[bpf-next,v4,4/8] libbpf: Add link-based API for tcx

Message ID	20230710201218.19460-5-daniel@iogearbox.net (mailing list archive)
State	Superseded
Delegated to:	BPF
Headers	show Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 69EDA156E2; Mon, 10 Jul 2023 20:12:31 +0000 (UTC) From: Daniel Borkmann <daniel@iogearbox.net> To: ast@kernel.org Cc: andrii@kernel.org, martin.lau@linux.dev, razor@blackwall.org, sdf@google.com, john.fastabend@gmail.com, kuba@kernel.org, dxu@dxuuu.xyz, joe@cilium.io, toke@kernel.org, davem@davemloft.net, bpf@vger.kernel.org, netdev@vger.kernel.org, Daniel Borkmann <daniel@iogearbox.net> Subject: [PATCH bpf-next v4 4/8] libbpf: Add link-based API for tcx Date: Mon, 10 Jul 2023 22:12:14 +0200 Message-Id: <20230710201218.19460-5-daniel@iogearbox.net> In-Reply-To: <20230710201218.19460-1-daniel@iogearbox.net> References: <20230710201218.19460-1-daniel@iogearbox.net> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	BPF link support for tc BPF programs \| expand [bpf-next,v4,0/8] BPF link support for tc BPF programs [bpf-next,v4,1/8] bpf: Add generic attach/detach/query API for multi-progs [bpf-next,v4,2/8] bpf: Add fd-based tcx multi-prog infra with link support [bpf-next,v4,3/8] libbpf: Add opts-based attach/detach/query API for tcx [bpf-next,v4,4/8] libbpf: Add link-based API for tcx [bpf-next,v4,5/8] libbpf: Add helper macro to clear opts structs [bpf-next,v4,6/8] bpftool: Extend net dump with tcx progs [bpf-next,v4,7/8] selftests/bpf: Add mprog API tests for BPF tcx opts [bpf-next,v4,8/8] selftests/bpf: Add mprog API tests for BPF tcx links

Message ID

20230710201218.19460-5-daniel@iogearbox.net (mailing list archive)

State

Superseded

Delegated to:

BPF

Headers

From: Daniel Borkmann <daniel@iogearbox.net>
To: ast@kernel.org
Cc: andrii@kernel.org,
	martin.lau@linux.dev,
	razor@blackwall.org,
	sdf@google.com,
	john.fastabend@gmail.com,
	kuba@kernel.org,
	dxu@dxuuu.xyz,
	joe@cilium.io,
	toke@kernel.org,
	davem@davemloft.net,
	bpf@vger.kernel.org,
	netdev@vger.kernel.org,
	Daniel Borkmann <daniel@iogearbox.net>
Subject: [PATCH bpf-next v4 4/8] libbpf: Add link-based API for tcx
Date: Mon, 10 Jul 2023 22:12:14 +0200
Message-Id: <20230710201218.19460-5-daniel@iogearbox.net>
In-Reply-To: <20230710201218.19460-1-daniel@iogearbox.net>
References: <20230710201218.19460-1-daniel@iogearbox.net>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

BPF link support for tc BPF programs | expand

Context	Check	Description
bpf/vmtest-bpf-next-PR	success	PR summary
bpf/vmtest-bpf-next-VM_Test-30	success	Logs for test_verifier on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-31	success	Logs for test_verifier on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-32	success	Logs for veristat
netdev/series_format	success	Posting correctly formatted
netdev/tree_selection	success	Clearly marked for bpf-next, async
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 8 this patch: 8
netdev/cc_maintainers	warning	6 maintainers not CCed: hawk@kernel.org yhs@fb.com kpsingh@kernel.org song@kernel.org jolsa@kernel.org haoluo@google.com
netdev/build_clang	fail	Errors and warnings before: 18 this patch: 18
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	success	Errors and warnings before: 8 this patch: 8
netdev/checkpatch	fail	CHECK: Please use a blank line after function/struct/union/enum declarations ERROR: space prohibited before that ':' (ctx:WxV) WARNING: line length of 86 exceeds 80 columns WARNING: line length of 98 exceeds 80 columns
netdev/kdoc	success	Errors and warnings before: 138 this patch: 138
netdev/source_inline	success	Was 0 now: 0
bpf/vmtest-bpf-next-VM_Test-1	success	Logs for ShellCheck
bpf/vmtest-bpf-next-VM_Test-6	success	Logs for set-matrix
bpf/vmtest-bpf-next-VM_Test-2	success	Logs for build for aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-4	success	Logs for build for x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-5	success	Logs for build for x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-3	success	Logs for build for s390x with gcc
bpf/vmtest-bpf-next-VM_Test-7	success	Logs for test_maps on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-9	success	Logs for test_maps on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-10	success	Logs for test_maps on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-11	success	Logs for test_progs on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-13	success	Logs for test_progs on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-15	success	Logs for test_progs_no_alu32 on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-17	success	Logs for test_progs_no_alu32 on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-19	success	Logs for test_progs_no_alu32_parallel on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-20	success	Logs for test_progs_no_alu32_parallel on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-21	success	Logs for test_progs_no_alu32_parallel on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-22	success	Logs for test_progs_parallel on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-23	success	Logs for test_progs_parallel on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-25	success	Logs for test_verifier on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-27	success	Logs for test_verifier on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-28	success	Logs for test_verifier on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-29	success	Logs for veristat
bpf/vmtest-bpf-next-VM_Test-14	success	Logs for test_progs on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-18	success	Logs for test_progs_no_alu32 on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-24	success	Logs for test_progs_parallel on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-26	success	Logs for test_verifier on s390x with gcc
bpf/vmtest-bpf-next-VM_Test-16	success	Logs for test_progs_no_alu32 on s390x with gcc
bpf/vmtest-bpf-next-VM_Test-12	fail	Logs for test_progs on s390x with gcc
bpf/vmtest-bpf-next-VM_Test-8	success	Logs for test_maps on s390x with gcc

