From patchwork Sun Dec 31 17:10:29 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lawrence Brakmo X-Patchwork-Id: 854254 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="F/XStfUU"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3z8n0g2V78z9ryQ for ; Mon, 1 Jan 2018 04:11:15 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751200AbdLaRLD (ORCPT ); Sun, 31 Dec 2017 12:11:03 -0500 Received: from mx0b-00082601.pphosted.com ([67.231.153.30]:49728 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1750923AbdLaRKk (ORCPT ); Sun, 31 Dec 2017 12:10:40 -0500 Received: from pps.filterd (m0001255.ppops.net [127.0.0.1]) by mx0b-00082601.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id vBVH780V022387 for ; Sun, 31 Dec 2017 09:10:39 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=facebook; bh=U5kNwaMyUv3tXI7cXYDxq9QSyD4nfPSG8Q//K3BVM3I=; b=F/XStfUUeSOD+50yHGYpvOuNWZdX5vNIyyL/cBYldudNPv6mE9EMSrTeqhhDgTdRQ+Bf QAkjjfnMEdw/dup2gFiVAzooiya8vxlN5mNy3/649G/6lCkK/wxakrIf/27Aa/syljsX lCmA/cTeQZkelgJNOYlcUNWFAUskkI06+SU= Received: from mail.thefacebook.com ([199.201.64.23]) by mx0b-00082601.pphosted.com with ESMTP id 2f67gbacdb-5 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Sun, 31 Dec 2017 09:10:39 -0800 Received: from mx-out.facebook.com (192.168.52.123) by PRN-CHUB06.TheFacebook.com (192.168.16.16) with Microsoft SMTP Server id 14.3.361.1; Sun, 31 Dec 2017 09:10:37 -0800 Received: by dev15893.prn1.facebook.com (Postfix, from userid 10340) id 666D9C21927; Sun, 31 Dec 2017 09:10:37 -0800 (PST) Smtp-Origin-Hostprefix: dev From: Lawrence Brakmo Smtp-Origin-Hostname: dev15893.prn1.facebook.com To: netdev CC: Kernel Team , Blake Matheny , Alexei Starovoitov , Daniel Borkmann , Eric Dumazet , Neal Cardwell , Yuchung Cheng Smtp-Origin-Cluster: prn1c29 Subject: [PATCH v3 bpf-next 10/11] bpf: Add BPF_SOCK_OPS_STATE_CB Date: Sun, 31 Dec 2017 09:10:29 -0800 Message-ID: <20171231171030.2998769-11-brakmo@fb.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171231171030.2998769-1-brakmo@fb.com> References: <20171231171030.2998769-1-brakmo@fb.com> X-FB-Internal: Safe MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-12-31_12:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Adds support for calling sock_ops BPF program when there is a TCP state change. Two arguments are used; one for the old state and another for the new state. There is a new enum in include/uapi/linux/bpf.h that exports the TCP states that prepends BPF_ to the current TCP state names. If it is ever necessary to change the internal TCP state values (other than adding more to the end), then it will become necessary to convert from the internal TCP state value to the BPF value before calling the BPF sock_ops function. New op: BPF_SOCK_OPS_STATE_CB. Signed-off-by: Lawrence Brakmo --- include/uapi/linux/bpf.h | 26 ++++++++++++++++++++++++++ include/uapi/linux/tcp.h | 1 + net/ipv4/tcp.c | 4 ++++ 3 files changed, 31 insertions(+) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index 415b951..b653273 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -1024,6 +1024,32 @@ enum { * Arg1: sequence number of 1st byte * Arg2: # segments */ + BPF_SOCK_OPS_STATE_CB, /* Called when TCP changes state. + * Arg1: old_state + * Arg2: new_state + */ +}; + +/* List of TCP states. There is a build check in net/ipv4/tcp.c to detect + * changes between the TCP and BPF versions. Ideally this should never happen. + * If it does, we need to add code to convert them before calling + * the BPF sock_ops function. + */ +enum { + BPF_TCP_ESTABLISHED = 1, + BPF_TCP_SYN_SENT, + BPF_TCP_SYN_RECV, + BPF_TCP_FIN_WAIT1, + BPF_TCP_FIN_WAIT2, + BPF_TCP_TIME_WAIT, + BPF_TCP_CLOSE, + BPF_TCP_CLOSE_WAIT, + BPF_TCP_LAST_ACK, + BPF_TCP_LISTEN, + BPF_TCP_CLOSING, /* Now a valid state */ + BPF_TCP_NEW_SYN_RECV, + + BPF_TCP_MAX_STATES /* Leave at the end! */ }; #define TCP_BPF_IW 1001 /* Set TCP initial congestion window */ diff --git a/include/uapi/linux/tcp.h b/include/uapi/linux/tcp.h index dc36d3c..211322c 100644 --- a/include/uapi/linux/tcp.h +++ b/include/uapi/linux/tcp.h @@ -262,6 +262,7 @@ struct tcp_md5sig { /* Definitions for bpf_sock_ops_flags */ #define BPF_SOCK_OPS_RTO_CB_FLAG (1<<0) #define BPF_SOCK_OPS_RETRANS_CB_FLAG (1<<1) +#define BPF_SOCK_OPS_STATE_CB_FLAG (1<<2) /* INET_DIAG_MD5SIG */ struct tcp_diag_md5sig { diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index a1fe7a7..b321dfd 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -2044,6 +2044,10 @@ void tcp_set_state(struct sock *sk, int state) { int oldstate = sk->sk_state; + BUILD_BUG_ON(BPF_TCP_MAX_STATES != TCP_MAX_STATES); + if (BPF_SOCK_OPS_TEST_FLAG(tcp_sk(sk), BPF_SOCK_OPS_STATE_CB_FLAG)) + tcp_call_bpf_2arg(sk, BPF_SOCK_OPS_STATE_CB, oldstate, state); + switch (state) { case TCP_ESTABLISHED: if (oldstate != TCP_ESTABLISHED)