2023-04-07 13:38:54 +00:00
|
|
|
// SPDX-License-Identifier: GPL-2.0-only
|
|
|
|
/* Unstable Fou Helpers for TC-BPF hook
|
|
|
|
*
|
|
|
|
* These are called from SCHED_CLS BPF programs. Note that it is
|
|
|
|
* allowed to break compatibility for these functions since the interface they
|
|
|
|
* are exposed through to BPF programs is explicitly unstable.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/bpf.h>
|
|
|
|
#include <linux/btf_ids.h>
|
|
|
|
|
|
|
|
#include <net/dst_metadata.h>
|
|
|
|
#include <net/fou.h>
|
|
|
|
|
|
|
|
struct bpf_fou_encap {
|
|
|
|
__be16 sport;
|
|
|
|
__be16 dport;
|
|
|
|
};
|
|
|
|
|
|
|
|
enum bpf_fou_encap_type {
|
|
|
|
FOU_BPF_ENCAP_FOU,
|
|
|
|
FOU_BPF_ENCAP_GUE,
|
|
|
|
};
|
|
|
|
|
2023-10-31 21:56:24 +00:00
|
|
|
__bpf_kfunc_start_defs();
|
2023-04-07 13:38:54 +00:00
|
|
|
|
|
|
|
/* bpf_skb_set_fou_encap - Set FOU encap parameters
|
|
|
|
*
|
|
|
|
* This function allows for using GUE or FOU encapsulation together with an
|
|
|
|
* ipip device in collect-metadata mode.
|
|
|
|
*
|
|
|
|
* It is meant to be used in BPF tc-hooks and after a call to the
|
|
|
|
* bpf_skb_set_tunnel_key helper, responsible for setting IP addresses.
|
|
|
|
*
|
|
|
|
* Parameters:
|
|
|
|
* @skb_ctx Pointer to ctx (__sk_buff) in TC program. Cannot be NULL
|
|
|
|
* @encap Pointer to a `struct bpf_fou_encap` storing UDP src and
|
|
|
|
* dst ports. If sport is set to 0 the kernel will auto-assign a
|
|
|
|
* port. This is similar to using `encap-sport auto`.
|
|
|
|
* Cannot be NULL
|
|
|
|
* @type Encapsulation type for the packet. Their definitions are
|
|
|
|
* specified in `enum bpf_fou_encap_type`
|
|
|
|
*/
|
|
|
|
__bpf_kfunc int bpf_skb_set_fou_encap(struct __sk_buff *skb_ctx,
|
|
|
|
struct bpf_fou_encap *encap, int type)
|
|
|
|
{
|
|
|
|
struct sk_buff *skb = (struct sk_buff *)skb_ctx;
|
|
|
|
struct ip_tunnel_info *info = skb_tunnel_info(skb);
|
|
|
|
|
|
|
|
if (unlikely(!encap))
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
if (unlikely(!info || !(info->mode & IP_TUNNEL_INFO_TX)))
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
switch (type) {
|
|
|
|
case FOU_BPF_ENCAP_FOU:
|
|
|
|
info->encap.type = TUNNEL_ENCAP_FOU;
|
|
|
|
break;
|
|
|
|
case FOU_BPF_ENCAP_GUE:
|
|
|
|
info->encap.type = TUNNEL_ENCAP_GUE;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
info->encap.type = TUNNEL_ENCAP_NONE;
|
|
|
|
}
|
|
|
|
|
ip_tunnel: convert __be16 tunnel flags to bitmaps
Historically, tunnel flags like TUNNEL_CSUM or TUNNEL_ERSPAN_OPT
have been defined as __be16. Now all of those 16 bits are occupied
and there's no more free space for new flags.
It can't be simply switched to a bigger container with no
adjustments to the values, since it's an explicit Endian storage,
and on LE systems (__be16)0x0001 equals to
(__be64)0x0001000000000000.
We could probably define new 64-bit flags depending on the
Endianness, i.e. (__be64)0x0001 on BE and (__be64)0x00010000... on
LE, but that would introduce an Endianness dependency and spawn a
ton of Sparse warnings. To mitigate them, all of those places which
were adjusted with this change would be touched anyway, so why not
define stuff properly if there's no choice.
Define IP_TUNNEL_*_BIT counterparts as a bit number instead of the
value already coded and a fistful of <16 <-> bitmap> converters and
helpers. The two flags which have a different bit position are
SIT_ISATAP_BIT and VTI_ISVTI_BIT, as they were defined not as
__cpu_to_be16(), but as (__force __be16), i.e. had different
positions on LE and BE. Now they both have strongly defined places.