Context

Check

Description

bpf/vmtest-bpf-next-PR

success

PR summary

bpf/vmtest-bpf-next-VM_Test-30

success

Logs for test_verifier on x86_64 with gcc

bpf/vmtest-bpf-next-VM_Test-31

success

Logs for test_verifier on x86_64 with llvm-16

bpf/vmtest-bpf-next-VM_Test-32

success

Logs for veristat

netdev/series_format

success

Posting correctly formatted

netdev/tree_selection

success

Clearly marked for bpf-next, async

netdev/fixes_present

success

Fixes tag not required for -next series

netdev/header_inline

success

No static functions without inline keyword in header files

netdev/build_32bit

success

Errors and warnings before: 8 this patch: 8

netdev/cc_maintainers

warning

6 maintainers not CCed: hawk@kernel.org yhs@fb.com kpsingh@kernel.org song@kernel.org jolsa@kernel.org haoluo@google.com

netdev/build_clang

fail

Errors and warnings before: 18 this patch: 18

netdev/verify_signedoff

success

Signed-off-by tag matches author and committer

netdev/deprecated_api

success

None detected

netdev/check_selftest

success

No net selftest shell script

netdev/verify_fixes

success

No Fixes tag

netdev/build_allmodconfig_warn

success

Errors and warnings before: 8 this patch: 8

netdev/checkpatch

fail

CHECK: Please use a blank line after function/struct/union/enum declarations ERROR: space prohibited before that ':' (ctx:WxV) WARNING: line length of 86 exceeds 80 columns WARNING: line length of 98 exceeds 80 columns

