From patchwork Wed Aug 18 10:58:19 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xu Liu X-Patchwork-Id: 499571 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4E94EC4320E for ; Wed, 18 Aug 2021 10:58:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 327676102A for ; Wed, 18 Aug 2021 10:58:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235386AbhHRK7O (ORCPT ); Wed, 18 Aug 2021 06:59:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57174 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235218AbhHRK7H (ORCPT ); Wed, 18 Aug 2021 06:59:07 -0400 Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF69EC0613D9; Wed, 18 Aug 2021 03:58:32 -0700 (PDT) Received: by mail-pf1-x42c.google.com with SMTP id k19so1740312pfc.11; Wed, 18 Aug 2021 03:58:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=9WMFUZKDxMfxw44rjP6HLGPmcDMjc9RuKsGPbEWZGyw=; b=WQuiHiIFqC05MBRV5TAarkrtZG7J96E8DBWZtPs8QVxnxLUAiE0SeQEx2m7zHktb/m afH/bIUn/5r3phNpeRP2DFbsF2T8VHcoAVFkQcKQYqlFTiuU+hh+Ytr2VKZB6Lj52Mp0 X7iLIcMqRytzyhgLlYeV7DKnmEzLMGwun2aN80BEImxFM4mfOL+7v2cF0mhwNH+OtJ5b NRML6mYKR2nWHIjaMWvrcGQO2nBkM2a9106shtyaatjl+MWn0jIbiwGaXFkz/mrL2I3f 9NCDq5tXRaVTzCYGZWwCncFdm2krvCsgtyBgRSakc9egDJCJczo9LqrYIGSnIgyyPlGG oz1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9WMFUZKDxMfxw44rjP6HLGPmcDMjc9RuKsGPbEWZGyw=; b=FBnI0oa4dCLaASlCCw9Zx5gLZl09V+PRbyI8WoP78VZnCKOkLrYe2CFfnJscI6ppc/ JGPEZatnupUISc9N6nAnoPJILBVcX1LoHmvlch8sNS1O1+h8RGu8g+9PF55oIncBVJrd 8TnShuy7DN+4zVikBMzvNeh1EAU22CHqNUK/85D08fd83kkV2lluZ06uiBTz/g2j9Nad dSjWCuYQxYeOb6JQ+ngIJbHRGET4uOcHvRYiwgz6Z53iYfvGj1uUfEeaLSZf5YNvfm3s MMrTj4DvpgEL75FaugAn+GpgRVW+Tty9k0kl1hboF3jRpcXWhOUXTVtDnnbuPNn45tfC AD3A== X-Gm-Message-State: AOAM533ew2Unz7DF/VXDILrxrhNb1F7UVoMnyKRujJlGt2zBQzSy79eX s9uWrKdHugNK0H22p/6VNA8= X-Google-Smtp-Source: ABdhPJxeTjPy6/87FIkM+w3vnGVmnNd5a69a/n4WBNtayD2PthQOQvHBHGZFbBwrLX2k5lqdqJqfYw== X-Received: by 2002:a63:83c7:: with SMTP id h190mr8408230pge.51.1629284312445; Wed, 18 Aug 2021 03:58:32 -0700 (PDT) Received: from IRVINGLIU-MB0.tencent.com ([203.205.141.117]) by smtp.gmail.com with ESMTPSA id b190sm7099440pgc.91.2021.08.18.03.58.29 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 18 Aug 2021 03:58:32 -0700 (PDT) From: Xu Liu To: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, kafai@fb.com, songliubraving@fb.com, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, davem@davemloft.net, kuba@kernel.org Cc: netdev@vger.kernel.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org, Xu Liu Subject: [PATCH bpf-next v2 1/2] bpf: Allow bpf_get_netns_cookie in BPF_PROG_TYPE_SOCK_OPS Date: Wed, 18 Aug 2021 18:58:19 +0800 Message-Id: <20210818105820.91894-2-liuxu623@gmail.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20210818105820.91894-1-liuxu623@gmail.com> References: <20210818105820.91894-1-liuxu623@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org We'd like to be able to identify netns from sockops hooks to accelerate local process communication form different netns. Signed-off-by: Xu Liu --- net/core/filter.