This series of patches provides the ability to retrieve eBPF program through qmp, so management application may load bpf blob with proper capabilities. Now, virtio-net devices can accept eBPF programs and maps through properties as external file descriptors. Access to the eBPF map is direct through mmap() call, so it should not require additional capabilities to bpf* calls. eBPF file descriptors can be passed to QEMU from parent process or by unix socket with sendfd() qmp command.
Possible solution for libvirt may look like this: https://github.com/daynix/libvirt/tree/RSS_eBPF (WIP) Changes since v5: * Refactored ebpf.json Changes since v4: * refactored commit hunks * added explicit BPF_F_MMAPABLE declaration Changes since v3: * fixed issue with the build if bpf disabled * rebased to the last master * refactored according to review Changes since v2: * moved/refactored QMP command * refactored virtio-net Changes since v1: * refactored virtio-net * moved hunks for ebpf mmap() * added qmp enum for eBPF id. Andrew Melnychenko (5): ebpf: Added eBPF map update through mmap. ebpf: Added eBPF initialization by fds. virtio-net: Added property to load eBPF RSS with fds. qmp: Added new command to retrieve eBPF blob. ebpf: Updated eBPF program and skeleton. ebpf/ebpf.c | 70 ++ ebpf/ebpf.h | 31 + ebpf/ebpf_rss-stub.c | 6 + ebpf/ebpf_rss.c | 150 +++- ebpf/ebpf_rss.h | 10 + ebpf/meson.build | 2 +- ebpf/rss.bpf.skeleton.h | 1460 ++++++++++++++++---------------- hw/net/virtio-net.c | 55 +- include/hw/virtio/virtio-net.h | 1 + qapi/ebpf.json | 56 ++ qapi/meson.build | 1 + qapi/qapi-schema.json | 1 + tools/ebpf/rss.bpf.c | 5 +- 13 files changed, 1094 insertions(+), 754 deletions(-) create mode 100644 ebpf/ebpf.c create mode 100644 ebpf/ebpf.h create mode 100644 qapi/ebpf.json -- 2.40.1