netdev/kdoc

success

Errors and warnings before: 138 this patch: 138

netdev/source_inline

success

Was 0 now: 0

bpf/vmtest-bpf-next-VM_Test-1

success

Logs for ShellCheck

bpf/vmtest-bpf-next-VM_Test-6

success

Logs for set-matrix

bpf/vmtest-bpf-next-VM_Test-2

success

Logs for build for aarch64 with gcc

bpf/vmtest-bpf-next-VM_Test-4

success

Logs for build for x86_64 with gcc

bpf/vmtest-bpf-next-VM_Test-5

success

Logs for build for x86_64 with llvm-16

bpf/vmtest-bpf-next-VM_Test-3

success

Logs for build for s390x with gcc

bpf/vmtest-bpf-next-VM_Test-7

success

Logs for test_maps on aarch64 with gcc

bpf/vmtest-bpf-next-VM_Test-9

success

Logs for test_maps on x86_64 with gcc

bpf/vmtest-bpf-next-VM_Test-10

success

Logs for test_maps on x86_64 with llvm-16

bpf/vmtest-bpf-next-VM_Test-11

success

Logs for test_progs on aarch64 with gcc

bpf/vmtest-bpf-next-VM_Test-13

success

Logs for test_progs on x86_64 with gcc

bpf/vmtest-bpf-next-VM_Test-15

success

Logs for test_progs_no_alu32 on aarch64 with gcc

bpf/vmtest-bpf-next-VM_Test-17

success

Logs for test_progs_no_alu32 on x86_64 with gcc

bpf/vmtest-bpf-next-VM_Test-19

success

Logs for test_progs_no_alu32_parallel on aarch64 with gcc

bpf/vmtest-bpf-next-VM_Test-20

success

Logs for test_progs_no_alu32_parallel on x86_64 with gcc

bpf/vmtest-bpf-next-VM_Test-21

success

Logs for test_progs_no_alu32_parallel on x86_64 with llvm-16

bpf/vmtest-bpf-next-VM_Test-22

success

Logs for test_progs_parallel on aarch64 with gcc

bpf/vmtest-bpf-next-VM_Test-23

success

Logs for test_progs_parallel on x86_64 with gcc

bpf/vmtest-bpf-next-VM_Test-25

success

Logs for test_verifier on aarch64 with gcc

bpf/vmtest-bpf-next-VM_Test-27

success

Logs for test_verifier on x86_64 with gcc

bpf/vmtest-bpf-next-VM_Test-28

success

Logs for test_verifier on x86_64 with llvm-16

bpf/vmtest-bpf-next-VM_Test-29

success

Logs for veristat

bpf/vmtest-bpf-next-VM_Test-14

success

Logs for test_progs on x86_64 with llvm-16

bpf/vmtest-bpf-next-VM_Test-18

success

Logs for test_progs_no_alu32 on x86_64 with llvm-16

bpf/vmtest-bpf-next-VM_Test-24

success

Logs for test_progs_parallel on x86_64 with llvm-16

bpf/vmtest-bpf-next-VM_Test-26

success

Logs for test_verifier on s390x with gcc

bpf/vmtest-bpf-next-VM_Test-16

success

Logs for test_progs_no_alu32 on s390x with gcc

bpf/vmtest-bpf-next-VM_Test-12

fail

Logs for test_progs on s390x with gcc

bpf/vmtest-bpf-next-VM_Test-8

success

Logs for test_maps on s390x with gcc

Commit Message

Daniel Borkmann July 10, 2023, 8:12 p.m. UTC

Implement tcx BPF link support for libbpf.

The bpf_program__attach_fd() API has been refactored slightly in order to pass
bpf_link_create_opts pointer as input.

A new bpf_program__attach_tcx() has been added on top of this which allows for
passing all relevant data via extensible struct bpf_tcx_opts.

The program sections tcx/ingress and tcx/egress correspond to the hook locations
for tc ingress and egress, respectively.

For concrete usage examples, see the extensive selftests that have been
developed as part of this series.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
---
 tools/lib/bpf/bpf.c      | 19 ++++++++++--
 tools/lib/bpf/bpf.h      |  5 ++++
 tools/lib/bpf/libbpf.c   | 62 ++++++++++++++++++++++++++++++++++------
 tools/lib/bpf/libbpf.h   | 16 +++++++++++
 tools/lib/bpf/libbpf.map |  1 +
 5 files changed, 92 insertions(+), 11 deletions(-)

Comments

Andrii Nakryiko July 11, 2023, 4 a.m. UTC | #1

On Mon, Jul 10, 2023 at 1:12 PM Daniel Borkmann <daniel@iogearbox.net> wrote:
>
> Implement tcx BPF link support for libbpf.
>
> The bpf_program__attach_fd() API has been refactored slightly in order to pass
> bpf_link_create_opts pointer as input.
>
> A new bpf_program__attach_tcx() has been added on top of this which allows for
> passing all relevant data via extensible struct bpf_tcx_opts.
>
> The program sections tcx/ingress and tcx/egress correspond to the hook locations
> for tc ingress and egress, respectively.
>
> For concrete usage examples, see the extensive selftests that have been
> developed as part of this series.
>
> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
> ---
>  tools/lib/bpf/bpf.c      | 19 ++++++++++--
>  tools/lib/bpf/bpf.h      |  5 ++++
>  tools/lib/bpf/libbpf.c   | 62 ++++++++++++++++++++++++++++++++++------
>  tools/lib/bpf/libbpf.h   | 16 +++++++++++
>  tools/lib/bpf/libbpf.map |  1 +
>  5 files changed, 92 insertions(+), 11 deletions(-)
>

Pretty minor nits, I think ifindex move to be mandatory argument is
the most consequential, as it's an API. With that addressed, please
add my ack for next rev

Acked-by: Andrii Nakryiko <andrii@kernel.org>

> diff --git a/tools/lib/bpf/bpf.c b/tools/lib/bpf/bpf.c
> index 3dfc43b477c3..d513c226b9aa 100644
> --- a/tools/lib/bpf/bpf.c
> +++ b/tools/lib/bpf/bpf.c
> @@ -717,9 +717,9 @@ int bpf_link_create(int prog_fd, int target_fd,
>                     const struct bpf_link_create_opts *opts)
>  {
>         const size_t attr_sz = offsetofend(union bpf_attr, link_create);
> -       __u32 target_btf_id, iter_info_len;
> +       __u32 target_btf_id, iter_info_len, relative_id;
> +       int fd, err, relative;

nit: maybe make these new vars local to the TCX cases branch below?

>         union bpf_attr attr;
> -       int fd, err;
>
>         if (!OPTS_VALID(opts, bpf_link_create_opts))
>                 return libbpf_err(-EINVAL);
> @@ -781,6 +781,21 @@ int bpf_link_create(int prog_fd, int target_fd,
>                 if (!OPTS_ZEROED(opts, netfilter))
>                         return libbpf_err(-EINVAL);
>                 break;
> +       case BPF_TCX_INGRESS:
> +       case BPF_TCX_EGRESS:
> +               relative = OPTS_GET(opts, tcx.relative_fd, 0);
> +               relative_id = OPTS_GET(opts, tcx.relative_id, 0);
> +               if (relative > 0 && relative_id)
> +                       return libbpf_err(-EINVAL);
> +               if (relative_id) {
> +                       relative = relative_id;
> +                       attr.link_create.flags |= BPF_F_ID;
> +               }

Well, I have the same nit as in the previous patch, this "relative =
relative_id" is both confusing because of naming asymmetry (no
relative_fd throws me off), and also unnecessary updating of the
state. link_create.flags |= BPF_F_ID is inevitable, but the rest can
be more straightforward, IMO

> +               attr.link_create.tcx.relative_fd = relative;
> +               attr.link_create.tcx.expected_revision = OPTS_GET(opts, tcx.expected_revision, 0);
> +               if (!OPTS_ZEROED(opts, tcx))
> +                       return libbpf_err(-EINVAL);
> +               break;
>         default:
>                 if (!OPTS_ZEROED(opts, flags))
>                         return libbpf_err(-EINVAL);

[...]

