24 Aug, 2018
3 commits
-
[ Upstream commit 02a2f000a3629274bfad60bfc4de9edec49e63e7 ]
test_task_rename() and test_urandom_read()
can be failed during write() and read(),
So check the result of them.Reviewed-by: David Laight
Signed-off-by: Taeung Song
Acked-by: David S. Miller
Signed-off-by: Daniel Borkmann
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman -
[ Upstream commit 492b7e894587c151be681f86d4d1d086375f7b45 ]
To avoid the below build warning message,
use new generate_load() checking the return value.ignoring return value of ‘system’, declared with attribute warn_unused_result
And it also refactors the duplicate code of both
test_perf_event_all_cpu() and test_perf_event_task()Cc: Teng Qin
Signed-off-by: Taeung Song
Acked-by: David S. Miller
Signed-off-by: Daniel Borkmann
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman -
[ Upstream commit 4d5d33a085335ef469c9a87792bcaaaa8e64d8c4 ]
This fixes build error regarding redefinition:
CLANG-bpf samples/bpf/parse_varlen.o
samples/bpf/parse_varlen.c:111:8: error: redefinition of 'vlan_hdr'
struct vlan_hdr {
^
./include/linux/if_vlan.h:38:8: note: previous definition is hereSo remove duplicate 'struct vlan_hdr' in sample code and include if_vlan.h
Signed-off-by: Taeung Song
Acked-by: David S. Miller
Signed-off-by: Daniel Borkmann
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
26 Apr, 2018
1 commit
-
[ Upstream commit c25ef6a5e62fa212d298ce24995ce239f29b5f96 ]
Do not build lib/bpf/bpf.o with this Makefile but use the one from the
library directory. This avoid making a buggy bpf.o file (e.g. missing
symbols).This patch is useful if some code (e.g. Landlock tests) needs both the
bpf.o (from tools/lib/bpf) and the bpf_load.o (from samples/bpf).Signed-off-by: Mickaël Salaün
Cc: Alexei Starovoitov
Cc: Daniel Borkmann
Signed-off-by: Daniel Borkmann
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
20 Dec, 2017
1 commit
-
[ Upstream commit 6dfca831c03ef654b1f7bff1b8d487d330e9f76b ]
Default rlimit RLIMIT_MEMLOCK is 64KB, causes bpf map failure.
e.g.
[root@lab bpf]#./xdp1 -N $(
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
02 Nov, 2017
1 commit
-
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.By default all files without license information are under the default
license of the kernel, which is GPL version 2.Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if
Reviewed-by: Philippe Ombredanne
Reviewed-by: Thomas Gleixner
Signed-off-by: Greg Kroah-Hartman
02 Sep, 2017
1 commit
-
Create a new case to test the LRU lookup performance.
At the beginning, the LRU map is fully loaded (i.e. the number of keys
is equal to map->max_entries). The lookup is done through key 0
to num_map_entries and then repeats from 0 again.This patch also creates an anonymous struct to properly
name the test params in stress_lru_hmap_alloc() in map_perf_test_kern.c.Signed-off-by: Martin KaFai Lau
Acked-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
01 Sep, 2017
6 commits
-
Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller -
Update cgrp2 bpf sock tests to check that device, mark and priority
can all be set on a socket via bpf programs attached to a cgroup.Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller -
Add option to dump socket settings. Will be used in the next patch
to verify bpf programs are correctly setting mark, priority and
device based on the cgroup attachment for the program run.Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller -
Add option to detach programs from a cgroup.
Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller -
Update sock test to set mark and priority on socket create.
Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller -
Fix compilation error below:
$ make samples/bpf/
LLVM ERROR: 'xdp_redirect_dummy' label emitted multiple times to
assembly file
make[1]: *** [samples/bpf/xdp_redirect_kern.o] Error 1
make: *** [samples/bpf/] Error 2Fixes: 306da4e685b4 ("samples/bpf: xdp_redirect load XDP dummy prog on TX device")
Signed-off-by: Tariq Toukan
Acked-by: Jesper Dangaard Brouer
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller
30 Aug, 2017
2 commits
-
This tool xdp_monitor demonstrate how to use the different xdp_redirect
tracepoints xdp_redirect{,_map}{,_err} from a BPF program.The default mode is to only monitor the error counters, to avoid
affecting the per packet performance. Tracepoints comes with a base
overhead of 25 nanosec for an attached bpf_prog, and 48 nanosec for
using a full perf record (with non-matching filter). Thus, default
loading the --stats mode could affect the maximum performance.This version of the tool is very simple and count all types of errors
as one. It will be natural to extend this later with the different
types of errors that can occur, which should help users quickly
identify common mistakes.Because the TP_STRUCT was kept in sync all the tracepoints loads the
same BPF code. It would also be natural to extend the map version to
demonstrate how the map information could be used.Signed-off-by: Jesper Dangaard Brouer
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller -
For supporting XDP_REDIRECT, a device driver must (obviously)
implement the "TX" function ndo_xdp_xmit(). An additional requirement
is you cannot TX out a device, unless it also have a xdp bpf program
attached. This dependency is caused by the driver code need to setup
XDP resources before it can ndo_xdp_xmit.Update bpf samples xdp_redirect and xdp_redirect_map to automatically
attach a dummy XDP program to the configured ifindex_out device. Use
the XDP flag XDP_FLAGS_UPDATE_IF_NOEXIST on the dummy load, to avoid
overriding an existing XDP prog on the device.Signed-off-by: Jesper Dangaard Brouer
Signed-off-by: David S. Miller
29 Aug, 2017
1 commit
-
Extend existing tests for vxlan, gre, geneve, ipip to
include ERSPAN tunnel.Signed-off-by: William Tu
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
20 Aug, 2017
1 commit
-
This patch makes the needed changes to allow each process of
the INNER_LRU_HASH_PREALLOC test to provide its numa node id
when creating the lru map.Signed-off-by: Martin KaFai Lau
Acked-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
17 Aug, 2017
1 commit
-
This program binds a program to a cgroup and then matches hard
coded IP addresses and adds these to a sockmap.This will receive messages from the backend and send them to
the client.client:X frontend:10000 client:X backend:10001
To keep things simple this is only designed for 1:1 connections
using hard coded values. A more complete example would allow many
backends and clients.To run,
# sockmap
Signed-off-by: John Fastabend
Signed-off-by: David S. Miller
08 Aug, 2017
1 commit
-
Signed-off-by: Yonghong Song
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller
02 Aug, 2017
1 commit
-
Two minor conflicts in virtio_net driver (bug fix overlapping addition
of a helper) and MAINTAINERS (new driver edit overlapping revamp of
PHY entry).Signed-off-by: David S. Miller
01 Aug, 2017
1 commit
-
test_tunnel_bpf.sh fails to remove the vxlan11 tunnel device, causing the
next geneve tunnelling test case fails. In addition, the geneve reserved bit
in tcbpf2_kern.c should be zero, according to the RFC.Signed-off-by: William Tu
Signed-off-by: David S. Miller
18 Jul, 2017
3 commits
-
When testing with a driver that has both native and generic redirect support:
$ sudo ./samples/bpf/xdp_redirect -N 5 6
input: 5 output: 6
ifindex 6: 4961879 pkt/s
ifindex 6: 6391319 pkt/s
ifindex 6: 6419468 pkt/s$ sudo ./samples/bpf/xdp_redirect -S 5 6
input: 5 output: 6
ifindex 6: 1845435 pkt/s
ifindex 6: 3882850 pkt/s
ifindex 6: 3893974 pkt/s$ sudo ./samples/bpf/xdp_redirect_map -N 5 6
input: 5 output: 6
map[0] (vports) = 4, map[1] (map) = 5, map[2] (count) = 0
ifindex 6: 2207374 pkt/s
ifindex 6: 6212869 pkt/s
