| Message ID | cover.1698431765.git.dxu@dxuuu.xyz (mailing list archive) |
|---|---|
| Headers | show |
| Series | Add bpf_xdp_get_xfrm_state() kfunc | expand |
On Fri, Oct 27, 2023 at 12:46:16 -0600, Daniel Xu wrote: > This patchset adds a kfunc helper, bpf_xdp_get_xfrm_state(), that wraps > xfrm_state_lookup(). The intent is to support software RSS (via XDP) for > the ongoing/upcoming ipsec pcpu work [0]. Recent experiments performed > on (hopefully) reproducible AWS testbeds indicate that single tunnel > pcpu ipsec can reach line rate on 100G ENA nics. > > More details about that will be presented at netdev next week [1]. > > Antony did the initial stable bpf helper - I later ported it to unstable > kfuncs. So for the series, please apply a Co-developed-by for Antony, > provided he acks and signs off on this. Thanks Daniel for working on this and bringing it upstreadm. Co-developed-by: Antony Antony <antony.antony@secunet.com> Signed-off-by: Antony Antony <antony.antony@secunet.com> > > [0]: https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-multi-sa-performance-02 > [1]: https://netdevconf.info/0x17/sessions/workshop/security-workshop.html > > Daniel Xu (6): > bpf: xfrm: Add bpf_xdp_get_xfrm_state() kfunc > bpf: selftests: test_tunnel: Use ping -6 over ping6 > bpf: selftests: test_tunnel: Mount bpffs if necessary > bpf: selftests: test_tunnel: Use vmlinux.h declarations > bpf: selftests: test_tunnel: Disable CO-RE relocations > bpf: xfrm: Add selftest for bpf_xdp_get_xfrm_state() > > include/net/xfrm.h | 9 ++ > net/xfrm/Makefile | 1 + > net/xfrm/xfrm_policy.c | 2 + > net/xfrm/xfrm_state_bpf.c | 105 ++++++++++++++++++ > .../selftests/bpf/progs/bpf_tracing_net.h | 1 + > .../selftests/bpf/progs/test_tunnel_kern.c | 95 +++++++++------- > tools/testing/selftests/bpf/test_tunnel.sh | 43 ++++--- > 7 files changed, 202 insertions(+), 54 deletions(-) > create mode 100644 net/xfrm/xfrm_state_bpf.c > > -- > 2.42.0 >