On 08/18/2017 09:50 PM, Alexei Starovoitov wrote:
> On 8/18/17 8:30 PM, John Fastabend wrote:
>> So this is really close to what I proposed above. For a TX_SOCKMAP
>> simply do not attach any programs,
>>
>>bpf_create_map(BPF_MAP_TYPE_SOCKMAP, )
>>[...]
>>
>> For an RX_SOCKMAP,
>>
>>
On 8/18/17 8:30 PM, John Fastabend wrote:
So this is really close to what I proposed above. For a TX_SOCKMAP
simply do not attach any programs,
bpf_create_map(BPF_MAP_TYPE_SOCKMAP, )
[...]
For an RX_SOCKMAP,
bpf_create_map(BPF_MAP_TYPE_SOCKMAP, )
bpf_prog_attach(verdict_p
[...] (trimmed email leaving proposal - 1 summary)
>>
>> syscall:
>>
>> bpf_create_map(BPF_MAP_TYPE_SOCKMAP, )
>> bpf_prog_attach(verdict_prog, map_fd, BPF_SMAP_STREAM_VERDICT, 0);
>> bpf_prog_attach(parse_prog, map_fd, BPF_SMAP_STREAM_PARSER, 0);
>> bpf_map_update_elem(map_fd, key,
On 8/18/17 12:35 AM, John Fastabend wrote:
From an API perspective having all socks in a sockmap inherit the same
BPF programs is useful when working with cgroups. It keeps things consistent
and is pretty effective for applying policy to cgroup sockets.
agree. it's all clear, see modified propo
On 08/17/2017 03:28 PM, Alexei Starovoitov wrote:
> On 8/17/17 11:58 AM, John Fastabend wrote:
+/* reserve BPF programs early so can abort easily on failures */
+if (map_flags & BPF_SOCKMAP_STRPARSER) {
>>> why have two 'flags' arguments and new helper just for this?
>>> can norma
On 8/17/17 11:58 AM, John Fastabend wrote:
+/* reserve BPF programs early so can abort easily on failures */
+if (map_flags & BPF_SOCKMAP_STRPARSER) {
why have two 'flags' arguments and new helper just for this?
can normal update() be used and extra bits of flag there?
The new helper i
[...]
>> +
>> +static void smap_tx_work(struct work_struct *w)
>> +{
>> +struct smap_psock *psock;
>> +struct sk_buff *skb;
>> +int rem, off, n;
>> +
>> +psock = container_of(w, struct smap_psock, tx_work);
>> +
>> +/* lock sock to avoid losing sk_socket at some point during
On 8/15/17 10:32 PM, John Fastabend wrote:
+
+static void smap_do_verdict(struct smap_psock *psock, struct sk_buff *skb)
+{
+ struct sock *sock;
+ int rc;
+
+ /* Because we use per cpu values to feed input from sock redirect
+* in BPF program to do_sk_redirect_map() call
Recently we added a new map type called dev map used to forward XDP
packets between ports (6093ec2dc313). This patches introduces a
similar notion for sockets.
A sockmap allows users to add participating sockets to a map. When
sockets are added to the map enough context is stored with the
map entr