> +struct bpf_link *
> +bpf_program__attach_tcx(const struct bpf_program *prog,
> +                       const struct bpf_tcx_opts *opts)
> +{
> +       LIBBPF_OPTS(bpf_link_create_opts, link_create_opts);
> +       __u32 relative_id, flags;
> +       int ifindex, relative_fd;
> +
> +       if (!OPTS_VALID(opts, bpf_tcx_opts))
> +               return libbpf_err_ptr(-EINVAL);
> +
> +       relative_id = OPTS_GET(opts, relative_id, 0);
> +       relative_fd = OPTS_GET(opts, relative_fd, 0);
> +       flags = OPTS_GET(opts, flags, 0);
> +       ifindex = OPTS_GET(opts, ifindex, 0);
> +
> +       /* validate we don't have unexpected combinations of non-zero fields */
> +       if (!ifindex) {
> +               pr_warn("prog '%s': target netdevice ifindex cannot be zero\n",
> +                       prog->name);
> +               return libbpf_err_ptr(-EINVAL);
> +       }

given ifindex is non-optional, then it makes more sense to have it as
a mandatory argument between prog and opts in
bpf_program__attach_tcx(), instead of as a field of an opts struct

> +       if (relative_fd > 0 && relative_id) {

this asymmetrical check is a bit distracting. And also, if someone
specifies negative FD and positive ID, that's also a bad combo and we
shouldn't just ignore invalid FD, right? So I'd have a nice and clean

if (relative_fd && relative_id) { /* bad */ }

> +               pr_warn("prog '%s': relative_fd and relative_id cannot be set at the same time\n",
> +                       prog->name);
> +               return libbpf_err_ptr(-EINVAL);
> +       }
> +       if (relative_id)
> +               flags |= BPF_F_ID;

I think bpf_link_create() will add this flag anyways, so can drop this
adjustment logic here?

> +
> +       link_create_opts.tcx.expected_revision = OPTS_GET(opts, expected_revision, 0);
> +       link_create_opts.tcx.relative_fd = relative_fd;
> +       link_create_opts.tcx.relative_id = relative_id;
> +       link_create_opts.flags = flags;
> +
> +       /* target_fd/target_ifindex use the same field in LINK_CREATE */
> +       return bpf_program_attach_fd(prog, ifindex, "tc", &link_create_opts);

s/tc/tcx/ ?

>  }
>
>  struct bpf_link *bpf_program__attach_freplace(const struct bpf_program *prog,
> @@ -11917,11 +11956,16 @@ struct bpf_link *bpf_program__attach_freplace(const struct bpf_program *prog,
>         }
>
>         if (target_fd) {
> +               LIBBPF_OPTS(bpf_link_create_opts, target_opts);
> +
>                 btf_id = libbpf_find_prog_btf_id(attach_func_name, target_fd);
>                 if (btf_id < 0)
>                         return libbpf_err_ptr(btf_id);
>
> -               return bpf_program__attach_fd(prog, target_fd, btf_id, "freplace");
> +               target_opts.target_btf_id = btf_id;
> +
> +               return bpf_program_attach_fd(prog, target_fd, "freplace",
> +                                            &target_opts);
>         } else {
>                 /* no target, so use raw_tracepoint_open for compatibility
>                  * with old kernels
> diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h
> index 10642ad69d76..33f60a318e81 100644
> --- a/tools/lib/bpf/libbpf.h
> +++ b/tools/lib/bpf/libbpf.h
> @@ -733,6 +733,22 @@ LIBBPF_API struct bpf_link *
>  bpf_program__attach_netfilter(const struct bpf_program *prog,
>                               const struct bpf_netfilter_opts *opts);
>
> +struct bpf_tcx_opts {
> +       /* size of this struct, for forward/backward compatibility */
> +       size_t sz;
> +       int ifindex;

is ifindex optional or it's expected to always be specified? If the
latter, then I'd move ifindex out of opts and make it second arg of
bpf_program__attach_tcx, between prog and opts