ifindex 6: 6286515 pkt/s$ sudo ./samples/bpf/xdp_redirect_map -S 5 6
input: 5 output: 6
map[0] (vports) = 4, map[1] (map) = 5, map[2] (count) = 0
ifindex 6: 5052528 pkt/s
ifindex 6: 5736631 pkt/s
ifindex 6: 5739962 pkt/sSigned-off-by: Andy Gospodarek
Acked-by: John Fastabend
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller -
Signed-off-by: John Fastabend
Tested-by: Andy Gospodarek
Acked-by: Daniel Borkmann
Acked-by: Jesper Dangaard Brouer
Signed-off-by: David S. Miller -
This implements a sample program for testing bpf_redirect. It reports
the number of packets redirected per second and as input takes the
ifindex of the device to run the xdp program on and the ifindex of the
interface to redirect packets to.Signed-off-by: John Fastabend
Tested-by: Andy Gospodarek
Acked-by: Daniel Borkmann
Acked-by: Jesper Dangaard Brouer
Signed-off-by: David S. Miller
12 Jul, 2017
1 commit
-
With latest net-next:
====
clang -nostdinc -isystem /usr/lib/gcc/x86_64-redhat-linux/6.3.1/include -I./arch/x86/include -I./arch/x86/include/generated/uapi -I./arch/x86/include/generated -I./include -I./arch/x86/include/uapi -I./include/uapi -I./include/generated/uapi -include ./include/linux/kconfig.h -Isamples/bpf \
-D__KERNEL__ -D__ASM_SYSREG_H -Wno-unused-value -Wno-pointer-sign \
-Wno-compare-distinct-pointer-types \
-Wno-gnu-variable-sized-type-not-at-end \
-Wno-address-of-packed-member -Wno-tautological-compare \
-Wno-unknown-warning-option \
-O2 -emit-llvm -c samples/bpf/tcp_synrto_kern.c -o -| llc -march=bpf -filetype=obj -o samples/bpf/tcp_synrto_kern.o
samples/bpf/tcp_synrto_kern.c:20:10: fatal error: 'bpf_endian.h' file not found
^~~~~~~~~~~~~~
1 error generated.
====net has the same issue.
Add support for ntohl and htonl in tools/testing/selftests/bpf/bpf_endian.h.
Also move bpf_helpers.h from samples/bpf to selftests/bpf and change
compiler include logic so that programs in samples/bpf can access the headers
in selftests/bpf, but not the other way around.Signed-off-by: Yonghong Song
Acked-by: Daniel Borkmann
Acked-by: Lawrence Brakmo
Signed-off-by: David S. Miller
05 Jul, 2017
1 commit
-
The function load_bpf_file ignores the return value of
load_and_attach(), so even if load_and_attach() returns an error,
load_bpf_file() will return 0.Now, load_bpf_file() can call load_and_attach() multiple times and some
can succeed and some could fail. I think the correct behavor is to
return error on the first failed load_and_attach().v2: Added missing SOB
Signed-off-by: Lawrence Brakmo
Signed-off-by: David S. Miller
02 Jul, 2017
9 commits
-
Sample BPF program, tcp_clamp_kern.c, to demostrate the use
of setting the sndcwnd clamp. This program assumes that if the
first 5.5 bytes of the host's IPv6 addresses are the same, then
the hosts are in the same datacenter and sets sndcwnd clamp to
100 packets, SYN and SYN-ACK RTOs to 10ms and send/receive buffer
sizes to 150KB.Signed-off-by: Lawrence Brakmo
Signed-off-by: David S. Miller -
Sample BPF program that assumes hosts are far away (i.e. large RTTs)
and sets initial cwnd and initial receive window to 40 packets,
send and receive buffers to 1.5MB.In practice there would be a test to insure the hosts are actually
far enough away.Signed-off-by: Lawrence Brakmo
Signed-off-by: David S. Miller -
Sample BPF program that sets congestion control to dctcp when both hosts
are within the same datacenter. In this example that is assumed to be
when they have the first 5.5 bytes of their IPv6 address are the same.Signed-off-by: Lawrence Brakmo
Signed-off-by: David S. Miller -
This patch contains a BPF program to set initial receive window to
40 packets and send and receive buffers to 1.5MB. This would usually
be done after doing appropriate checks that indicate the hosts are
far enough away (i.e. large RTT).Signed-off-by: Lawrence Brakmo
Signed-off-by: David S. Miller -
Added support for calling a subset of socket setsockopts from
BPF_PROG_TYPE_SOCK_OPS programs. The code was duplicated rather
than making the changes to call the socket setsockopt function because
the changes required would have been larger.The ops supported are:
SO_RCVBUF
SO_SNDBUF
SO_MAX_PACING_RATE
SO_PRIORITY
SO_RCVLOWAT
SO_MARKSigned-off-by: Lawrence Brakmo
Signed-off-by: David S. Miller -
