From: David Ahern <dsahern@gmail.com>
To: Daniel Borkmann <daniel@iogearbox.net>, ast@kernel.org
Cc: john.fastabend@gmail.com, netdev@vger.kernel.org, bpf@vger.kernel.org
Subject: Re: [PATCH bpf-next 3/6] bpf: add redirect_neigh helper as redirect drop-in
Date: Thu, 24 Sep 2020 16:12:01 -0600 [thread overview]
Message-ID: <09aedc04-ee19-e72d-9a8d-aa4be7551a53@gmail.com> (raw)
In-Reply-To: <721fd3f8d5cf55169561e59fdec5fad2e0bf6115.1600967205.git.daniel@iogearbox.net>
On 9/24/20 12:21 PM, Daniel Borkmann wrote:
> diff --git a/net/core/filter.c b/net/core/filter.c
> index 0f913755bcba..19caa2fc21e8 100644
> --- a/net/core/filter.c
> +++ b/net/core/filter.c
> @@ -2160,6 +2160,205 @@ static int __bpf_redirect(struct sk_buff *skb, struct net_device *dev,
> return __bpf_redirect_no_mac(skb, dev, flags);
> }
>
> +#if IS_ENABLED(CONFIG_IPV6)
> +static int bpf_out_neigh_v6(struct net *net, struct sk_buff *skb)
> +{
> + struct dst_entry *dst = skb_dst(skb);
> + struct net_device *dev = dst->dev;
> + const struct in6_addr *nexthop;
> + struct neighbour *neigh;
> +
> + if (dev_xmit_recursion())
> + goto out_rec;
> + skb->dev = dev;
> + rcu_read_lock_bh();
> + nexthop = rt6_nexthop((struct rt6_info *)dst, &ipv6_hdr(skb)->daddr);
> + neigh = __ipv6_neigh_lookup_noref_stub(dev, nexthop);
> + if (unlikely(!neigh))
> + neigh = __neigh_create(ipv6_stub->nd_tbl, nexthop, dev, false);
the last 3 lines can be replaced with ip_neigh_gw6.
> + if (likely(!IS_ERR(neigh))) {
> + int ret;
> +
> + sock_confirm_neigh(skb, neigh);
> + dev_xmit_recursion_inc();
> + ret = neigh_output(neigh, skb, false);
> + dev_xmit_recursion_dec();
> + rcu_read_unlock_bh();
> + return ret;
> + }
> + rcu_read_unlock_bh();
> + IP6_INC_STATS(dev_net(dst->dev),
> + ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
> +out_drop:
> + kfree_skb(skb);
> + return -EINVAL;
> +out_rec:
> + net_crit_ratelimited("bpf: recursion limit reached on datapath, buggy bpf program?\n");
> + goto out_drop;
> +}
> +
...
> +
> +#if IS_ENABLED(CONFIG_INET)
> +static int bpf_out_neigh_v4(struct net *net, struct sk_buff *skb)
> +{
> + struct dst_entry *dst = skb_dst(skb);
> + struct rtable *rt = (struct rtable *)dst;
please use container_of here; I'd like to see the typecasts get removed.
> + struct net_device *dev = dst->dev;
> + u32 hh_len = LL_RESERVED_SPACE(dev);
> + struct neighbour *neigh;
> + bool is_v6gw = false;
> +
> + if (dev_xmit_recursion())
> + goto out_rec;
next prev parent reply other threads:[~2020-09-24 22:12 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-24 18:21 [PATCH bpf-next 0/6] Various BPF helper improvements Daniel Borkmann
2020-09-24 18:21 ` [PATCH bpf-next 1/6] bpf: add classid helper only based on skb->sk Daniel Borkmann
2020-09-25 14:46 ` Jakub Kicinski
2020-09-25 15:35 ` Daniel Borkmann
2020-09-24 18:21 ` [PATCH bpf-next 2/6] bpf, net: rework cookie generator as per-cpu one Daniel Borkmann
2020-09-24 18:58 ` Eric Dumazet
2020-09-24 22:03 ` Daniel Borkmann
2020-09-25 7:49 ` Eric Dumazet
2020-09-25 9:26 ` Daniel Borkmann
2020-09-25 15:00 ` Jakub Kicinski
2020-09-25 15:15 ` Eric Dumazet
2020-09-25 15:31 ` Jakub Kicinski
2020-09-25 15:45 ` Eric Dumazet
2020-09-24 18:21 ` [PATCH bpf-next 3/6] bpf: add redirect_neigh helper as redirect drop-in Daniel Borkmann
2020-09-24 22:12 ` David Ahern [this message]
2020-09-24 22:19 ` Daniel Borkmann
2020-09-24 18:21 ` [PATCH bpf-next 4/6] bpf, libbpf: add bpf_tail_call_static helper for bpf programs Daniel Borkmann
2020-09-24 20:53 ` Andrii Nakryiko
2020-09-24 22:17 ` Daniel Borkmann
2020-09-25 15:42 ` Daniel Borkmann
2020-09-25 15:52 ` Daniel Borkmann
2020-09-25 16:50 ` Andrii Nakryiko
2020-09-25 19:52 ` Daniel Borkmann
2020-09-25 6:13 ` Yonghong Song
2020-09-24 18:21 ` [PATCH bpf-next 5/6] bpf, selftests: use bpf_tail_call_static where appropriate Daniel Borkmann
2020-09-24 19:25 ` Maciej Fijalkowski
2020-09-24 22:03 ` Daniel Borkmann
2020-09-24 18:21 ` [PATCH bpf-next 6/6] bpf, selftests: add redirect_neigh selftest Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=09aedc04-ee19-e72d-9a8d-aa4be7551a53@gmail.com \
--to=dsahern@gmail.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=john.fastabend@gmail.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).