From patchwork Tue Feb 19 05:38:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lawrence Brakmo X-Patchwork-Id: 1044442 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=fb.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="hmuVWKC/"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 443V045LnPz9s21 for ; Tue, 19 Feb 2019 16:38:44 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726663AbfBSFin (ORCPT ); Tue, 19 Feb 2019 00:38:43 -0500 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:46010 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726565AbfBSFin (ORCPT ); Tue, 19 Feb 2019 00:38:43 -0500 Received: from pps.filterd (m0044008.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x1J5Swne016797 for ; Mon, 18 Feb 2019 21:38:42 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : mime-version : content-type; s=facebook; bh=JZ+zqmD+pWM+nYxuuGJ5eE1jCFANTZ1tYV+rlzbKgZ0=; b=hmuVWKC/qusOGRqbzjZowjV69UPAIGk5pAAhXz3X8pWlFyZPcY/4wBHOLoIQ6Vd8Ncef HQhWZYWYoocMoeI0B2eMGbv+MaDCxHa3djJhiihC5XxTbH/qpgdtD3ErnSbt1Y6VCwED S7qNFGUaUE45OsIAVBnSXSkgy8SBxfmC7xI= Received: from maileast.thefacebook.com ([199.201.65.23]) by mx0a-00082601.pphosted.com with ESMTP id 2qr82u0f60-3 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Mon, 18 Feb 2019 21:38:42 -0800 Received: from mx-out.facebook.com (2620:10d:c0a1:3::13) by mail.thefacebook.com (2620:10d:c021:18::175) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) id 15.1.1531.3; Mon, 18 Feb 2019 21:38:41 -0800 Received: by devbig009.ftw2.facebook.com (Postfix, from userid 10340) id 6303B5AE1EBC; Mon, 18 Feb 2019 21:38:36 -0800 (PST) Smtp-Origin-Hostprefix: devbig From: brakmo Smtp-Origin-Hostname: devbig009.ftw2.facebook.com To: netdev CC: Martin Lau , Alexei Starovoitov , Daniel Borkmann --cc=Kernel Team <"daniel@iogearbox.netKernel-team"@fb.com> Smtp-Origin-Cluster: ftw2c04 Subject: [PATCH bpf-next 6/9] bpf: Sample program to load cg skb BPF programs Date: Mon, 18 Feb 2019 21:38:36 -0800 Message-ID: <20190219053836.2086878-1-brakmo@fb.com> X-Mailer: git-send-email 2.17.1 X-FB-Internal: Safe MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-02-19_03:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The program load_cg_skb can be used to load BPF_PROG_TYPE_CGROUP_SKB type bpf_prog which currently can be attached to the ingress and egress patch. It can also be used to detach the bpf_prog. Examples: load_cg_skb [-i] Load and attaches a cg skb program to the specified cgroup. If "-i" is used, the program is attached as ingress (default is egress). load_cg_skb -r[i] Detaches the currnetly attached egress (or ingress if -ri is used) cg skb program from the specified cgroup. Signed-off-by: Lawrence Brakmo --- samples/bpf/Makefile | 2 + samples/bpf/load_cg_skb.c | 109 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 111 insertions(+) create mode 100644 samples/bpf/load_cg_skb.c diff --git a/samples/bpf/Makefile b/samples/bpf/Makefile index a0ef7eddd0b3..0cf3347c7443 100644 --- a/samples/bpf/Makefile +++ b/samples/bpf/Makefile @@ -53,6 +53,7 @@ hostprogs-y += xdpsock hostprogs-y += xdp_fwd hostprogs-y += task_fd_query hostprogs-y += xdp_sample_pkts +hostprogs-y += load_cg_skb # Libbpf dependencies