From patchwork Tue Nov 26 10:09:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Prashant Bhole X-Patchwork-Id: 11261837 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 52B5B15AC for ; Tue, 26 Nov 2019 10:10:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 310072089D for ; Tue, 26 Nov 2019 10:10:20 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="d+YYczk4" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728017AbfKZKKO (ORCPT ); Tue, 26 Nov 2019 05:10:14 -0500 Received: from mail-pg1-f194.google.com ([209.85.215.194]:39365 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728010AbfKZKKO (ORCPT ); Tue, 26 Nov 2019 05:10:14 -0500 Received: by mail-pg1-f194.google.com with SMTP id b137so6442664pga.6; Tue, 26 Nov 2019 02:10:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ecShvr+Zq6STOGx1l0iQ8cCvKv5lb6vZ/WjknM9nD6E=; b=d+YYczk4lJH43WHRgPgABeQW5AYRNcl7DJRbNi1c4p2WWFqkvolmM2XsQ44czI+mWp aVmIt6CW9B+7OpTNN+ps0zReed0nBfjwq9pklcNZKWKoIW7k1EQMTOHSi4d0/BCnYQee jinDCFwA6wNeZ4cBOG9cHPVSHcKoTCX0NlPdmJVevRHmMaf97cZDvXxtiWam3BPVOLr9 RFEZ0ncycDTNPn5Urku5wMT1KOZ8+LKL42IakRmapDH1VNSLE/H9DD99CM6pQ9LMRigI y0T8KiZRlGegkVpLl3zTTtrATMEXAozU32i+jHRlYa3drVFQX+N2oBh6kWr44Z3T2zcB SEaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ecShvr+Zq6STOGx1l0iQ8cCvKv5lb6vZ/WjknM9nD6E=; b=DeWsz7cvyOT96qeoXmPmrT16zTTQuqg0n0i4Gqhb9cUmzRb0p6rZe/MVpcv9Wavevl Hpkj7R6mOIFQ0GLBDg95hioXfwzO9YyDufp9P9FiGoSPjUf3O+uVHcf20rEhBBWvN08m uja5QKFFx3zjsdFWR9fiZ6Cuw7P+9FuOylA11h5rgdH0u/eWzp2suu0Ayt8VgWludHpi D9EVoYA3iVMTK7EbnDRgJw7ClEKtZaHHYsgu7lO+uT2b/caEy2oGDUOaC5QJlngaVGKJ bxWYiF02bo5QSN1FHFwv2KYC4ux3wHhzZSSPIPw3N+mTmONkL6+XuDAkF437HHHXdMAL GI2w== X-Gm-Message-State: APjAAAUUc6aRz1JCNBB/kTSPkzKPkiVI7A0iBsOpeZfQP2jdoir64455 K7px3UCEoupDnsMbP4KzB1E= X-Google-Smtp-Source: APXvYqxLnUahtpS2ezzELlW12TWhqW19OSB0jtp9PSXtwd5yFTcnaRJ86M926/WsXnNPNpvBgZKE9Q== X-Received: by 2002:a63:e4a:: with SMTP id 10mr35864959pgo.121.1574763013362; Tue, 26 Nov 2019 02:10:13 -0800 (PST) Received: from localhost.localdomain ([222.151.198.97]) by smtp.gmail.com with ESMTPSA id h9sm12059065pgk.84.2019.11.26.02.10.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 Nov 2019 02:10:12 -0800 (PST) From: Prashant Bhole To: "Michael S . Tsirkin" , Jason Wang , qemu-devel@nongnu.org Cc: Prashant Bhole , "David S . Miller" , Alexei Starovoitov , Daniel Borkmann , Jakub Kicinski , Jesper Dangaard Brouer , John Fastabend , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , netdev@vger.kernel.org, kvm@vger.kernel.org Subject: [RFC 1/3] configure: add libbpf support Date: Tue, 26 Nov 2019 19:09:12 +0900 Message-Id: <20191126100914.5150-2-prashantbhole.linux@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20191126100914.5150-1-prashantbhole.linux@gmail.com> References: <20191126100914.5150-1-prashantbhole.linux@gmail.com> MIME-Version: 1.0 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org This is a preparation to add libbpf support for Qemu. When it is enabled Qemu can load eBPF programs and manipulated eBPF maps libbpf APIs. When configured with --enable-libbpf, availability