* [PATCH] Support for nlattr and nested_nlattr attribute search in EBPF filter
@ 2020-01-23 13:08 Kalimuthu Velappan
2020-01-23 15:57 ` Daniel Borkmann
0 siblings, 1 reply; 3+ messages in thread
From: Kalimuthu Velappan @ 2020-01-23 13:08 UTC (permalink / raw)
To: kalimuthu.velappan
Cc: Alexei Starovoitov, Daniel Borkmann, Martin KaFai Lau, Song Liu,
Yonghong Song, Andrii Nakryiko, David S. Miller,
Stanislav Fomichev, Quentin Monnet, Andrey Ignatov,
open list:BPF (Safe dynamic programs and tools),
open list:BPF (Safe dynamic programs and tools),
open list
Added attribute search and nested attribute support in EBPF filter
functionality.
Signed-off-by: Kalimuthu Velappan <kalimuthu.velappan@broadcom.com>
---
include/uapi/linux/bpf.h | 5 ++++-
net/core/filter.c | 22 ++++++++++++++++++++++
tools/include/uapi/linux/bpf.h | 4 +++-
3 files changed, 29 insertions(+), 2 deletions(-)
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index dbbcf0b..ac9794c 100644
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -2938,7 +2938,10 @@ union bpf_attr {
FN(probe_read_user), \
FN(probe_read_kernel), \
FN(probe_read_user_str), \
- FN(probe_read_kernel_str),
+ FN(probe_read_kernel_str), \
+ FN(skb_get_nlattr), \
+ FN(skb_get_nlattr_nest),
+
/* integer value in 'imm' field of BPF_CALL instruction selects which helper
* function eBPF program intends to call
diff --git a/net/core/filter.c b/net/core/filter.c
index 538f6a7..56a87e1 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -2699,6 +2699,24 @@ static const struct bpf_func_proto bpf_set_hash_invalid_proto = {
.arg1_type = ARG_PTR_TO_CTX,
};
+static const struct bpf_func_proto bpf_skb_get_nlattr_proto = {
+ .func = bpf_skb_get_nlattr,
+ .gpl_only = false,
+ .ret_type = RET_INTEGER,
+ .arg1_type = ARG_PTR_TO_CTX,
+ .arg2_type = ARG_ANYTHING,
+ .arg3_type = ARG_ANYTHING,
+};
+
+static const struct bpf_func_proto skb_get_nlattr_nest_proto = {
+ .func = bpf_skb_get_nlattr_nest,
+ .gpl_only = false,
+ .ret_type = RET_INTEGER,
+ .arg1_type = ARG_PTR_TO_CTX,
+ .arg2_type = ARG_ANYTHING,
+ .arg3_type = ARG_ANYTHING,
+};
+
BPF_CALL_2(bpf_set_hash, struct sk_buff *, skb, u32, hash)
{
/* Set user specified hash as L4(+), so that it gets returned
@@ -6091,6 +6109,10 @@ sk_filter_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
return &bpf_get_socket_uid_proto;
case BPF_FUNC_perf_event_output:
return &bpf_skb_event_output_proto;
+ case BPF_FUNC_skb_get_nlattr:
+ return &bpf_skb_get_nlattr_proto;
+ case BPF_FUNC_skb_get_nlattr_nest:
+ return &skb_get_nlattr_nest_proto;
default:
return bpf_base_func_proto(func_id);
}
diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h
index dbbcf0b..3bfbc0e 100644
--- a/tools/include/uapi/linux/bpf.h
+++ b/tools/include/uapi/linux/bpf.h
@@ -2938,7 +2938,9 @@ union bpf_attr {
FN(probe_read_user), \
FN(probe_read_kernel), \
FN(probe_read_user_str), \
- FN(probe_read_kernel_str),
+ FN(probe_read_kernel_str), \
+ FN(skb_get_nlattr), \
+ FN(skb_get_nlattr_nest),
/* integer value in 'imm' field of BPF_CALL instruction selects which helper
* function eBPF program intends to call
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] Support for nlattr and nested_nlattr attribute search in EBPF filter
2020-01-23 13:08 [PATCH] Support for nlattr and nested_nlattr attribute search in EBPF filter Kalimuthu Velappan
@ 2020-01-23 15:57 ` Daniel Borkmann
2020-01-27 11:10 ` Kalimuthu Velappan
0 siblings, 1 reply; 3+ messages in thread
From: Daniel Borkmann @ 2020-01-23 15:57 UTC (permalink / raw)
To: Kalimuthu Velappan
Cc: Alexei Starovoitov, Martin KaFai Lau, Song Liu, Yonghong Song,
Andrii Nakryiko, David S. Miller, Stanislav Fomichev,
Quentin Monnet, Andrey Ignatov,
open list:BPF (Safe dynamic programs and tools),
open list:BPF (Safe dynamic programs and tools),
open list
On 1/23/20 2:08 PM, Kalimuthu Velappan wrote:
> Added attribute search and nested attribute support in EBPF filter
> functionality.
