Message ID | 20180528004344.3606-11-daniel@iogearbox.net |
---|---|
State | Changes Requested, archived |
Delegated to: | BPF Maintainers |
Headers | show |
Series | Misc BPF improvements | expand |
On Sun, May 27, 2018 at 5:43 PM, Daniel Borkmann <daniel@iogearbox.net> wrote: > Pull in recent changes from include/uapi/linux/bpf.h. > > Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> > Acked-by: Alexei Starovoitov <ast@kernel.org> Acked-by: Song Liu <songliubraving@fb.com> > --- > tools/include/uapi/linux/bpf.h | 20 ++++++++++++++++++-- > 1 file changed, 18 insertions(+), 2 deletions(-) > > diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h > index 9b8c6e3..7108711 100644 > --- a/tools/include/uapi/linux/bpf.h > +++ b/tools/include/uapi/linux/bpf.h > @@ -2004,6 +2004,20 @@ union bpf_attr { > * direct packet access. > * Return > * 0 on success, or a negative error in case of failure. > + * > + * uint64_t bpf_skb_cgroup_id(struct sk_buff *skb) > + * Description > + * Return the cgroup v2 id of the socket associated with the *skb*. > + * This is roughly similar to the **bpf_get_cgroup_classid**\ () > + * helper for cgroup v1 by providing a tag resp. identifier that > + * can be matched on or used for map lookups e.g. to implement > + * policy. The cgroup v2 id of a given path in the hierarchy is > + * exposed in user space through the f_handle API in order to get > + * to the same 64-bit id. > + * > + * This helper can be used on TC egress path, but not on ingress. > + * Return > + * The id is returned or 0 in case the id could not be retrieved. > */ > #define __BPF_FUNC_MAPPER(FN) \ > FN(unspec), \ > @@ -2082,7 +2096,8 @@ union bpf_attr { > FN(lwt_push_encap), \ > FN(lwt_seg6_store_bytes), \ > FN(lwt_seg6_adjust_srh), \ > - FN(lwt_seg6_action), > + FN(lwt_seg6_action), \ > + FN(skb_cgroup_id), > > /* integer value in 'imm' field of BPF_CALL instruction selects which helper > * function eBPF program intends to call > @@ -2199,7 +2214,7 @@ struct bpf_tunnel_key { > }; > __u8 tunnel_tos; > __u8 tunnel_ttl; > - __u16 tunnel_ext; > + __u16 tunnel_ext; /* Padding, future use. */ > __u32 tunnel_label; > }; > > @@ -2210,6 +2225,7 @@ struct bpf_xfrm_state { > __u32 reqid; > __u32 spi; /* Stored in network byte order */ > __u16 family; > + __u16 ext; /* Padding, future use. */ > union { > __u32 remote_ipv4; /* Stored in network byte order */ > __u32 remote_ipv6[4]; /* Stored in network byte order */ > -- > 2.9.5 >
diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h index 9b8c6e3..7108711 100644 --- a/tools/include/uapi/linux/bpf.h +++ b/tools/include/uapi/linux/bpf.h @@ -2004,6 +2004,20 @@ union bpf_attr { * direct packet access. * Return * 0 on success, or a negative error in case of failure. + * + * uint64_t bpf_skb_cgroup_id(struct sk_buff *skb) + * Description + * Return the cgroup v2 id of the socket associated with the *skb*. + * This is roughly similar to the **bpf_get_cgroup_classid**\ () + * helper for cgroup v1 by providing a tag resp. identifier that + * can be matched on or used for map lookups e.g. to implement + * policy. The cgroup v2 id of a given path in the hierarchy is + * exposed in user space through the f_handle API in order to get + * to the same 64-bit id. + * + * This helper can be used on TC egress path, but not on ingress. + * Return + * The id is returned or 0 in case the id could not be retrieved. */ #define __BPF_FUNC_MAPPER(FN) \ FN(unspec), \ @@ -2082,7 +2096,8 @@ union bpf_attr { FN(lwt_push_encap), \ FN(lwt_seg6_store_bytes), \ FN(lwt_seg6_adjust_srh), \ - FN(lwt_seg6_action), + FN(lwt_seg6_action), \ + FN(skb_cgroup_id), /* integer value in 'imm' field of BPF_CALL instruction selects which helper * function eBPF program intends to call @@ -2199,7 +2214,7 @@ struct bpf_tunnel_key { }; __u8 tunnel_tos; __u8 tunnel_ttl; - __u16 tunnel_ext; + __u16 tunnel_ext; /* Padding, future use. */ __u32 tunnel_label; }; @@ -2210,6 +2225,7 @@ struct bpf_xfrm_state { __u32 reqid; __u32 spi; /* Stored in network byte order */ __u16 family; + __u16 ext; /* Padding, future use. */ union { __u32 remote_ipv4; /* Stored in network byte order */ __u32 remote_ipv6[4]; /* Stored in network byte order */