| Message ID | 20210226035721.40054-1-hxseverything@gmail.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [PATCH/v3] bpf: add bpf_skb_adjust_room flag BPF_F_ADJ_ROOM_ENCAP_L2_ETH | expand |
On Thu, Feb 25, 2021 at 7:59 PM Xuesen Huang <hxseverything@gmail.com> wrote: > v3: > - Fix the code format. > > v2: > Suggested-by: Willem de Bruijn <willemb@google.com> > - Add a new flag to specify the type of the inner packet. These need to be moved after '---', otherwise it would be merged into the final git log. > > Suggested-by: Willem de Bruijn <willemb@google.com> > Signed-off-by: Xuesen Huang <huangxuesen@kuaishou.com> > Signed-off-by: Zhiyong Cheng <chengzhiyong@kuaishou.com> > Signed-off-by: Li Wang <wangli09@kuaishou.com> > --- > include/uapi/linux/bpf.h | 5 +++++ > net/core/filter.c | 11 ++++++++++- > tools/include/uapi/linux/bpf.h | 5 +++++ > 3 files changed, 20 insertions(+), 1 deletion(-) As a good practice, please add a test case for this in tools/testing/selftests/bpf/progs/test_tc_tunnel.c. Thanks.
On Fri, Feb 26, 2021 at 3:15 PM Cong Wang <xiyou.wangcong@gmail.com> wrote: > > On Thu, Feb 25, 2021 at 7:59 PM Xuesen Huang <hxseverything@gmail.com> wrote: > > v3: > > - Fix the code format. > > > > v2: > > Suggested-by: Willem de Bruijn <willemb@google.com> > > - Add a new flag to specify the type of the inner packet. > > These need to be moved after '---', otherwise it would be merged > into the final git log. > > > > > Suggested-by: Willem de Bruijn <willemb@google.com> > > Signed-off-by: Xuesen Huang <huangxuesen@kuaishou.com> > > Signed-off-by: Zhiyong Cheng <chengzhiyong@kuaishou.com> > > Signed-off-by: Li Wang <wangli09@kuaishou.com> > > --- > > include/uapi/linux/bpf.h | 5 +++++ > > net/core/filter.c | 11 ++++++++++- > > tools/include/uapi/linux/bpf.h | 5 +++++ > > 3 files changed, 20 insertions(+), 1 deletion(-) > > As a good practice, please add a test case for this in > tools/testing/selftests/bpf/progs/test_tc_tunnel.c. That's a great idea. This function covers a lot of cases. Can use the code coverage against regressions. With that caveat, looks great to me, thanks.
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index 77d7c1b..d791596 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -1751,6 +1751,10 @@ struct bpf_stack_build_id { * Use with ENCAP_L3/L4 flags to further specify the tunnel * type; *len* is the length of the inner MAC header. * + * * **BPF_F_ADJ_ROOM_ENCAP_L2_ETH**: + * Use with BPF_F_ADJ_ROOM_ENCAP_L2 flag to further specify the + * L2 type as Ethernet. + * * A call to this helper is susceptible to change the underlying * packet buffer. Therefore, at load time, all checks on pointers * previously done by the verifier are invalidated and must be @@ -4088,6 +4092,7 @@ enum { BPF_F_ADJ_ROOM_ENCAP_L4_GRE = (1ULL << 3), BPF_F_ADJ_ROOM_ENCAP_L4_UDP = (1ULL << 4), BPF_F_ADJ_ROOM_NO_CSUM_RESET = (1ULL << 5), + BPF_F_ADJ_ROOM_ENCAP_L2_ETH = (1ULL << 6), }; enum { diff --git a/net/core/filter.c b/net/core/filter.c index 255aeee..8d1fb61 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -3412,6 +3412,7 @@ static u32 bpf_skb_net_base_len(const struct sk_buff *skb) BPF_F_ADJ_ROOM_ENCAP_L3_MASK | \ BPF_F_ADJ_ROOM_ENCAP_L4_GRE | \ BPF_F_ADJ_ROOM_ENCAP_L4_UDP | \ + BPF_F_ADJ_ROOM_ENCAP_L2_ETH | \ BPF_F_ADJ_ROOM_ENCAP_L2( \ BPF_ADJ_ROOM_ENCAP_L2_MASK)) @@ -3448,6 +3449,10 @@ static int bpf_skb_net_grow(struct sk_buff *skb, u32 off, u32 len_diff, flags & BPF_F_ADJ_ROOM_ENCAP_L4_UDP) return -EINVAL; + if (flags & BPF_F_ADJ_ROOM_ENCAP_L2_ETH && + inner_mac_len < ETH_HLEN) + return -EINVAL; + if (skb->encapsulation) return -EALREADY; @@ -3466,7 +3471,11 @@ static int bpf_skb_net_grow(struct sk_buff *skb, u32 off, u32 len_diff, skb->inner_mac_header = inner_net - inner_mac_len; skb->inner_network_header = inner_net; skb->inner_transport_header = inner_trans; - skb_set_inner_protocol(skb, skb->protocol); + + if (flags & BPF_F_ADJ_ROOM_ENCAP_L2_ETH) + skb_set_inner_protocol(skb, htons(ETH_P_TEB)); + else + skb_set_inner_protocol(skb, skb->protocol); skb->encapsulation = 1; skb_set_network_header(skb, mac_len); diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h index 77d7c1b..d791596 100644 --- a/tools/include/uapi/linux/bpf.h +++ b/tools/include/uapi/linux/bpf.h @@ -1751,6 +1751,10 @@ struct bpf_stack_build_id { * Use with ENCAP_L3/L4 flags to further specify the tunnel * type; *len* is the length of the inner MAC header. * + * * **BPF_F_ADJ_ROOM_ENCAP_L2_ETH**: + * Use with BPF_F_ADJ_ROOM_ENCAP_L2 flag to further specify the + * L2 type as Ethernet. + * * A call to this helper is susceptible to change the underlying * packet buffer. Therefore, at load time, all checks on pointers * previously done by the verifier are invalidated and must be @@ -4088,6 +4092,7 @@ enum { BPF_F_ADJ_ROOM_ENCAP_L4_GRE = (1ULL << 3), BPF_F_ADJ_ROOM_ENCAP_L4_UDP = (1ULL << 4), BPF_F_ADJ_ROOM_NO_CSUM_RESET = (1ULL << 5), + BPF_F_ADJ_ROOM_ENCAP_L2_ETH = (1ULL << 6), }; enum {