Your commit describes what the code does, but not the rationale why it's needed
resp. the use-case you're trying to solve with this.
Also, why it cannot be resolved in native BPF?
> Signed-off-by: Kalimuthu Velappan <kalimuthu.velappan@broadcom.com>
> ---
> include/uapi/linux/bpf.h | 5 ++++-
> net/core/filter.c | 22 ++++++++++++++++++++++
> tools/include/uapi/linux/bpf.h | 4 +++-
> 3 files changed, 29 insertions(+), 2 deletions(-)
>
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index dbbcf0b..ac9794c 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -2938,7 +2938,10 @@ union bpf_attr {
> FN(probe_read_user), \
> FN(probe_read_kernel), \
> FN(probe_read_user_str), \
> - FN(probe_read_kernel_str),
> + FN(probe_read_kernel_str), \
> + FN(skb_get_nlattr), \
> + FN(skb_get_nlattr_nest),
> +
This is not on latest bpf-next tree.
> /* integer value in 'imm' field of BPF_CALL instruction selects which helper
> * function eBPF program intends to call
> diff --git a/net/core/filter.c b/net/core/filter.c
> index 538f6a7..56a87e1 100644
> --- a/net/core/filter.c
> +++ b/net/core/filter.c
> @@ -2699,6 +2699,24 @@ static const struct bpf_func_proto bpf_set_hash_invalid_proto = {
> .arg1_type = ARG_PTR_TO_CTX,
> };
>
> +static const struct bpf_func_proto bpf_skb_get_nlattr_proto = {
> + .func = bpf_skb_get_nlattr,
> + .gpl_only = false,
> + .ret_type = RET_INTEGER,
> + .arg1_type = ARG_PTR_TO_CTX,
> + .arg2_type = ARG_ANYTHING,
> + .arg3_type = ARG_ANYTHING,
> +};
> +
> +static const struct bpf_func_proto skb_get_nlattr_nest_proto = {
> + .func = bpf_skb_get_nlattr_nest,
> + .gpl_only = false,
> + .ret_type = RET_INTEGER,
> + .arg1_type = ARG_PTR_TO_CTX,
> + .arg2_type = ARG_ANYTHING,
> + .arg3_type = ARG_ANYTHING,
> +};
> +
> BPF_CALL_2(bpf_set_hash, struct sk_buff *, skb, u32, hash)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Support for nlattr and nested_nlattr attribute search in EBPF filter
2020-01-23 15:57 ` Daniel Borkmann
@ 2020-01-27 11:10 ` Kalimuthu Velappan
0 siblings, 0 replies; 3+ messages in thread
From: Kalimuthu Velappan @ 2020-01-27 11:10 UTC (permalink / raw)
To: Daniel Borkmann
Cc: Alexei Starovoitov, Martin KaFai Lau, Song Liu, Yonghong Song,
Andrii Nakryiko, David S. Miller, Stanislav Fomichev,
Quentin Monnet, Andrey Ignatov,
open list:BPF (Safe dynamic programs and tools),
open list:BPF (Safe dynamic programs and tools),
open list
Hi Daniel,
There are few network applications relying on Netlink subsystem to get
notifications for net-device attribute changes like MTU, Speed,
Oper-Status, Name, slave, slave info, etc. The Netlink subsystem
notifies the application on every attribute change regardless of what
is being needed for the application. The attribute search support in
EBPF filter helps to filter the Netlink packets based on the specific
set of attributes that are needed for the application.