The sample bpf program, tcp_rwnd_kern.c, sets the initial
advertized window to 40 packets in an environment where
distinct IPv6 prefixes indicate that both hosts are not
in the same data center.Signed-off-by: Lawrence Brakmo
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller -
The sample BPF program, tcp_synrto_kern.c, sets the SYN and SYN-ACK
RTOs to 10ms when both hosts are within the same datacenter (i.e.
small RTTs) in an environment where common IPv6 prefixes indicate
both hosts are in the same data center.Signed-off-by: Lawrence Brakmo
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller -
The program load_sock_ops can be used to load sock_ops bpf programs and
to attach it to an existing (v2) cgroup. It can also be used to detach
sock_ops programs.Examples:
load_sock_ops [-l]
Load and attaches a sock_ops program at the specified cgroup.
If "-l" is used, the program will continue to run to output the
BPF log buffer.
If the specified filename does not end in ".o", it appends
"_kern.o" to the name.load_sock_ops -r
Detaches the currently attached sock_ops program from the
specified cgroup.Signed-off-by: Lawrence Brakmo
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller -
Created a new BPF program type, BPF_PROG_TYPE_SOCK_OPS, and a corresponding
struct that allows BPF programs of this type to access some of the
socket's fields (such as IP addresses, ports, etc.). It uses the
existing bpf cgroups infrastructure so the programs can be attached per
cgroup with full inheritance support. The program will be called at
appropriate times to set relevant connections parameters such as buffer
sizes, SYN and SYN-ACK RTOs, etc., based on connection information such
as IP addresses, port numbers, etc.Alghough there are already 3 mechanisms to set parameters (sysctls,
route metrics and setsockopts), this new mechanism provides some
distinct advantages. Unlike sysctls, it can set parameters per
connection. In contrast to route metrics, it can also use port numbers
and information provided by a user level program. In addition, it could
set parameters probabilistically for evaluation purposes (i.e. do
something different on 10% of the flows and compare results with the
other 90% of the flows). Also, in cases where IPv6 addresses contain
geographic information, the rules to make changes based on the distance
(or RTT) between the hosts are much easier than route metric rules and
can be global. Finally, unlike setsockopt, it oes not require
application changes and it can be updated easily at any time.Although the bpf cgroup framework already contains a sock related
program type (BPF_PROG_TYPE_CGROUP_SOCK), I created the new type
(BPF_PROG_TYPE_SOCK_OPS) beccause the existing type expects to be called
only once during the connections's lifetime. In contrast, the new
program type will be called multiple times from different places in the
network stack code. For example, before sending SYN and SYN-ACKs to set
an appropriate timeout, when the connection is established to set
congestion control, etc. As a result it has "op" field to specify the
type of operation requested.The purpose of this new program type is to simplify setting connection
parameters, such as buffer sizes, TCP's SYN RTO, etc. For example, it is
easy to use facebook's internal IPv6 addresses to determine if both hosts
of a connection are in the same datacenter. Therefore, it is easy to
write a BPF program to choose a small SYN RTO value when both hosts are
in the same datacenter.This patch only contains the framework to support the new BPF program
type, following patches add the functionality to set various connection
parameters.This patch defines a new BPF program type: BPF_PROG_TYPE_SOCKET_OPS
and a new bpf syscall command to load a new program of this type:
BPF_PROG_LOAD_SOCKET_OPS.Two new corresponding structs (one for the kernel one for the user/BPF
program):/* kernel version */
struct bpf_sock_ops_kern {
struct sock *sk;
__u32 op;
union {
__u32 reply;
__u32 replylong[4];
};
};/* user version
* Some fields are in network byte order reflecting the sock struct
* Use the bpf_ntohl helper macro in samples/bpf/bpf_endian.h to
* convert them to host byte order.
