
> Patch (9) syncs bpf.h to tools/.
> Patch (10) adds cgroup storage maps support to bpftool.
> Patch (11) adds support for testing programs which are using
> cgroup storage without actually attaching them to cgroups.
> Patches (12), (13) and (14) are adding necessary tests.
>
> Signed-off-by: Roman Gushchin <guro@fb.com>
> Cc: Alexei Starovoitov <ast@kernel.org>
> Cc: Daniel Borkmann <daniel@iogearbox.net>
> Cc: Martin KaFai Lau <kafai@fb.com>
>
> v6->v5:
> - fixed an error with returning -EINVAL instead of a pointer
>
> v5->v4:
> - fixed an issue in verifier (test that flags == 0 properly)
> - added a corresponding test
> - added a note about synchronization, sync docs to tools/uapi/...
> - switched the cgroup test to use XADD
> - added a check for attr->max_entries to be 0, and atter->max_flags
> to be sane
> - use bpf_uncharge_memlock() in bpf_uncharge_memlock()
> - rebased to bpf-next
>
> v4->v3:
> - fixed a leak in cgroup attachment code (discovered by Daniel)
> - cgroup storage map will be released if the corresponding
> bpf program failed to load by any reason
> - introduced bpf_uncharge_memlock() helper
>
> v3->v2:
> - fixed more build and sparse issues
> - rebased to bpf-next
>
> v2->v1:
> - fixed build issues
> - removed explicit rlimit calls in patch 14
> - rebased to bpf-next
>
> Roman Gushchin (14):
> bpf: add ability to charge bpf maps memory dynamically
> bpf: introduce cgroup storage maps
> bpf: pass a pointer to a cgroup storage using pcpu variable
> bpf: allocate cgroup storage entries on attaching bpf programs
> bpf: extend bpf_prog_array to store pointers to the cgroup storage
> bpf/verifier: introduce BPF_PTR_TO_MAP_VALUE
> bpf: don't allow create maps of cgroup local storages
> bpf: introduce the bpf_get_local_storage() helper function
> bpf: sync bpf.h to tools/
> bpftool: add support for CGROUP_STORAGE maps
> bpf/test_run: support cgroup local storage
> selftests/bpf: add verifier cgroup storage tests
> selftests/bpf: add a cgroup storage test
> samples/bpf: extend test_cgrp2_attach2 test to use cgroup storage
Applied to bpf-next, thanks Roman!
prev parent reply other threads:[~2018-08-02 8:53 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-01 22:37 [PATCH v6 bpf-next 00/14] bpf: cgroup local storage Roman Gushchin
2018-08-01 22:37 ` Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 01/14] bpf: add ability to charge bpf maps memory dynamically Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 02/14] bpf: introduce cgroup storage maps Roman Gushchin
2018-08-01 22:37 ` Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 03/14] bpf: pass a pointer to a cgroup storage using pcpu variable Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 04/14] bpf: allocate cgroup storage entries on attaching bpf programs Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 05/14] bpf: extend bpf_prog_array to store pointers to the cgroup storage Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 06/14] bpf/verifier: introduce BPF_PTR_TO_MAP_VALUE Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 07/14] bpf: don't allow create maps of cgroup local storages Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 08/14] bpf: introduce the bpf_get_local_storage() helper function Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 09/14] bpf: sync bpf.h to tools/ Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 10/14] bpftool: add support for CGROUP_STORAGE maps Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 11/14] bpf/test_run: support cgroup local storage Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 12/14] selftests/bpf: add verifier cgroup storage tests Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 13/14] selftests/bpf: add a cgroup storage test Roman Gushchin
2018-08-01 22:37 ` [PATCH v6 bpf-next 14/14] samples/bpf: extend test_cgrp2_attach2 test to use cgroup storage Roman Gushchin
2018-08-02 8:53 ` Daniel Borkmann [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=682e9adf-5826-d590-1c26-d536814bb566@iogearbox.net \
--to=daniel@iogearbox.net \
--cc=ast@kernel.org \
--cc=guro@fb.com \
--cc=kafai@fb.com \
--cc=kernel-team@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.