From: Kumar Kartikeya Dwivedi <firstname.lastname@example.org>
Cc: "Kumar Kartikeya Dwivedi" <email@example.com>,
"Alexei Starovoitov" <firstname.lastname@example.org>,
"Daniel Borkmann" <email@example.com>,
"Andrii Nakryiko" <firstname.lastname@example.org>,
"Martin KaFai Lau" <email@example.com>,
"Song Liu" <firstname.lastname@example.org>, "Yonghong Song" <email@example.com>,
"John Fastabend" <firstname.lastname@example.org>,
"KP Singh" <email@example.com>,
"David S. Miller" <firstname.lastname@example.org>,
"Jakub Kicinski" <email@example.com>,
"Jesper Dangaard Brouer" <firstname.lastname@example.org>,
"Toke Høiland-Jørgensen" <email@example.com>,
Subject: [PATCH bpf-next v4 0/3] Add TC-BPF API
Date: Fri, 23 Apr 2021 20:35:57 +0530 [thread overview]
Message-ID: <firstname.lastname@example.org> (raw)
This is the fourth version of the TC-BPF series.
It adds a simple API that uses netlink to attach the tc filter and its bpf
classifier. Currently, a user needs to shell out to the tc command line to be
able to create filters and attach SCHED_CLS programs as classifiers. With the
help of this API, it will be possible to use libbpf for doing all parts of bpf
program setup and attach.
Changelog contains details of patchset evolution.
In an effort to keep discussion focused, this series doesn't have the high level
TC-BPF API. It was clear that there is a need for a bpf_link API in the kernel,
hence that will be submitted as a separate patchset.
The individual commit messages contain more details, and also a brief summary of
v3 -> v4
* We add a concept of bpf_tc_ctx context structure representing the attach point.
The qdisc setup and delete is tied to this object's lifetime if it succeeds
in creating the clsact qdisc when the attach point is BPF_TC_INGRESS or
BPF_TC_EGRESS. Qdisc is only deleted when there are no filters attached to
it. The struct itself is opaque to the user.
* Refactor all API functions to take ctx.
* Remove bpf_tc_info, bpf_tc_attach_id, instead reuse bpf_tc_opts for filling
in attributes in various API functions (including query).
* Explicitly document the expectation of each function regarding the opts
fields that must be set/unset. Add some small notes for the defaults chosen
by the API.
* Rename bpf_tc_get_info to bpf_tc_query
* Keep the netlink socket open in the context structure to save on open/close
cycles for each operation.
* Miscellaneous adjustments due to keeping the socket open.
* Rewrite the tests, and also add tests for verifying all preconditions of the
* Use bpf skeleton API in examples and tests.
v2 -> v3
* bpf_tc_cls_* -> bpf_tc_* rename
* bpf_tc_attach_id now only consists of handle and priority, the two variables
that user may or may not set.
* bpf_tc_replace has been dropped, instead a replace bool is introduced in
bpf_tc_opts for the same purpose.
* bpf_tc_get_info now takes attach_id for filling in filter details during
lookup instead of requiring user to do so. This also allows us to remove the
fd parameter, as no matching is needed as long as we have all attributes
necessary to identify a specific filter.
* A little bit of code simplification taking into account the change above.
* priority and protocol are now __u16 members in user facing API structs to
reflect actual size.
* Patch updating pkt_cls.h header has been removed, as it is unused now.
* protocol and chain_index options have been dropped in bpf_tc_opts,
protocol is always set to ETH_P_ALL, while chain_index is set as 0 by
default in the kernel. This also means removal of chain_index from
bpf_tc_attach_id, as it is unconditionally always 0.
* bpf_tc_cls_change has been dropped
* selftest now uses ASSERT_* macros
v1 -> v2
* netlink helpers have been renamed to object_action style.
* attach_id now only contains attributes that are not explicitly set. Only
the bare minimum info is kept in it.
* protocol is now an optional and always set to ETH_P_ALL.
* direct-action mode is always set.
* skip_sw and skip_hw options have also been removed.
* bpf_tc_cls_info struct now also returns the bpf program tag and id, as
available in the netlink response. This came up as a requirement during
discussion with people wanting to use this functionality.
* support for attaching SCHED_ACT programs has been dropped, as it isn't
useful without any support for binding loaded actions to a classifier.
* the distinction between dev and block API has been dropped, there is now
a single set of functions and user has to pass the special ifindex value
to indicate operation on a shared filter block on their own.
* The high level API returning a bpf_link is gone. This was already non-
functional for pinning and typical ownership semantics. Instead, a separate
patchset will be sent adding a bpf_link API for attaching SCHED_CLS progs to
the kernel, and its corresponding libbpf API.
* The clsact qdisc is now setup automatically in a best-effort fashion whenever
user passes in the clsact ingress or egress parent id. This is done with
exclusive mode, such that if an ingress or clsact qdisc is already set up,
we skip the setup and move on with filter creation.
* Other minor changes that came up during the course of discussion and rework.
Kumar Kartikeya Dwivedi (3):
libbpf: add helpers for preparing netlink attributes
libbpf: add low level TC-BPF API
libbpf: add selftests for TC-BPF API
tools/lib/bpf/libbpf.h | 92 ++++
tools/lib/bpf/libbpf.map | 5 +
tools/lib/bpf/netlink.c | 515 +++++++++++++++++-
tools/lib/bpf/nlattr.h | 48 ++
.../testing/selftests/bpf/prog_tests/tc_bpf.c | 204 +++++++
.../testing/selftests/bpf/progs/test_tc_bpf.c | 12 +
6 files changed, 854 insertions(+), 22 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/tc_bpf.c
create mode 100644 tools/testing/selftests/bpf/progs/test_tc_bpf.c
next reply other threads:[~2021-04-23 15:06 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-23 15:05 Kumar Kartikeya Dwivedi [this message]
2021-04-23 15:05 ` [PATCH bpf-next v4 1/3] libbpf: add helpers for preparing netlink attributes Kumar Kartikeya Dwivedi
2021-04-23 15:05 ` [PATCH bpf-next v4 2/3] libbpf: add low level TC-BPF API Kumar Kartikeya Dwivedi
2021-04-27 15:04 ` Daniel Borkmann
2021-04-27 18:00 ` Toke Høiland-Jørgensen
2021-04-27 18:02 ` Kumar Kartikeya Dwivedi
2021-04-27 18:15 ` Toke Høiland-Jørgensen
2021-04-27 21:55 ` Daniel Borkmann
2021-04-27 22:05 ` Daniel Borkmann
2021-04-27 22:32 ` Daniel Borkmann
2021-04-27 22:36 ` Toke Høiland-Jørgensen
2021-04-27 22:40 ` Daniel Borkmann
2021-04-27 22:51 ` Toke Høiland-Jørgensen
2021-04-27 23:14 ` Daniel Borkmann
2021-04-27 23:19 ` Kumar Kartikeya Dwivedi
2021-04-27 20:36 ` Andrii Nakryiko
2021-04-23 15:06 ` [PATCH bpf-next v4 3/3] libbpf: add selftests for " Kumar Kartikeya Dwivedi
2021-04-27 21:50 ` Andrii Nakryiko
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).