*/
struct bpf_sock_ops {
__u32 op;
union {
__u32 reply;
__u32 replylong[4];
};
__u32 family;
__u32 remote_ip4; /* In network byte order */
__u32 local_ip4; /* In network byte order */
__u32 remote_ip6[4]; /* In network byte order */
__u32 local_ip6[4]; /* In network byte order */
__u32 remote_port; /* In network byte order */
__u32 local_port; /* In host byte horder */
};Currently there are two types of ops. The first type expects the BPF
program to return a value which is then used by the caller (or a
negative value to indicate the operation is not supported). The second
type expects state changes to be done by the BPF program, for example
through a setsockopt BPF helper function, and they ignore the return
value.The reply fields of the bpf_sockt_ops struct are there in case a bpf
program needs to return a value larger than an integer.Signed-off-by: Lawrence Brakmo
Acked-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
30 Jun, 2017
1 commit
-
Checks are added to the existing sockex3 and test_map_in_map test.
Signed-off-by: Martin KaFai Lau
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller
22 Jun, 2017
1 commit
-
tracex5_kern.c build failed with the following error message:
../samples/bpf/tracex5_kern.c:12:10: fatal error: 'syscall_nrs.h' file not found
#include "syscall_nrs.h"
The generated file syscall_nrs.h is put in build/samples/bpf directory,
but this directory is not in include path, hence build failed.The fix is to add $(obj) into the clang compilation path.
Signed-off-by: Yonghong Song
Signed-off-by: David S. Miller
15 Jun, 2017
2 commits
-
There are two problems:
1) In MIPS the __NR_* macros expand to an expression, this causes the
sections of the object file to be named like:.
.
.
[ 5] kprobe/(5000 + 1) PROGBITS 0000000000000000 000160 ...
[ 6] kprobe/(5000 + 0) PROGBITS 0000000000000000 000258 ...
[ 7] kprobe/(5000 + 9) PROGBITS 0000000000000000 000348 ...
.
.
.The fix here is to use the "asm_offsets" trick to evaluate the macros
in the C compiler and generate a header file with a usable form of the
macros.2) MIPS syscall numbers start at 5000, so we need a bigger map to hold
the sub-programs.Signed-off-by: David Daney
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller -
Signed-off-by: David Daney
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller
05 Jun, 2017
1 commit
-
$ trace_event
tests attaching BPF program to HW_CPU_CYCLES, SW_CPU_CLOCK, HW_CACHE_L1D and other events.
It runs 'dd' in the background while bpf program collects user and kernel
stack trace on counter overflow.
User space expects to see sys_read and sys_write in the kernel stack.$ tracex6
tests reading of various perf counters from BPF program.
Both tests were refactored to increase coverage and be more accurate.
Signed-off-by: Teng Qin
Signed-off-by: Alexei Starovoitov
Signed-off-by: David S. Miller