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/net/core/filter.c b/net/core/filter.c index d70187ce851b..34938a537931 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -4664,6 +4664,18 @@ static const struct bpf_func_proto bpf_get_netns_cookie_sock_addr_proto = { .arg1_type = ARG_PTR_TO_CTX_OR_NULL, }; +BPF_CALL_1(bpf_get_netns_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx) +{ + return __bpf_get_netns_cookie(ctx ? ctx->sk : NULL); +} + +static const struct bpf_func_proto bpf_get_netns_cookie_sock_ops_proto = { + .func = bpf_get_netns_cookie_sock_ops, + .gpl_only = false, + .ret_type = RET_INTEGER, + .arg1_type = ARG_PTR_TO_CTX_OR_NULL, +}; + BPF_CALL_1(bpf_get_socket_uid, struct sk_buff *, skb) { struct sock *sk = sk_to_full_sk(skb->sk); @@ -7445,6 +7457,8 @@ sock_ops_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) return &bpf_sk_storage_get_proto; case BPF_FUNC_sk_storage_delete: return &bpf_sk_storage_delete_proto; + case BPF_FUNC_get_netns_cookie: + return &bpf_get_netns_cookie_sock_ops_proto; #ifdef CONFIG_INET case BPF_FUNC_load_hdr_opt: return &bpf_sock_ops_load_hdr_opt_proto; From patchwork Wed Aug 18 10:58:20 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xu Liu X-Patchwork-Id: 500304 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 65130C432BE for ; Wed, 18 Aug 2021 10:58:49 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 47D1261029 for ; Wed, 18 Aug 2021 10:58:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235405AbhHRK7V (ORCPT ); Wed, 18 Aug 2021 06:59:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57200 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235126AbhHRK7L (ORCPT ); Wed, 18 Aug 2021 06:59:11 -0400 Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4DADEC0613D9; Wed, 18 Aug 2021 03:58:37 -0700 (PDT) Received: by mail-pf1-x431.google.com with SMTP id m26so1734130pff.3; Wed, 18 Aug 2021 03:58:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=5ARDh7zwSb2X5RObytIAU8QGeSNvl46IYM6BIWZuQHU=; b=kgz0j3/ZG5layIgNAKSLvmcq9bWDXQP5wO8sD43K3y9/ZGRmQQAERtK2A9qODJ1jI7 PFjFK0c5msANswvgIHnLeZV39qsLJWn32SOLkpFgeq9IcOGGxP1I7cPTaegGXeQjL8YN ChdGueOimURrUxVDboS+9KgDIeInZ18njgbeyJvoTmIx3STEn7viX79Pf5AgqobNLlqD g+kC4H5RiRTCxB2aZcyfr6Me0rRVmbdOuYSqI65F1fBk33ICF2wdof57wZ+B8VcTSPpO S0AWzBgyMyPOC4Qj2uFmGTp+tnrfgVa8cYU+3oJpBel2e8eCuBL6skVwUkKZ16jlLuR7 sueg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5ARDh7zwSb2X5RObytIAU8QGeSNvl46IYM6BIWZuQHU=; b=nAVPqsxSdieOPhPaB+jNSuE87QEvY7Bf3h0IhbtEMuaPUZasFHvCmCvAZWJcw01HKd FpOB9MOgly6Rm/0PxfK6AbFWrV0aFAXxf3LJPgFinq8t+D3CGMBDxLYQxNVjS5RB7IYQ U7Bwpr7YTj0jtPg+YIy5VQIh1rSNNWnolxLI9KAzjyxfk663YCRsvxoJPzCaYH4fYXxG 6b7bxwycSy6z/TYfIceYVEl6kHRcuDg475i5hHbhr7ynpspJtuZEdAsNCB/3EoHCHqzE QffcRZAVgx75/j1ZeJU5Q4zRYZ0nw2cfGnpPiZ4SkKJY7kQusgfiyKotKyBobIgS7Pfe ARGQ== X-Gm-Message-State: AOAM531Ruc9J1NeAS3kPvThduEGG7B2OGcLugAPTTc03V0JchXSLdWbf BLjfH+RZhdqaOrIXb0MDK1M= X-Google-Smtp-Source: ABdhPJw9BpE+Hvns4NnirXV/b/Mn11VgwyMngLva03K9N8cnsYeEB/iBdB4SI3dih+eaj48zaStnYg== X-Received: by 2002:a63:1a65:: with SMTP id a37mr8432809pgm.338.1629284316963; Wed, 18 Aug 2021 03:58:36 -0700 (PDT) Received: from IRVINGLIU-MB0.tencent.com ([203.205.141.117]) by smtp.gmail.com with ESMTPSA id b190sm7099440pgc.91.2021.08.18.03.58.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 18 Aug 2021 03:58:36 -0700 (PDT) From: Xu Liu To: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, kafai@fb.com, songliubraving@fb.com, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, davem@davemloft.net, kuba@kernel.org Cc: netdev@vger.kernel.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org, Xu Liu Subject: [PATCH bpf-next v2 2/2] selftests/bpf: Test for get_netns_cookie Date: Wed, 18 Aug 2021 18:58:20 +0800 Message-Id: <20210818105820.91894-3-liuxu623@gmail.