20 Oct, 2017
1 commit
-
SK_SKB BPF programs are run from the socket/tcp context but early in
the stack before much of the TCP metadata is needed in tcp_skb_cb. So
we can use some unused fields to place BPF metadata needed for SK_SKB
programs when implementing the redirect function.This allows us to drop the preempt disable logic. It does however
require an API change so sk_redirect_map() has been updated to
additionally provide ctx_ptr to skb. Note, we do however continue to
disable/enable preemption around actual BPF program running to account
for map updates.Signed-off-by: John Fastabend
Acked-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
29 Aug, 2017
1 commit
-
In the initial sockmap API we provided strparser and verdict programs
using a single attach command by extending the attach API with a the
attach_bpf_fd2 field.However, if we add other programs in the future we will be adding a
field for every new possible type, attach_bpf_fd(3,4,..). This
seems a bit clumsy for an API. So lets push the programs using two
new type fields.BPF_SK_SKB_STREAM_PARSER
BPF_SK_SKB_STREAM_VERDICTThis has the advantage of having a readable name and can easily be
extended in the future.Updates to samples and sockmap included here also generalize tests
slightly to support upcoming patch for multiple map support.Signed-off-by: John Fastabend
Fixes: 174a79ff9515 ("bpf: sockmap with sk redirect support")
Suggested-by: Alexei Starovoitov
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
17 Aug, 2017
1 commit
-
This program binds a program to a cgroup and then matches hard
coded IP addresses and adds these to a sockmap.This will receive messages from the backend and send them to
the client.client:X frontend:10000 client:X backend:10001
To keep things simple this is only designed for 1:1 connections
using hard coded values. A more complete example would allow many
backends and clients.To run,
# sockmap
Signed-off-by: John Fastabend
Signed-off-by: David S. Miller