> +       __u32 flags;
> +       __u32 relative_fd;
> +       __u32 relative_id;
> +       __u64 expected_revision;
> +       size_t :0;
> +};
> +#define bpf_tcx_opts__last_field expected_revision
> +
> +LIBBPF_API struct bpf_link *
> +bpf_program__attach_tcx(const struct bpf_program *prog,
> +                       const struct bpf_tcx_opts *opts);
> +
>  struct bpf_map;
>
>  LIBBPF_API struct bpf_link *bpf_map__attach_struct_ops(const struct bpf_map *map);
> diff --git a/tools/lib/bpf/libbpf.map b/tools/lib/bpf/libbpf.map
> index a95d39bbef90..2a2db5c78048 100644
> --- a/tools/lib/bpf/libbpf.map
> +++ b/tools/lib/bpf/libbpf.map
> @@ -397,4 +397,5 @@ LIBBPF_1.3.0 {
>                 bpf_obj_pin_opts;
>                 bpf_program__attach_netfilter;
>                 bpf_prog_detach_opts;
> +               bpf_program__attach_tcx;

heh, now we definitely screwed up sorting ;)

>  } LIBBPF_1.2.0;

> --
> 2.34.1
>

Daniel Borkmann July 11, 2023, 2:08 p.m. UTC | #2

On 7/11/23 6:00 AM, Andrii Nakryiko wrote:
> On Mon, Jul 10, 2023 at 1:12 PM Daniel Borkmann <daniel@iogearbox.net> wrote:
>>
>> Implement tcx BPF link support for libbpf.
>>
>> The bpf_program__attach_fd() API has been refactored slightly in order to pass
>> bpf_link_create_opts pointer as input.
>>
>> A new bpf_program__attach_tcx() has been added on top of this which allows for
>> passing all relevant data via extensible struct bpf_tcx_opts.
>>
>> The program sections tcx/ingress and tcx/egress correspond to the hook locations
>> for tc ingress and egress, respectively.
>>
>> For concrete usage examples, see the extensive selftests that have been
>> developed as part of this series.
>>
>> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
>> ---
>>   tools/lib/bpf/bpf.c      | 19 ++++++++++--
>>   tools/lib/bpf/bpf.h      |  5 ++++
>>   tools/lib/bpf/libbpf.c   | 62 ++++++++++++++++++++++++++++++++++------
>>   tools/lib/bpf/libbpf.h   | 16 +++++++++++
>>   tools/lib/bpf/libbpf.map |  1 +
>>   5 files changed, 92 insertions(+), 11 deletions(-)
>>
> 
> Pretty minor nits, I think ifindex move to be mandatory argument is
> the most consequential, as it's an API. With that addressed, please
> add my ack for next rev
> 
> Acked-by: Andrii Nakryiko <andrii@kernel.org>
> 
>> diff --git a/tools/lib/bpf/bpf.c b/tools/lib/bpf/bpf.c
>> index 3dfc43b477c3..d513c226b9aa 100644
>> --- a/tools/lib/bpf/bpf.c
>> +++ b/tools/lib/bpf/bpf.c
>> @@ -717,9 +717,9 @@ int bpf_link_create(int prog_fd, int target_fd,
>>                      const struct bpf_link_create_opts *opts)
>>   {
>>          const size_t attr_sz = offsetofend(union bpf_attr, link_create);
>> -       __u32 target_btf_id, iter_info_len;
>> +       __u32 target_btf_id, iter_info_len, relative_id;
>> +       int fd, err, relative;
> 
> nit: maybe make these new vars local to the TCX cases branch below?
> 
>>          union bpf_attr attr;
>> -       int fd, err;
>>
>>          if (!OPTS_VALID(opts, bpf_link_create_opts))
>>                  return libbpf_err(-EINVAL);
>> @@ -781,6 +781,21 @@ int bpf_link_create(int prog_fd, int target_fd,
>>                  if (!OPTS_ZEROED(opts, netfilter))
>>                          return libbpf_err(-EINVAL);
>>                  break;
>> +       case BPF_TCX_INGRESS:
>> +       case BPF_TCX_EGRESS:
>> +               relative = OPTS_GET(opts, tcx.relative_fd, 0);
>> +               relative_id = OPTS_GET(opts, tcx.relative_id, 0);
>> +               if (relative > 0 && relative_id)
>> +                       return libbpf_err(-EINVAL);
>> +               if (relative_id) {
>> +                       relative = relative_id;
>> +                       attr.link_create.flags |= BPF_F_ID;
>> +               }
> 
> Well, I have the same nit as in the previous patch, this "relative =
> relative_id" is both confusing because of naming asymmetry (no
> relative_fd throws me off), and also unnecessary updating of the
> state. link_create.flags |= BPF_F_ID is inevitable, but the rest can
> be more straightforward, IMO
> 
>> +               attr.link_create.tcx.relative_fd = relative;
>> +               attr.link_create.tcx.expected_revision = OPTS_GET(opts, tcx.expected_revision, 0);
>> +               if (!OPTS_ZEROED(opts, tcx))
>> +                       return libbpf_err(-EINVAL);
>> +               break;
>>          default:
>>                  if (!OPTS_ZEROED(opts, flags))
>>                          return libbpf_err(-EINVAL);
> 
> [...]
> 
>> +struct bpf_link *
>> +bpf_program__attach_tcx(const struct bpf_program *prog,
>> +                       const struct bpf_tcx_opts *opts)
>> +{
>> +       LIBBPF_OPTS(bpf_link_create_opts, link_create_opts);
>> +       __u32 relative_id, flags;
>> +       int ifindex, relative_fd;
>> +
>> +       if (!OPTS_VALID(opts, bpf_tcx_opts))
>> +               return libbpf_err_ptr(-EINVAL);
>> +
>> +       relative_id = OPTS_GET(opts, relative_id, 0);
>> +       relative_fd = OPTS_GET(opts, relative_fd, 0);
>> +       flags = OPTS_GET(opts, flags, 0);
>> +       ifindex = OPTS_GET(opts, ifindex, 0);
>> +
>> +       /* validate we don't have unexpected combinations of non-zero fields */
>> +       if (!ifindex) {
>> +               pr_warn("prog '%s': target netdevice ifindex cannot be zero\n",
>> +                       prog->name);
>> +               return libbpf_err_ptr(-EINVAL);
>> +       }
> 
> given ifindex is non-optional, then it makes more sense to have it as
> a mandatory argument between prog and opts in
> bpf_program__attach_tcx(), instead of as a field of an opts struct

