mirror of
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git
synced 2024-11-16 22:45:17 +08:00
11c39b5e98
This work adds the tc frontend for kernel commit e2e9b6541dd4 ("cls_bpf:
add initial eBPF support for programmable classifiers").
A C-like classifier program (f.e. see e2e9b6541dd4) is being compiled via
LLVM's eBPF backend into an ELF file, that is then being passed to tc. tc
then loads, if any, eBPF maps and eBPF opcodes (with fixed-up eBPF map file
descriptors) out of its dedicated sections, and via bpf(2) into the kernel
and then the resulting fd via netlink down to cls_bpf. cls_bpf allows for
annotations, currently, I've used the file name for that, so that the user
can easily identify his filter when dumping configurations back.
Example usage:
clang -O2 -emit-llvm -c cls.c -o - | llc -march=bpf -filetype=obj -o cls.o
tc filter add dev em1 parent 1: bpf run object-file cls.o classid x:y
tc filter show dev em1 [...]
filter parent 1: protocol all pref 49152 bpf handle 0x1 flowid x:y cls.o
I placed the parser bits derived from Alexei's kernel sample, into tc_bpf.c
as my next step is to also add the same support for BPF action, so we can
have a fully fledged eBPF classifier and action in tc.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
85 lines
2.1 KiB
C
85 lines
2.1 KiB
C
/*
|
|
* tc_bpf.h BPF common code
|
|
*
|
|
* This program is free software; you can distribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version
|
|
* 2 of the License, or (at your option) any later version.
|
|
*
|
|
* Authors: Daniel Borkmann <dborkman@redhat.com>
|
|
* Jiri Pirko <jiri@resnulli.us>
|
|
*/
|
|
|
|
#ifndef _TC_BPF_H_
|
|
#define _TC_BPF_H_ 1
|
|
|
|
#include <linux/filter.h>
|
|
#include <linux/netlink.h>
|
|
#include <linux/rtnetlink.h>
|
|
#include <linux/bpf.h>
|
|
#include <sys/syscall.h>
|
|
#include <errno.h>
|
|
#include <stdio.h>
|
|
#include <stdint.h>
|
|
|
|
#include "utils.h"
|
|
|
|
/* Note:
|
|
*
|
|
* Below ELF section names and bpf_elf_map structure definition
|
|
* are not (!) kernel ABI. It's rather a "contract" between the
|
|
* application and the BPF loader in tc. For compatibility, the
|
|
* section names should stay as-is. Introduction of aliases, if
|
|
* needed, are a possibility, though.
|
|
*/
|
|
|
|
/* ELF section names, etc */
|
|
#define ELF_SECTION_LICENSE "license"
|
|
#define ELF_SECTION_MAPS "maps"
|
|
#define ELF_SECTION_CLASSIFIER "classifier"
|
|
#define ELF_SECTION_ACTION "action"
|
|
|
|
#define ELF_MAX_MAPS 64
|
|
#define ELF_MAX_LICENSE_LEN 128
|
|
|
|
/* ELF map definition */
|
|
struct bpf_elf_map {
|
|
__u32 type;
|
|
__u32 size_key;
|
|
__u32 size_value;
|
|
__u32 max_elem;
|
|
};
|
|
|
|
int bpf_parse_string(char *arg, bool from_file, __u16 *bpf_len,
|
|
char **bpf_string, bool *need_release,
|
|
const char separator);
|
|
int bpf_parse_ops(int argc, char **argv, struct sock_filter *bpf_ops,
|
|
bool from_file);
|
|
void bpf_print_ops(FILE *f, struct rtattr *bpf_ops, __u16 len);
|
|
|
|
static inline __u64 bpf_ptr_to_u64(const void *ptr)
|
|
{
|
|
return (__u64) (unsigned long) ptr;
|
|
}
|
|
|
|
#ifdef HAVE_ELF
|
|
int bpf_open_object(const char *path, enum bpf_prog_type type);
|
|
|
|
static inline int bpf(int cmd, union bpf_attr *attr, unsigned int size)
|
|
{
|
|
#ifdef __NR_bpf
|
|
return syscall(__NR_bpf, cmd, attr, size);
|
|
#else
|
|
errno = ENOSYS;
|
|
return -1;
|
|
#endif
|
|
}
|
|
#else
|
|
static inline int bpf_open_object(const char *path, enum bpf_prog_type type)
|
|
{
|
|
errno = ENOSYS;
|
|
return -1;
|
|
}
|
|
#endif /* HAVE_ELF */
|
|
#endif /* _TC_BPF_H_ */
|