of libbpf is checked. If it exists then CONFIG_LIBBPF is defined and the qemu binary is linked with libbpf. Signed-off-by: Prashant Bhole --- configure | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/configure b/configure index 6099be1d84..a7e8a8450d 100755 --- a/configure +++ b/configure @@ -504,6 +504,7 @@ debug_mutex="no" libpmem="" default_devices="yes" plugins="no" +libbpf="no" supported_cpu="no" supported_os="no" @@ -1539,6 +1540,8 @@ for opt do ;; --disable-plugins) plugins="no" ;; + --enable-libbpf) libbpf="yes" + ;; *) echo "ERROR: unknown option $opt" echo "Try '$0 --help' for more information" @@ -1825,6 +1828,7 @@ disabled with --disable-FEATURE, default is enabled if available: debug-mutex mutex debugging support libpmem libpmem support xkbcommon xkbcommon support + libbpf eBPF program support NOTE: The object files are built at the place where configure is launched EOF @@ -6084,6 +6088,19 @@ case "$slirp" in ;; esac +########################################## +# Do we have libbpf +if test "$libbpf" != "no" ; then + if $pkg_config libbpf; then + libbpf="yes" + libbpf_libs=$($pkg_config --libs libbpf) + else + if test "$libbpf" == "yes" ; then + feature_not_found "libbpf" "Install libbpf devel" + fi + libbpf="no" + fi +fi ########################################## # End of CC checks @@ -6599,6 +6616,7 @@ echo "libpmem support $libpmem" echo "libudev $libudev" echo "default devices $default_devices" echo "plugin support $plugins" +echo "XDP offload support $libbpf" if test "$supported_cpu" = "no"; then echo @@ -7457,6 +7475,11 @@ if test "$plugins" = "yes" ; then fi fi +if test "$libbpf" = "yes" ; then + echo "CONFIG_LIBBPF=y" >> $config_host_mak + echo "LIBBPF_LIBS=$libbpf_libs" >> $config_host_mak +fi + if test "$tcg_interpreter" = "yes"; then QEMU_INCLUDES="-iquote \$(SRC_PATH)/tcg/tci $QEMU_INCLUDES" elif test "$ARCH" = "sparc64" ; then From patchwork Tue Nov 26 10:09:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Prashant Bhole X-Patchwork-Id: 11261851 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 670166C1 for ; Tue, 26 Nov 2019 10:10:28 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 2AC402089D for ; Tue, 26 Nov 2019 10:10:28 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Uq/ahqOA" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728039AbfKZKKW (ORCPT ); Tue, 26 Nov 2019 05:10:22 -0500 Received: from mail-pj1-f47.google.com ([209.85.216.47]:38634 "EHLO mail-pj1-f47.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728040AbfKZKKS (ORCPT ); Tue, 26 Nov 2019 05:10:18 -0500 Received: by mail-pj1-f47.google.com with SMTP id f7so8072638pjw.5; Tue, 26 Nov 2019 02:10:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=izpU3FP4fxkkqeoLGSB6k8qMmojNU/Dikc5DKXQ0xHU=; b=Uq/ahqOAzTEUkTwsljpwIkyrGPqH/evKDEDersVK+mnaWbVNUkIthOWiLU+OXtLUvU EOw+sFAxx99LvFjbn0xvlUFZ5J3TEpxJkoyjlF2msZFo/LOeVoj6IkxWSzwwvLF/GaO4 LV0VhZdKKH/GmYoyD3t6ep/62dQSmfaGEgWoU9yvfU7Rgusygl34frWANucKte7c05BM V5fH+YZvdKIZB7KcK8MgdI3YFmWqAtKSVQ2oidAApxjtHLUjzcKonWljChWnfE+ng/+x lioML1DyLTJ9oTbXDsRF4zQN7TE/MgG5O/maBRtCNJrC7VQNXshM+DqgYTr9+KMSBVLC