The classical BPF supports attribute search but that doesn't support
MAPS. The extended BPF supports MAPS, but the attribute search is not
enabled. Hence this patch enables the support for attribute search in
EBPF.
Thanks
Kals
On Thu, Jan 23, 2020 at 9:27 PM Daniel Borkmann <daniel@iogearbox.net> wrote:
>
> On 1/23/20 2:08 PM, Kalimuthu Velappan wrote:
> > Added attribute search and nested attribute support in EBPF filter
> > functionality.
>
> Your commit describes what the code does, but not the rationale why it's needed
> resp. the use-case you're trying to solve with this.
>
> Also, why it cannot be resolved in native BPF?
>
> > Signed-off-by: Kalimuthu Velappan <kalimuthu.velappan@broadcom.com>
> > ---
> > include/uapi/linux/bpf.h | 5 ++++-
> > net/core/filter.c | 22 ++++++++++++++++++++++
> > tools/include/uapi/linux/bpf.h | 4 +++-
> > 3 files changed, 29 insertions(+), 2 deletions(-)
> >
> > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> > index dbbcf0b..ac9794c 100644
> > --- a/include/uapi/linux/bpf.h
> > +++ b/include/uapi/linux/bpf.h
> > @@ -2938,7 +2938,10 @@ union bpf_attr {
> > FN(probe_read_user), \
> > FN(probe_read_kernel), \
> > FN(probe_read_user_str), \
> > - FN(probe_read_kernel_str),
> > + FN(probe_read_kernel_str), \
> > + FN(skb_get_nlattr), \
> > + FN(skb_get_nlattr_nest),
> > +
>
> This is not on latest bpf-next tree.
>
> > /* integer value in 'imm' field of BPF_CALL instruction selects which helper
> > * function eBPF program intends to call
> > diff --git a/net/core/filter.c b/net/core/filter.c
> > index 538f6a7..56a87e1 100644
> > --- a/net/core/filter.c
> > +++ b/net/core/filter.c
> > @@ -2699,6 +2699,24 @@ static const struct bpf_func_proto bpf_set_hash_invalid_proto = {
> > .arg1_type = ARG_PTR_TO_CTX,
> > };
> >
> > +static const struct bpf_func_proto bpf_skb_get_nlattr_proto = {
> > + .func = bpf_skb_get_nlattr,
> > + .gpl_only = false,
> > + .ret_type = RET_INTEGER,
> > + .arg1_type = ARG_PTR_TO_CTX,
> > + .arg2_type = ARG_ANYTHING,
> > + .arg3_type = ARG_ANYTHING,
> > +};
> > +
> > +static const struct bpf_func_proto skb_get_nlattr_nest_proto = {
> > + .func = bpf_skb_get_nlattr_nest,
> > + .gpl_only = false,
> > + .ret_type = RET_INTEGER,
> > + .arg1_type = ARG_PTR_TO_CTX,
> > + .arg2_type = ARG_ANYTHING,
> > + .arg3_type = ARG_ANYTHING,
> > +};
> > +
> > BPF_CALL_2(bpf_set_hash, struct sk_buff *, skb, u32, hash)
--
Thanks
- Kals
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-01-27 11:18 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-23 13:08 [PATCH] Support for nlattr and nested_nlattr attribute search in EBPF filter Kalimuthu Velappan
2020-01-23 15:57 ` Daniel Borkmann
2020-01-27 11:10 ` Kalimuthu Velappan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).