Agree, and it will also be more in line with bpf_program__attach_xdp() one
which has ifindex as 2nd param too.

I also implemented the rest of the suggestions in here for v5, thanks!

>> +       if (relative_fd > 0 && relative_id) {
> 
> this asymmetrical check is a bit distracting. And also, if someone
> specifies negative FD and positive ID, that's also a bad combo and we
> shouldn't just ignore invalid FD, right? So I'd have a nice and clean
> 
> if (relative_fd && relative_id) { /* bad */ }
> 
>> +               pr_warn("prog '%s': relative_fd and relative_id cannot be set at the same time\n",
>> +                       prog->name);
>> +               return libbpf_err_ptr(-EINVAL);
>> +       }
>> +       if (relative_id)
>> +               flags |= BPF_F_ID;
> 
> I think bpf_link_create() will add this flag anyways, so can drop this
> adjustment logic here?
> 
>> +
>> +       link_create_opts.tcx.expected_revision = OPTS_GET(opts, expected_revision, 0);
>> +       link_create_opts.tcx.relative_fd = relative_fd;
>> +       link_create_opts.tcx.relative_id = relative_id;
>> +       link_create_opts.flags = flags;
>> +
>> +       /* target_fd/target_ifindex use the same field in LINK_CREATE */
>> +       return bpf_program_attach_fd(prog, ifindex, "tc", &link_create_opts);
> 
> s/tc/tcx/ ?
> 
>>   }
>>
>>   struct bpf_link *bpf_program__attach_freplace(const struct bpf_program *prog,
>> @@ -11917,11 +11956,16 @@ struct bpf_link *bpf_program__attach_freplace(const struct bpf_program *prog,
>>          }
>>
>>          if (target_fd) {
>> +               LIBBPF_OPTS(bpf_link_create_opts, target_opts);
>> +
>>                  btf_id = libbpf_find_prog_btf_id(attach_func_name, target_fd);
>>                  if (btf_id < 0)
>>                          return libbpf_err_ptr(btf_id);
>>
>> -               return bpf_program__attach_fd(prog, target_fd, btf_id, "freplace");
>> +               target_opts.target_btf_id = btf_id;
>> +
>> +               return bpf_program_attach_fd(prog, target_fd, "freplace",
>> +                                            &target_opts);
>>          } else {
>>                  /* no target, so use raw_tracepoint_open for compatibility
>>                   * with old kernels
>> diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h
>> index 10642ad69d76..33f60a318e81 100644
>> --- a/tools/lib/bpf/libbpf.h
>> +++ b/tools/lib/bpf/libbpf.h
>> @@ -733,6 +733,22 @@ LIBBPF_API struct bpf_link *
>>   bpf_program__attach_netfilter(const struct bpf_program *prog,
>>                                const struct bpf_netfilter_opts *opts);
>>
>> +struct bpf_tcx_opts {
>> +       /* size of this struct, for forward/backward compatibility */
>> +       size_t sz;
>> +       int ifindex;
> 
> is ifindex optional or it's expected to always be specified? If the
> latter, then I'd move ifindex out of opts and make it second arg of
> bpf_program__attach_tcx, between prog and opts
> 
>> +       __u32 flags;
>> +       __u32 relative_fd;
>> +       __u32 relative_id;
>> +       __u64 expected_revision;
>> +       size_t :0;
>> +};
>> +#define bpf_tcx_opts__last_field expected_revision
>> +
>> +LIBBPF_API struct bpf_link *
>> +bpf_program__attach_tcx(const struct bpf_program *prog,
>> +                       const struct bpf_tcx_opts *opts);
>> +
>>   struct bpf_map;
>>
>>   LIBBPF_API struct bpf_link *bpf_map__attach_struct_ops(const struct bpf_map *map);
>> diff --git a/tools/lib/bpf/libbpf.map b/tools/lib/bpf/libbpf.map
>> index a95d39bbef90..2a2db5c78048 100644
>> --- a/tools/lib/bpf/libbpf.map
>> +++ b/tools/lib/bpf/libbpf.map
>> @@ -397,4 +397,5 @@ LIBBPF_1.3.0 {
>>                  bpf_obj_pin_opts;
>>                  bpf_program__attach_netfilter;
>>                  bpf_prog_detach_opts;
>> +               bpf_program__attach_tcx;
> 
> heh, now we definitely screwed up sorting ;)
> 
>>   } LIBBPF_1.2.0;
> 
>> --
>> 2.34.1
>>
>