LIBBPF = $(TOOLS_PATH)/lib/bpf/libbpf.a @@ -109,6 +110,7 @@ xdpsock-objs := xdpsock_user.o xdp_fwd-objs := xdp_fwd_user.o task_fd_query-objs := bpf_load.o task_fd_query_user.o $(TRACE_HELPERS) xdp_sample_pkts-objs := xdp_sample_pkts_user.o $(TRACE_HELPERS) +load_cg_skb-objs := bpf_load.o load_cg_skb.o # Tell kbuild to always build the programs always := $(hostprogs-y) diff --git a/samples/bpf/load_cg_skb.c b/samples/bpf/load_cg_skb.c new file mode 100644 index 000000000000..619ff834fc8c --- /dev/null +++ b/samples/bpf/load_cg_skb.c @@ -0,0 +1,109 @@ +// SPDX-License-Identifier: GPL-2.0 +/* Copyright (c) 2019 Facebook + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of version 2 of the GNU General Public + * License as published by the Free Software Foundation. + */ +#include +#include +#include +#include +#include +#include "bpf_load.h" +#include +#include +#include +#include + +static void usage(char *pname) +{ + printf("USAGE:\n %s [-i] [-l] \n", pname); + printf("\tLoad and attach a cgroup/skb egress/ingress program to" + " the specified\n" + "\tcgroup\n" + "\tIf \"-i\" is used, an ingress program is loaded (default is" + " egress)\n" + "\tIf \"-l\" is used, the program will continue to run" + " printing the BPF log\n" + "\tbuffer\n" + "\tIf the specified filename does not end in \".o\", it" + " appends \"_kern.o\"\n" + "\tto the name\n\n"); + printf(" %s -r \n", pname); + printf("\tDetaches the currently attached cgroup/skb egress program\n" + "\tfrom the specified cgroup\n"); + printf(" %s -ri \n", pname); + printf("\tDetaches the currently attached cgroup/skb ingress program\n" + "\tfrom the specified cgroup\n\n"); + exit(1); +} + +int main(int argc, char **argv) +{ + int logFlag = 0; + int error = 0; + char *cg_path; + char fn[500]; + char *prog; + int cg_fd; + int mode = BPF_CGROUP_INET_EGRESS; + + if (argc < 3) + usage(argv[0]); + + if (!strcmp(argv[1], "-i")) { + mode = BPF_CGROUP_INET_INGRESS; + } else if (!strncmp(argv[1], "-r", 2)) { + if (argv[1][2] == 'i') + mode = BPF_CGROUP_INET_INGRESS; + cg_path = argv[2]; + cg_fd = open(cg_path, O_DIRECTORY, O_RDONLY); + error = bpf_prog_detach(cg_fd, mode); + if (error) { + printf("ERROR: bpf_prog_detach: %d (%s)\n", + error, strerror(errno)); + return 2; + } + return 0; + } else if (!strcmp(argv[1], "-h")) { + usage(argv[0]); + } else if (!strcmp(argv[1], "-l")) { + logFlag = 1; + if (argc < 4) + usage(argv[0]); + } + + prog = argv[argc - 1]; + cg_path = argv[argc - 2]; + if (strlen(prog) > 480) { + fprintf(stderr, "ERROR: program name too long (> 480 chars)\n"); + return 3; + } + cg_fd = open(cg_path, O_DIRECTORY, O_RDONLY); + + if (!strcmp(prog + strlen(prog)-2, ".o")) + strcpy(fn, prog); + else + sprintf(fn, "%s_kern.o", prog); + if (logFlag) + printf("loading bpf file:%s\n", fn); + if (load_bpf_file(fn)) { + printf("ERROR: load_bpf_file failed for: %s\n", fn); + printf("%s", bpf_log_buf); + return 4; + } + if (logFlag) + printf("TCP BPF Loaded %s\n", fn); + + error = bpf_prog_attach(prog_fd[0], cg_fd, BPF_CGROUP_INET_EGRESS, 0); + if (error) { + printf("ERROR: bpf_prog_attach: %d (%s)\n", + error, strerror(errno)); + return 5; + } else if (logFlag) { + read_trace_pipe(); + } + + return error; +}