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20210818105820.91894-1-liuxu623@gmail.com> References: <20210818105820.91894-1-liuxu623@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Add test to use get_netns_cookie() from BPF_PROG_TYPE_SOCK_OPS. Signed-off-by: Xu Liu --- .../selftests/bpf/prog_tests/netns_cookie.c | 61 +++++++++++++++++++ .../selftests/bpf/progs/netns_cookie_prog.c | 39 ++++++++++++ 2 files changed, 100 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/netns_cookie.c create mode 100644 tools/testing/selftests/bpf/progs/netns_cookie_prog.c diff --git a/tools/testing/selftests/bpf/prog_tests/netns_cookie.c b/tools/testing/selftests/bpf/prog_tests/netns_cookie.c new file mode 100644 index 000000000000..6f3cd472fb65 --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/netns_cookie.c @@ -0,0 +1,61 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include "netns_cookie_prog.skel.h" +#include "network_helpers.h" + +#ifndef SO_NETNS_COOKIE +#define SO_NETNS_COOKIE 71 +#endif + +static int duration; + +void test_netns_cookie(void) +{ + int server_fd = 0, client_fd = 0, cgroup_fd = 0, err = 0, val = 0; + struct netns_cookie_prog *skel; + uint64_t cookie_expected_value; + socklen_t vallen = sizeof(cookie_expected_value); + + skel = netns_cookie_prog__open_and_load(); + if (!ASSERT_OK_PTR(skel, "skel_open")) + return; + + cgroup_fd = test__join_cgroup("/netns_cookie"); + if (CHECK(cgroup_fd < 0, "join_cgroup", "cgroup creation failed\n")) + goto out; + + skel->links.get_netns_cookie_sockops = bpf_program__attach_cgroup( + skel->progs.get_netns_cookie_sockops, cgroup_fd); + if (!ASSERT_OK_PTR(skel->links.get_netns_cookie_sockops, "prog_attach")) + goto close_cgroup_fd; + + server_fd = start_server(AF_INET6, SOCK_STREAM, "::1", 0, 0); + if (CHECK(server_fd < 0, "start_server", "errno %d\n", errno)) + goto close_cgroup_fd; + + client_fd = connect_to_fd(server_fd, 0); + if (CHECK(client_fd < 0, "connect_to_fd", "errno %d\n", errno)) + goto close_server_fd; + + err = bpf_map_lookup_elem(bpf_map__fd(skel->maps.netns_cookies), + &client_fd, &val); + if (!ASSERT_OK(err, "map_lookup(socket_cookies)")) + goto close_client_fd; + + err = getsockopt(client_fd, SOL_SOCKET, SO_NETNS_COOKIE, + &cookie_expected_value, &vallen); + if (!ASSERT_OK(err, "getsockopt)")) + goto close_client_fd; + + ASSERT_EQ(val, cookie_expected_value, "cookie_value"); + +close_client_fd: + close(client_fd); +close_server_fd: + close(server_fd); +close_cgroup_fd: + close(cgroup_fd); +out: + netns_cookie_prog__destroy(skel); +} diff --git a/tools/testing/selftests/bpf/progs/netns_cookie_prog.c b/tools/testing/selftests/bpf/progs/netns_cookie_prog.c new file mode 100644 index 000000000000..4ed8d75aa299 --- /dev/null +++ b/tools/testing/selftests/bpf/progs/netns_cookie_prog.c @@ -0,0 +1,39 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include "vmlinux.h" + +#include + +#define AF_INET6 10 + +struct { + __uint(type, BPF_MAP_TYPE_SK_STORAGE); + __uint(map_flags, BPF_F_NO_PREALLOC); + __type(key, int); + __type(value, int); +} netns_cookies SEC(".maps"); + +SEC("sockops") +int get_netns_cookie_sockops(struct bpf_sock_ops *ctx) +{ + struct bpf_sock *sk = ctx->sk; + int *cookie; + + if (ctx->family != AF_INET6) + return 1; + + if (ctx->op != BPF_SOCK_OPS_TCP_CONNECT_CB) + return 1; + + if (!sk) + return 1; + + cookie = bpf_sk_storage_get(&netns_cookies, sk, 0, + BPF_SK_STORAGE_GET_F_CREATE); + if (!cookie) + return 1; + + *cookie = bpf_get_netns_cookie(ctx); + + return 1; +}