NAng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=izpU3FP4fxkkqeoLGSB6k8qMmojNU/Dikc5DKXQ0xHU=; b=kUZ18381yin/thuOPac1UYSaQR6+Z8a5PdJuZO/cwCVRq3oW37OXaHf/tbOuHjZBd7 jkEQRP/3bqH0ppXrUc+dpZXOUOnNsB5onRUcF3hu4hdKsKjU921sLoEaWkByRYYdKh/D 2532hq2UfzOE6H7QbHFdDLJ63y0uFjVOTDkmJcOmqIm+jg6+3QzlMDALSI/OyrxfWS3t 93V1eCDGT2O4BPQvlbGqfqUxRubwX8GH/hzWFFV9+57qFqT7w80f2FZs3omhNfLmbo6l X6GYye67QNFjr3dTDq2ZlWSnxduKtQtQELmEID5fmmeqk+T48WoMDD/rdvMqU0tSlIc2 E+Pw== X-Gm-Message-State: APjAAAVR5BWde5LHvbI+y8Zw0TaiPGyHrjMWZsUfVaOKn7G/xgkcy/a+ ZC+/NQYumNuM33AJs1uoPBg= X-Google-Smtp-Source: APXvYqytegqONiYQJkp3D/RPNSJspi2nkwoVBXcgZu7C3Ai2QAmscJb++iOInjMbvENLHy/9nfJw7g== X-Received: by 2002:a17:902:fe06:: with SMTP id g6mr16749434plj.52.1574763017372; Tue, 26 Nov 2019 02:10:17 -0800 (PST) Received: from localhost.localdomain ([222.151.198.97]) by smtp.gmail.com with ESMTPSA id h9sm12059065pgk.84.2019.11.26.02.10.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 Nov 2019 02:10:16 -0800 (PST) From: Prashant Bhole To: "Michael S . Tsirkin" , Jason Wang , qemu-devel@nongnu.org Cc: "David S . Miller" , Alexei Starovoitov , Daniel Borkmann , Jakub Kicinski , Jesper Dangaard Brouer , John Fastabend , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , netdev@vger.kernel.org, kvm@vger.kernel.org, Prashant Bhole Subject: [RFC 2/3] virtio-net: add support for offloading XDP program Date: Tue, 26 Nov 2019 19:09:13 +0900 Message-Id: <20191126100914.5150-3-prashantbhole.linux@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20191126100914.5150-1-prashantbhole.linux@gmail.com> References: <20191126100914.5150-1-prashantbhole.linux@gmail.com> MIME-Version: 1.0 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Jason Wang This feature involves offloading of XDP program and ebpf map from the guest to the host. This patch takes care of offloadin of program. A handler for VIRTIO_NET_CTRL_EBPF command is added in virtio-net. The control buffer consist of struct virtio_net_ctrl_ebpf_prog and followed by an ebpf program instructions. An array of bpf_insn is prepared and passed to libbpf API bpf_load_program. The program fd is retuned by the API is then attached to tap fd using TUNSETOFFLOADEDXDP ioctl command. Signed-off-by: Jason Wang Co-developed-by: Prashant Bhole Signed-off-by: Prashant Bhole --- hw/net/virtio-net.c | 69 +++++++++++++++++++++ include/net/tap.h | 2 + include/standard-headers/linux/virtio_net.h | 27 ++++++++ net/Makefile.objs | 1 + net/tap-bsd.c | 5 ++ net/tap-linux.c | 48 ++++++++++++++ net/tap-linux.h | 1 + net/tap-solaris.c | 5 ++ net/tap-stub.c | 5 ++ net/tap.c | 7 +++ net/tap_int.h | 1 + 11 files changed, 171 insertions(+) diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index 97a5113f7e..7cc1bd1654 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -43,6 +43,11 @@ #include "monitor/qdev.h" #include "hw/pci/pci.h" +#ifdef CONFIG_LIBBPF +#include +#include +#endif + #define VIRTIO_NET_VM_VERSION 11 #define MAC_TABLE_ENTRIES 64 @@ -628,6 +633,21 @@ static int peer_attach(VirtIONet *n, int