diff --git a/tools/lib/bpf/bpf.c b/tools/lib/bpf/bpf.c
index 3dfc43b477c3..d513c226b9aa 100644
--- a/tools/lib/bpf/bpf.c
+++ b/tools/lib/bpf/bpf.c
@@ -717,9 +717,9 @@  int bpf_link_create(int prog_fd, int target_fd,
 		    const struct bpf_link_create_opts *opts)
 {
 	const size_t attr_sz = offsetofend(union bpf_attr, link_create);
-	__u32 target_btf_id, iter_info_len;
+	__u32 target_btf_id, iter_info_len, relative_id;
+	int fd, err, relative;
 	union bpf_attr attr;
-	int fd, err;
 
 	if (!OPTS_VALID(opts, bpf_link_create_opts))
 		return libbpf_err(-EINVAL);
@@ -781,6 +781,21 @@  int bpf_link_create(int prog_fd, int target_fd,
 		if (!OPTS_ZEROED(opts, netfilter))
 			return libbpf_err(-EINVAL);
 		break;
+	case BPF_TCX_INGRESS:
+	case BPF_TCX_EGRESS:
+		relative = OPTS_GET(opts, tcx.relative_fd, 0);
+		relative_id = OPTS_GET(opts, tcx.relative_id, 0);
+		if (relative > 0 && relative_id)
+			return libbpf_err(-EINVAL);
+		if (relative_id) {
+			relative = relative_id;
+			attr.link_create.flags |= BPF_F_ID;
+		}
+		attr.link_create.tcx.relative_fd = relative;
+		attr.link_create.tcx.expected_revision = OPTS_GET(opts, tcx.expected_revision, 0);
+		if (!OPTS_ZEROED(opts, tcx))
+			return libbpf_err(-EINVAL);
+		break;
 	default:
 		if (!OPTS_ZEROED(opts, flags))
 			return libbpf_err(-EINVAL);
diff --git a/tools/lib/bpf/bpf.h b/tools/lib/bpf/bpf.h
index 49e9d88fd9cf..044a74ffc38a 100644
--- a/tools/lib/bpf/bpf.h
+++ b/tools/lib/bpf/bpf.h
@@ -401,6 +401,11 @@  struct bpf_link_create_opts {
 			__s32 priority;
 			__u32 flags;
 		} netfilter;
+		struct {
+			__u32 relative_fd;
+			__u32 relative_id;
+			__u64 expected_revision;
+		} tcx;
 	};
 	size_t :0;
 };
diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
index bd621c916783..aa94d4af0ecb 100644
--- a/tools/lib/bpf/libbpf.c
+++ b/tools/lib/bpf/libbpf.c
@@ -134,6 +134,7 @@  static const char * const link_type_name[] = {
 	[BPF_LINK_TYPE_KPROBE_MULTI]		= "kprobe_multi",
 	[BPF_LINK_TYPE_STRUCT_OPS]		= "struct_ops",
 	[BPF_LINK_TYPE_NETFILTER]		= "netfilter",
+	[BPF_LINK_TYPE_TCX]			= "tcx",
 };
 
 static const char * const map_type_name[] = {
@@ -11845,11 +11846,10 @@  static int attach_lsm(const struct bpf_program *prog, long cookie, struct bpf_li
 }
 
 static struct bpf_link *
-bpf_program__attach_fd(const struct bpf_program *prog, int target_fd, int btf_id,
-		       const char *target_name)
+bpf_program_attach_fd(const struct bpf_program *prog,
+		      int target_fd, const char *target_name,
+		      const struct bpf_link_create_opts *opts)
 {
-	DECLARE_LIBBPF_OPTS(bpf_link_create_opts, opts,
-			    .target_btf_id = btf_id);
 	enum bpf_attach_type attach_type;
 	char errmsg[STRERR_BUFSIZE];
 	struct bpf_link *link;
@@ -11867,7 +11867,7 @@  bpf_program__attach_fd(const struct bpf_program *prog, int target_fd, int btf_id
 	link->detach = &bpf_link__detach_fd;
 
 	attach_type = bpf_program__expected_attach_type(prog);
-	link_fd = bpf_link_create(prog_fd, target_fd, attach_type, &opts);
+	link_fd = bpf_link_create(prog_fd, target_fd, attach_type, opts);
 	if (link_fd < 0) {
 		link_fd = -errno;
 		free(link);
@@ -11883,19 +11883,58 @@  bpf_program__attach_fd(const struct bpf_program *prog, int target_fd, int btf_id
 struct bpf_link *
 bpf_program__attach_cgroup(const struct bpf_program *prog, int cgroup_fd)
 {
-	return bpf_program__attach_fd(prog, cgroup_fd, 0, "cgroup");
+	return bpf_program_attach_fd(prog, cgroup_fd, "cgroup", NULL);
 }
 
