diff options
| author | Martin KaFai Lau <martin.lau@kernel.org> | 2023-10-25 02:05:02 +0300 |
|---|---|---|
| committer | Martin KaFai Lau <martin.lau@kernel.org> | 2023-10-25 02:07:48 +0300 |
| commit | 22360fad5889cbefe1eca695b0cc0273ab280b56 (patch) | |
| tree | 33ca776f10feda7e38956dc26edf74fd1bbc88da /include | |
| parent | 42d31dd601fa43b9afdf069d1ba410b2306a4c76 (diff) | |
| parent | ace15f91e569172dac71ae0aeb3a2e76d1ce1b17 (diff) | |
| download | linux-22360fad5889cbefe1eca695b0cc0273ab280b56.tar.xz | |
Merge branch 'Add bpf programmable net device'
Daniel Borkmann says:
====================
This work adds a BPF programmable device which can operate in L3 or L2
mode where the BPF program is part of the xmit routine. It's program
management is done via bpf_mprog and it comes with BPF link support.
For details see patch 1 and following. Thanks!
v3 -> v4:
- Moved netkit_release_all() into ndo_uninit (Stan)
- Two small commit msg corrections (Toke)
- Added Acked/Reviewed-by
v2 -> v3:
- Remove setting dev->min_mtu to ETH_MIN_MTU (Andrew)
- Do not populate ethtool info->version (Andrew)
- Populate netdev private data before register_netdevice (Andrew)
- Use strscpy for ifname template (Jakub)
- Use GFP_KERNEL_ACCOUNT for link kzalloc (Jakub)
- Carry and dump link attach type for bpftool (Toke)
v1 -> v2:
- Rename from meta (Toke, Andrii, Alexei)
- Reuse skb_scrub_packet (Stan)
- Remove IFF_META and use netdev_ops (Toke)
- Add comment to multicast handler (Toke)
- Remove silly version info (Toke)
- Fix attach_type_name (Quentin)
- Rework libbpf link attach api to be similar
as tcx (Andrii)
- Move flags last for bpf_netkit_opts (Andrii)
- Rebased to bpf_mprog query api changes
- Folded link support patch into main one
====================
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/net/netkit.h | 38 | ||||
| -rw-r--r-- | include/uapi/linux/bpf.h | 14 | ||||
| -rw-r--r-- | include/uapi/linux/if_link.h | 24 |
3 files changed, 76 insertions, 0 deletions
diff --git a/include/net/netkit.h b/include/net/netkit.h new file mode 100644 index 000000000000..0ba2e6b847ca --- /dev/null +++ b/include/net/netkit.h @@ -0,0 +1,38 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* Copyright (c) 2023 Isovalent */ +#ifndef __NET_NETKIT_H +#define __NET_NETKIT_H + +#include <linux/bpf.h> + +#ifdef CONFIG_NETKIT +int netkit_prog_attach(const union bpf_attr *attr, struct bpf_prog *prog); +int netkit_link_attach(const union bpf_attr *attr, struct bpf_prog *prog); +int netkit_prog_detach(const union bpf_attr *attr, struct bpf_prog *prog); +int netkit_prog_query(const union bpf_attr *attr, union bpf_attr __user *uattr); +#else +static inline int netkit_prog_attach(const union bpf_attr *attr, + struct bpf_prog *prog) +{ + return -EINVAL; +} + +static inline int netkit_link_attach(const union bpf_attr *attr, + struct bpf_prog *prog) +{ + return -EINVAL; +} + +static inline int netkit_prog_detach(const union bpf_attr *attr, + struct bpf_prog *prog) +{ + return -EINVAL; +} + +static inline int netkit_prog_query(const union bpf_attr *attr, + union bpf_attr __user *uattr) +{ + return -EINVAL; +} +#endif /* CONFIG_NETKIT */ +#endif /* __NET_NETKIT_H */ diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index 7ba61b75bc0e..0f6cdf52b1da 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -1052,6 +1052,8 @@ enum bpf_attach_type { BPF_CGROUP_UNIX_RECVMSG, BPF_CGROUP_UNIX_GETPEERNAME, BPF_CGROUP_UNIX_GETSOCKNAME, + BPF_NETKIT_PRIMARY, + BPF_NETKIT_PEER, __MAX_BPF_ATTACH_TYPE }; @@ -1071,6 +1073,7 @@ enum bpf_link_type { BPF_LINK_TYPE_NETFILTER = 10, BPF_LINK_TYPE_TCX = 11, BPF_LINK_TYPE_UPROBE_MULTI = 12, + BPF_LINK_TYPE_NETKIT = 13, MAX_BPF_LINK_TYPE, }; @@ -1656,6 +1659,13 @@ union bpf_attr { __u32 flags; __u32 pid; } uprobe_multi; + struct { + union { + __u32 relative_fd; + __u32 relative_id; + }; + __u64 expected_revision; + } netkit; }; } link_create; @@ -6576,6 +6586,10 @@ struct bpf_link_info { __u32 ifindex; __u32 attach_type; } tcx; + struct { + __u32 ifindex; + __u32 attach_type; + } netkit; }; } __attribute__((aligned(8))); diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h index fac351a93aed..a0aa05a28cf2 100644 --- a/include/uapi/linux/if_link.h +++ b/include/uapi/linux/if_link.h @@ -756,6 +756,30 @@ struct tunnel_msg { __u32 ifindex; }; +/* netkit section */ +enum netkit_action { + NETKIT_NEXT = -1, + NETKIT_PASS = 0, + NETKIT_DROP = 2, + NETKIT_REDIRECT = 7, +}; + +enum netkit_mode { + NETKIT_L2, + NETKIT_L3, +}; + +enum { + IFLA_NETKIT_UNSPEC, + IFLA_NETKIT_PEER_INFO, + IFLA_NETKIT_PRIMARY, + IFLA_NETKIT_POLICY, + IFLA_NETKIT_PEER_POLICY, + IFLA_NETKIT_MODE, + __IFLA_NETKIT_MAX, +}; +#define IFLA_NETKIT_MAX (__IFLA_NETKIT_MAX - 1) + /* VXLAN section */ /* include statistics in the dump */ |