index) return tap_enable(nc->peer); } +static int peer_attach_ebpf(VirtIONet *n, int len, void *insns, uint8_t gpl) +{ + NetClientState *nc = qemu_get_subqueue(n->nic, 0); + + if (!nc->peer) { + return 0; + } + + if (nc->peer->info->type != NET_CLIENT_DRIVER_TAP) { + return 0; + } + + return tap_attach_ebpf(nc->peer, len, insns, gpl); +} + static int peer_detach(VirtIONet *n, int index) { NetClientState *nc = qemu_get_subqueue(n->nic, index); @@ -991,6 +1011,53 @@ static int virtio_net_handle_offloads(VirtIONet *n, uint8_t cmd, } } +static int virtio_net_handle_ebpf_prog(VirtIONet *n, struct iovec *iov, + unsigned int iov_cnt) +{ +#ifdef CONFIG_LIBBPF + struct bpf_insn prog[4096]; + struct virtio_net_ctrl_ebpf_prog ctrl; + size_t s; + int err = VIRTIO_NET_ERR; + + s = iov_to_buf(iov, iov_cnt, 0, &ctrl, sizeof(ctrl)); + if (s != sizeof(ctrl)) { + error_report("Invalid ebpf prog control buffer"); + goto err; + } + + if (ctrl.cmd == VIRTIO_NET_BPF_CMD_SET_OFFLOAD) { + s = iov_to_buf(iov, iov_cnt, sizeof(ctrl), prog, sizeof(prog)); + if (s != ctrl.len) { + error_report("Invalid ebpf prog control buffer"); + goto err; + } + + err = peer_attach_ebpf(n, s, prog, ctrl.gpl_compatible); + if (err) { + error_report("Failed to attach XDP program"); + goto err; + } + } else if (ctrl.cmd == VIRTIO_NET_BPF_CMD_UNSET_OFFLOAD) { + err = peer_attach_ebpf(n, 0, NULL, 0); + } +err: + return err ? VIRTIO_NET_ERR : VIRTIO_NET_OK; +#else + return VIRTIO_NET_ERR; +#endif +} + +static int virtio_net_handle_ebpf(VirtIONet *n, uint8_t cmd, + struct iovec *iov, unsigned int iov_cnt) +{ + if (cmd == VIRTIO_NET_CTRL_EBPF_PROG) { + return virtio_net_handle_ebpf_prog(n, iov, iov_cnt); + } + + return VIRTIO_NET_ERR; +} + static int virtio_net_handle_mac(VirtIONet *n, uint8_t cmd, struct iovec *iov, unsigned int iov_cnt) { @@ -1208,6 +1275,8 @@ static void virtio_net_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq) status = virtio_net_handle_mq(n, ctrl.cmd, iov, iov_cnt); } else if (ctrl.class == VIRTIO_NET_CTRL_GUEST_OFFLOADS) { status = virtio_net_handle_offloads(n, ctrl.cmd, iov, iov_cnt); + } else if (ctrl.class == VIRTIO_NET_CTRL_EBPF) { + status = virtio_net_handle_ebpf(n, ctrl.cmd, iov, iov_cnt); } s = iov_from_buf(elem->in_sg, elem->in_num, 0, &status, sizeof(status)); diff --git a/include/net/tap.h b/include/net/tap.h index 5d585515f9..19c507a1c2 100644 --- a/include/net/tap.h +++ b/include/net/tap.h @@ -33,6 +33,8 @@ int tap_disable(NetClientState *nc); int tap_get_fd(NetClientState *nc); +int tap_attach_ebpf(NetClientState *nc, int len, void *insns, uint8_t gpl); + struct vhost_net; struct vhost_net *tap_get_vhost_net(NetClientState *nc); diff --git a/include/standard-headers/linux/virtio_net.h b/include/standard-headers/linux/virtio_net.h index 260c3681d7..83292c81bc 100644 --- a/include/standard-headers/linux/virtio_net.h +++ b/include/standard-headers/linux/virtio_net.h @@ -261,4 +261,31 @@ struct virtio_net_ctrl_mq { #define VIRTIO_NET_CTRL_GUEST_OFFLOADS 5 #define VIRTIO_NET_CTRL_GUEST_OFFLOADS_SET 0 +/* + * Control XDP offloads offloads + * + * When guest wants to offload XDP program to tap device, it calls + * VIRTIO_NET_CTRL_EBPF_PROG along with VIRTIO_NET_BPF_CMD_SET_OFFLOAD + * subcommands. When offloading is successful, the tap device run offloaded + * XDP program for each packet before sending it to the guest. + * + * VIRTIO_NET_BPF_CMD_UNSET_OFFLOAD removes the the offloaded program from + * the tap device, if exists. + */ + +struct virtio_net_ctrl_ebpf_prog { + /* program length in bytes */ + __virtio32 len; + __virtio16 cmd; + __virtio16 gpl_compatible; + uint8_t insns[0]; +}; + +#define VIRTIO_NET_CTRL_EBPF 6 + #define VIRTIO_NET_CTRL_EBPF_PROG 1 + +/* Commands for VIRTIO_NET_CTRL_EBPF_PROG */ +#define VIRTIO_NET_BPF_CMD_SET_OFFLOAD 1 +#define VIRTIO_NET_BPF_CMD_UNSET_OFFLOAD 2 + #endif /* _LINUX_VIRTIO_NET_H */ diff --git a/net/Makefile.objs b/net/Makefile.objs index c5d076d19c..e7645225be 100644 --- a/net/Makefile.objs +++ b/net/Makefile.objs @@ -28,5 +28,6 @@ common-obj-$(CONFIG_POSIX) += tap.o $(tap-obj-y) common-obj-$(CONFIG_WIN32) += tap-win32.o vde.o-libs = $(VDE_LIBS) +tap-linux.o-libs = $(LIBBPF_LIBS) common-obj-$(CONFIG_CAN_BUS) += can/ diff --git a/net/tap-bsd.c b/net/tap-bsd.c index a5c3707f80..e4e2a5c799 100644 --- a/net/tap-bsd.c +++ b/net/tap-bsd.c @@ -259,3 +259,8 @@ int tap_fd_get_ifname(int fd, char *ifname) { return -1; } + +int tap_fd_attach_ebpf(int fd, int len, void *insns, uint8_t gpl) +{ + return -EINVAL; +} diff --git a/net/tap-linux.c b/net/tap-linux.c index e0dd442ee3..3ff806bf4f 100644 --- a/net/tap-linux.c +++ b/net/tap-linux.c @@ -31,6 +31,8 @@ #include #include +#include +#include #include "qapi/error.h" #include "qemu/error-report.h" @@ -314,3 +316,49 @@ int tap_fd_get_ifname(int fd, char *ifname) pstrcpy(ifname, sizeof(ifr.ifr_name), ifr.ifr_name); return 0; } + +int tap_fd_attach_ebpf(int fd, int len, void *insns, uint8_t gpl) +{ +#ifdef CONFIG_LIBBPF + struct bpf_insn *prog = (struct bpf_insn *)insns; + static char log_buf[65536]; + char license[16] = {0}; + int num_insn; + int bpf_fd; + int ret; + + if (!prog) { + bpf_fd = -1; + ret = ioctl(fd, TUNSETOFFLOADEDXDP, &bpf_fd); + if (ret) { + error_report("Failed to remove offloaded XDP: %s", strerror(errno)); + return -EFAULT; + } + return ret; + } + + num_insn = len / sizeof(prog[0]); + if (gpl) { + strncpy(license, "GPL", sizeof(license)); + } + + bpf_fd = bpf_load_program(BPF_PROG_TYPE_XDP, prog, num_insn, license, + 0, log_buf, sizeof(log_buf)); + if (bpf_fd < 0) { + error_report("Failed to load XDP program: %s", strerror(errno)); + error_report("ebpf verifier log: %s", log_buf); + return -EFAULT; + } + + ret = ioctl(fd, TUNSETOFFLOADEDXDP, &bpf_fd); + if (ret) { + error_report("Failed to set offloaded XDP: %s", strerror(errno)); + return -EFAULT; + } + close(bpf_fd); + + return ret; +#else + return -EINVAL; +#endif +} diff --git a/net/tap-linux.h b/net/tap-linux.h index 2f36d100fc..791aeaebc4 100644 --- a/net/tap-linux.h +++ b/net/tap-linux.h @@ -31,6 +31,7 @@ #define TUNSETQUEUE _IOW('T', 217, int) #define TUNSETVNETLE _IOW('T', 220, int) #define TUNSETVNETBE _IOW('T', 222, int) +#define TUNSETOFFLOADEDXDP _IOW('T', 228, int) #endif diff --git a/net/tap-solaris.c b/net/tap-solaris.c index 4725d2314e..38b9136b5f 100644 --- a/net/tap-solaris.c +++ b/net/tap-solaris.c @@ -254,3 +254,8 @@ int tap_fd_get_ifname(int fd, char *ifname) { return -1; } + +int tap_fd_attach_ebpf(int fd, int len, void *insns, uint8_t gpl) +{ + return -EINVAL; +} diff --git a/net/tap-stub.c b/net/tap-stub.c index a9ab8f8293..5f4161b390 100644 --- a/net/tap-stub.c +++ b/net/tap-stub.c @@ -85,3 +85,8 @@ int tap_fd_get_ifname(int fd, char *ifname) { return -1; } + +int tap_fd_attach_ebpf(int fd, int len, void *insns, uint8_t gpl) +{ + return -EINVAL; +} diff --git a/net/tap.c b/net/tap.c index 6207f61f84..3dba8eacb1 100644 --- a/net/tap.c +++ b/net/tap.c @@ -971,6 +971,13 @@ int tap_enable(NetClientState *nc) } } +int tap_attach_ebpf(NetClientState *nc, int len, void *insns, uint8_t gpl) +{ + TAPState *s = DO_UPCAST(TAPState, nc, nc); + + return tap_fd_attach_ebpf(s->fd, len, insns, gpl); +} + int tap_disable(NetClientState *nc) { TAPState *s = DO_UPCAST(TAPState, nc, nc); diff --git a/net/tap_int.h b/net/tap_int.h index e3194b23f4..af641607e2 100644 --- a/net/tap_int.h +++ b/net/tap_int.h @@ -44,5 +44,6 @@ int tap_fd_set_vnet_be(int fd, int vnet_is_be); int tap_fd_enable(int fd); int tap_fd_disable(int fd); int tap_fd_get_ifname(int fd, char *ifname); +int tap_fd_attach_ebpf(int fd, int len, void *insns, uint8_t gpl); #endif /* NET_TAP_INT_H */ From patchwork Tue Nov 26 10:09:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Prashant Bhole X-Patchwork-Id: 11261843 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BCB9D6C1 for ; Tue, 26 Nov 2019 10:10:24 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 95D99208C0 for ; Tue, 26 Nov 2019 10:10:24 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="nRF5Tm8j" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728040AbfKZKKX (ORCPT ); Tue, 26 Nov 2019 05:10:23 -0500 Received: from mail-pj1-f66.google.com ([209.85.216.66]:33658 "EHLO mail-pj1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727959AbfKZKKW (ORCPT ); Tue, 26 Nov 2019 05:10:22 -0500 Received: by mail-pj1-f66.google.com with SMTP id r67so301773pjb.0; Tue, 26 Nov 2019 02:10:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=8RYu51EDNv1nof9QqLb6ITvPij8Y0e1oqvT4ZWA3MBk=; b=nRF5Tm8jxrFWVSKwm9O8IM/CbmQqEsu5rCN9Jyr5Imv6QqQfq9VRMYS7YLJ5wUJCxh qIt9XGVC1HAjJFjMFfh2wiMDJ1RsUshx7jiDLkSxPCruk/EpIJA5uWjo33nVwjrwg7KQ iqAIss99ASYM2cGrf4dQrhfnPWjiHbnNJiSrsXNoPQPG99KrN1YdAAsafpM+Mau9iN3X g3ZrKf6tLLLyKSYyX6wrhJ2QDhD4/HkK2AbM4EASZg5bK2CrlgHNsZiMnfc8ye1r2Vti 5CmHfDMSNkWzgKkbp2IsgZJrdCp3p41Vbh3TvrO36cyVwu+Ef5NXYan++ww4AzfpXKdS H29w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=8RYu51EDNv1nof9QqLb6ITvPij8Y0e1oqvT4ZWA3MBk=; b=brzmhjnzkG/oZgTi5ewQlG8PZ3tOjWZ9z6oTRi35ZL7fRfj+ZskZEswm/udsu3++4D t7xxHeefc3cawLh0Tt9spWPtWAGJyJl7UXCDrT9YCcpwc4OtDS761v7Mc6eES5EG+Tpa bs2AHmx8JRUnPE3XuJjSzxT+BV35xw34cAPmRfqi7ueEwTk9YRSB3Mxsy9ohgfDUl0tc VMTmeJIwt++HYyD/mw211xK8TRUGOFxVR6gbM4KyFj4CAVIUhNJWNGKbmrDTjwBGvFGX