Change all __be16 fields which were used to store those flags, to
IP_TUNNEL_DECLARE_FLAGS() -> DECLARE_BITMAP(__IP_TUNNEL_FLAG_NUM) ->
unsigned long[1] for now, and replace all TUNNEL_* occurrences to
their bitmap counterparts. Use the converters in the places which talk
to the userspace, hardware (NFP) or other hosts (GRE header). The rest
must explicitly use the new flags only. This must be done at once,
otherwise there will be too many conversions throughout the code in
the intermediate commits.
Finally, disable the old __be16 flags for use in the kernel code
(except for the two 'irregular' flags mentioned above), to prevent
any accidental (mis)use of them. For the userspace, nothing is
changed, only additions were made.
Most noticeable bloat-o-meter difference (.text):
vmlinux: 307/-1 (306)
gre.ko: 62/0 (62)
ip_gre.ko: 941/-217 (724) [*]
ip_tunnel.ko: 390/-900 (-510) [**]
ip_vti.ko: 138/0 (138)
ip6_gre.ko: 534/-18 (516) [*]
ip6_tunnel.ko: 118/-10 (108)
[*] gre_flags_to_tnl_flags() grew, but still is inlined
[**] ip_tunnel_find() got uninlined, hence such decrease
The average code size increase in non-extreme case is 100-200 bytes
per module, mostly due to sizeof(long) > sizeof(__be16), as
%__IP_TUNNEL_FLAG_NUM is less than %BITS_PER_LONG and the compilers
are able to expand the majority of bitmap_*() calls here into direct
operations on scalars.
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: Alexander Lobakin <aleksander.lobakin@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2024-03-27 15:23:53 +00:00
|
|
|
if (test_bit(IP_TUNNEL_CSUM_BIT, info->key.tun_flags))
|
2023-04-07 13:38:54 +00:00
|
|
|
info->encap.flags |= TUNNEL_ENCAP_FLAG_CSUM;
|
|
|
|
|
|
|
|
info->encap.sport = encap->sport;
|
|
|
|
info->encap.dport = encap->dport;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* bpf_skb_get_fou_encap - Get FOU encap parameters
|
|
|
|
*
|
|
|
|
* This function allows for reading encap metadata from a packet received
|
|
|
|
* on an ipip device in collect-metadata mode.
|
|
|
|
*
|
|
|
|
* Parameters:
|
|
|
|
* @skb_ctx Pointer to ctx (__sk_buff) in TC program. Cannot be NULL
|
|
|
|
* @encap Pointer to a struct bpf_fou_encap storing UDP source and
|
|
|
|
* destination port. Cannot be NULL
|
|
|
|
*/
|
|
|
|
__bpf_kfunc int bpf_skb_get_fou_encap(struct __sk_buff *skb_ctx,
|
|
|
|
struct bpf_fou_encap *encap)
|
|
|
|
{
|
|
|
|
struct sk_buff *skb = (struct sk_buff *)skb_ctx;
|
|
|
|
struct ip_tunnel_info *info = skb_tunnel_info(skb);
|
|
|
|
|
|
|
|
if (unlikely(!info))
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
encap->sport = info->encap.sport;
|
|
|
|
encap->dport = info->encap.dport;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2023-10-31 21:56:24 +00:00
|
|
|
__bpf_kfunc_end_defs();
|
2023-04-07 13:38:54 +00:00
|
|
|
|
2024-01-29 01:24:08 +00:00
|
|
|
BTF_KFUNCS_START(fou_kfunc_set)
|
2023-04-07 13:38:54 +00:00
|
|
|
BTF_ID_FLAGS(func, bpf_skb_set_fou_encap)
|
|
|
|
BTF_ID_FLAGS(func, bpf_skb_get_fou_encap)
|
2024-01-29 01:24:08 +00:00
|
|
|
BTF_KFUNCS_END(fou_kfunc_set)
|
2023-04-07 13:38:54 +00:00
|
|
|
|
|
|
|
static const struct btf_kfunc_id_set fou_bpf_kfunc_set = {
|
|
|
|
.owner = THIS_MODULE,
|
|
|
|
.set = &fou_kfunc_set,
|
|
|
|
};
|
|
|
|
|
|
|
|
int register_fou_bpf(void)
|
|
|
|
{
|
|
|
|
return register_btf_kfunc_id_set(BPF_PROG_TYPE_SCHED_CLS,
|
|
|
|
&fou_bpf_kfunc_set);
|
|
|
|
}
|