 struct bpf_link *
 bpf_program__attach_netns(const struct bpf_program *prog, int netns_fd)
 {
-	return bpf_program__attach_fd(prog, netns_fd, 0, "netns");
+	return bpf_program_attach_fd(prog, netns_fd, "netns", NULL);
 }
 
 struct bpf_link *bpf_program__attach_xdp(const struct bpf_program *prog, int ifindex)
 {
 	/* target_fd/target_ifindex use the same field in LINK_CREATE */
-	return bpf_program__attach_fd(prog, ifindex, 0, "xdp");
+	return bpf_program_attach_fd(prog, ifindex, "xdp", NULL);
+}
+
+struct bpf_link *
+bpf_program__attach_tcx(const struct bpf_program *prog,
+			const struct bpf_tcx_opts *opts)
+{
+	LIBBPF_OPTS(bpf_link_create_opts, link_create_opts);
+	__u32 relative_id, flags;
+	int ifindex, relative_fd;
+
+	if (!OPTS_VALID(opts, bpf_tcx_opts))
+		return libbpf_err_ptr(-EINVAL);
+
+	relative_id = OPTS_GET(opts, relative_id, 0);
+	relative_fd = OPTS_GET(opts, relative_fd, 0);
+	flags = OPTS_GET(opts, flags, 0);
+	ifindex = OPTS_GET(opts, ifindex, 0);
+
+	/* validate we don't have unexpected combinations of non-zero fields */
+	if (!ifindex) {
+		pr_warn("prog '%s': target netdevice ifindex cannot be zero\n",
+			prog->name);
+		return libbpf_err_ptr(-EINVAL);
+	}
+	if (relative_fd > 0 && relative_id) {
+		pr_warn("prog '%s': relative_fd and relative_id cannot be set at the same time\n",
+			prog->name);
+		return libbpf_err_ptr(-EINVAL);
+	}
+	if (relative_id)
+		flags |= BPF_F_ID;
+
+	link_create_opts.tcx.expected_revision = OPTS_GET(opts, expected_revision, 0);
+	link_create_opts.tcx.relative_fd = relative_fd;
+	link_create_opts.tcx.relative_id = relative_id;
+	link_create_opts.flags = flags;
+
+	/* target_fd/target_ifindex use the same field in LINK_CREATE */
+	return bpf_program_attach_fd(prog, ifindex, "tc", &link_create_opts);
 }
 
 struct bpf_link *bpf_program__attach_freplace(const struct bpf_program *prog,
@@ -11917,11 +11956,16 @@  struct bpf_link *bpf_program__attach_freplace(const struct bpf_program *prog,
 	}
 
 	if (target_fd) {
+		LIBBPF_OPTS(bpf_link_create_opts, target_opts);
+
 		btf_id = libbpf_find_prog_btf_id(attach_func_name, target_fd);
 		if (btf_id < 0)
 			return libbpf_err_ptr(btf_id);
 
-		return bpf_program__attach_fd(prog, target_fd, btf_id, "freplace");
+		target_opts.target_btf_id = btf_id;
+
+		return bpf_program_attach_fd(prog, target_fd, "freplace",
+					     &target_opts);
 	} else {
 		/* no target, so use raw_tracepoint_open for compatibility
 		 * with old kernels
diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h
index 10642ad69d76..33f60a318e81 100644
--- a/tools/lib/bpf/libbpf.h
+++ b/tools/lib/bpf/libbpf.h
@@ -733,6 +733,22 @@  LIBBPF_API struct bpf_link *
 bpf_program__attach_netfilter(const struct bpf_program *prog,
 			      const struct bpf_netfilter_opts *opts);
 
+struct bpf_tcx_opts {
+	/* size of this struct, for forward/backward compatibility */
+	size_t sz;
+	int ifindex;
+	__u32 flags;
+	__u32 relative_fd;
+	__u32 relative_id;
+	__u64 expected_revision;
+	size_t :0;
+};
+#define bpf_tcx_opts__last_field expected_revision
+
+LIBBPF_API struct bpf_link *
+bpf_program__attach_tcx(const struct bpf_program *prog,
+			const struct bpf_tcx_opts *opts);
+
 struct bpf_map;
 
 LIBBPF_API struct bpf_link *bpf_map__attach_struct_ops(const struct bpf_map *map);
diff --git a/tools/lib/bpf/libbpf.map b/tools/lib/bpf/libbpf.map
index a95d39bbef90..2a2db5c78048 100644
--- a/tools/lib/bpf/libbpf.map
+++ b/tools/lib/bpf/libbpf.map
@@ -397,4 +397,5 @@  LIBBPF_1.3.0 {
 		bpf_obj_pin_opts;
 		bpf_program__attach_netfilter;
 		bpf_prog_detach_opts;
+		bpf_program__attach_tcx;
 } LIBBPF_1.2.0;

[bpf-next,v4,4/8] libbpf: Add link-based API for tcx

Checks

Commit Message

Comments

Patch