fddQORFQvRj5DI5AT37tBTYR/FygjFTf+rnkI4vzgw/dN8f8WMjfexa4UV8peiLD7Oxi B0uw== X-Gm-Message-State: APjAAAWJTgKBAxW+j4AgDiozhA5qYdYC7ZSWs3pkY+NHM0x1rEec+xig ikTnADtB8ZBn1GCnODybciI= X-Google-Smtp-Source: APXvYqxADjKHatHur+fxT/01AG/vZgD9nSsRNGb2AyFD7GjgVAPzN1abgIppTbaJ/3338My3voR1ig== X-Received: by 2002:a17:90a:650c:: with SMTP id i12mr5948361pjj.28.1574763021275; Tue, 26 Nov 2019 02:10:21 -0800 (PST) Received: from localhost.localdomain ([222.151.198.97]) by smtp.gmail.com with ESMTPSA id h9sm12059065pgk.84.2019.11.26.02.10.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 Nov 2019 02:10:20 -0800 (PST) From: Prashant Bhole To: "Michael S . Tsirkin" , Jason Wang , qemu-devel@nongnu.org Cc: "David S . Miller" , Alexei Starovoitov , Daniel Borkmann , Jakub Kicinski , Jesper Dangaard Brouer , John Fastabend , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , netdev@vger.kernel.org, kvm@vger.kernel.org, Prashant Bhole Subject: [RFC 3/3] virtio-net: add support for offloading an ebpf map Date: Tue, 26 Nov 2019 19:09:14 +0900 Message-Id: <20191126100914.5150-4-prashantbhole.linux@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20191126100914.5150-1-prashantbhole.linux@gmail.com> References: <20191126100914.5150-1-prashantbhole.linux@gmail.com> MIME-Version: 1.0 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Jason Wang This change is a part of XDP offload feature. It handles offloading of eBPF map from the guest. A command handler for VIRTIO_NET_CTRL_EBPF now checks for subcommand VIRTIO_NET_CTRL_EBPF_MAP and. The control buffer consists of struct virtio_net_ctrl_ebpf_map followed by map key/value or key/key pair. Map manipulation is done using libbpf APIs. Signed-off-by: Jason Wang Co-developed-by: Prashant Bhole Signed-off-by: Prashant Bhole --- hw/net/Makefile.objs | 2 + hw/net/virtio-net.c | 88 +++++++++++++++++++++ include/standard-headers/linux/virtio_net.h | 23 ++++++ 3 files changed, 113 insertions(+) diff --git a/hw/net/Makefile.objs b/hw/net/Makefile.objs index 7907d2c199..5928497a01 100644 --- a/hw/net/Makefile.objs +++ b/hw/net/Makefile.objs @@ -52,3 +52,5 @@ common-obj-$(CONFIG_ROCKER) += rocker/rocker.o rocker/rocker_fp.o \ obj-$(call lnot,$(CONFIG_ROCKER)) += rocker/qmp-norocker.o common-obj-$(CONFIG_CAN_BUS) += can/ + +virtio-net.o-libs := $(LIBBPF_LIBS) diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index 7cc1bd1654..3c49273796 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -1011,6 +1011,92 @@ static int virtio_net_handle_offloads(VirtIONet *n, uint8_t cmd, } } +static int virtio_net_handle_ebpf_map(VirtIONet *n, struct iovec *iov, + unsigned int iov_cnt) +{ +#ifdef CONFIG_LIBBPF + struct virtio_net_ctrl_ebpf_map *ctrl = NULL; + struct bpf_create_map_attr map_attr = {}; + uint8_t *key, *val; + uint32_t buf_len; + int fd, err = 0; + size_t s; + + s = iov_to_buf(iov, iov_cnt, 0, &buf_len, sizeof(buf_len)); + if (s != sizeof(buf_len)) { + goto err; + } + + ctrl = malloc(sizeof(*ctrl) + buf_len); + if (!ctrl) { + goto err; + } + + s = iov_to_buf(iov, iov_cnt, 0, ctrl, sizeof(*ctrl) + buf_len); + if (s != (sizeof(*ctrl) + buf_len)) { + error_report("Invalid map control buffer"); + goto err; + } + + key = ctrl->buf; + val = ctrl->buf + ctrl->key_size; + + switch (ctrl->cmd) { + case VIRTIO_NET_BPF_CMD_CREATE_MAP: + map_attr.map_type = ctrl->map_type; + map_attr.map_flags = ctrl->map_flags; + map_attr.key_size = ctrl->key_size; + map_attr.value_size = ctrl->value_size; + map_attr.max_entries = ctrl->max_entries; + fd = bpf_create_map_xattr(&map_attr); + if (fd < 0) { + goto err; + } + ctrl->map_fd = fd; + break; + case VIRTIO_NET_BPF_CMD_FREE_MAP: + close(ctrl->map_fd); + break; + case VIRTIO_NET_BPF_CMD_LOOKUP_ELEM: + err = bpf_map_lookup_elem(ctrl->map_fd, key, val); + break; + case VIRTIO_NET_BPF_CMD_GET_FIRST: + err = bpf_map_get_next_key(ctrl->map_fd, NULL, val); + break; + case VIRTIO_NET_BPF_CMD_GET_NEXT: + err = bpf_map_get_next_key(ctrl->map_fd, key, val); + break; + case VIRTIO_NET_BPF_CMD_UPDATE_ELEM: + err = bpf_map_update_elem(ctrl->map_fd, key, val, ctrl->flags); + break; + case VIRTIO_NET_BPF_CMD_DELETE_ELEM: + err = bpf_map_delete_elem(ctrl->map_fd, key); + default: + error_report("map operation not implemented %d", ctrl->cmd); + goto err; + } + + if (err) { + goto err; + } + + s = iov_from_buf(iov, iov_cnt, 0, ctrl, sizeof(*ctrl) + buf_len); + if (s != sizeof(*ctrl) + buf_len) { + error_report("failed to write map operation result"); + goto err; + } + + free(ctrl); + return VIRTIO_NET_OK; + +err: + if (ctrl) { + free(ctrl); + } +#endif + return VIRTIO_NET_ERR; +} + static int virtio_net_handle_ebpf_prog(VirtIONet *n, struct iovec *iov, unsigned int iov_cnt) { @@ -1053,6 +1139,8 @@ static int virtio_net_handle_ebpf(VirtIONet *n, uint8_t cmd, { if (cmd == VIRTIO_NET_CTRL_EBPF_PROG) { return virtio_net_handle_ebpf_prog(n, iov, iov_cnt); + } else if (cmd == VIRTIO_NET_CTRL_EBPF_MAP) { + return virtio_net_handle_ebpf_map(n, iov, iov_cnt); } return VIRTIO_NET_ERR; diff --git a/include/standard-headers/linux/virtio_net.h b/include/standard-headers/linux/virtio_net.h index 83292c81bc..cca234e0e8 100644 --- a/include/standard-headers/linux/virtio_net.h +++ b/include/standard-headers/linux/virtio_net.h @@ -281,11 +281,34 @@ struct virtio_net_ctrl_ebpf_prog { uint8_t insns[0]; }; +struct virtio_net_ctrl_ebpf_map { + __virtio32 buf_len; + __virtio32 cmd; + __virtio32 map_type; + __virtio32 key_size; + __virtio32 value_size; + __virtio32 max_entries; + __virtio32 map_flags; + __virtio32 map_fd; + __virtio64 flags; + uint8_t buf[0]; +}; + #define VIRTIO_NET_CTRL_EBPF 6 #define VIRTIO_NET_CTRL_EBPF_PROG 1 + #define VIRTIO_NET_CTRL_EBPF_MAP 2 /* Commands for VIRTIO_NET_CTRL_EBPF_PROG */ #define VIRTIO_NET_BPF_CMD_SET_OFFLOAD 1 #define VIRTIO_NET_BPF_CMD_UNSET_OFFLOAD 2 +/* Commands for VIRTIO_NET_CTRL_EBPF_MAP */ +#define VIRTIO_NET_BPF_CMD_CREATE_MAP 1 +#define VIRTIO_NET_BPF_CMD_FREE_MAP 2 +#define VIRTIO_NET_BPF_CMD_UPDATE_ELEM 3 +#define VIRTIO_NET_BPF_CMD_LOOKUP_ELEM 4 +#define VIRTIO_NET_BPF_CMD_DELETE_ELEM 5 +#define VIRTIO_NET_BPF_CMD_GET_FIRST 6 +#define VIRTIO_NET_BPF_CMD_GET_NEXT 7 + #endif /* _LINUX_VIRTIO_NET_H */