Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
Alexei Starovoitov says: ==================== pull-request: bpf-next 2019-03-26 The following pull-request contains BPF updates for your *net-next* tree. The main changes are: 1) introduce bpf_tcp_check_syncookie() helper for XDP and tc, from Lorenz. 2) allow bpf_skb_ecn_set_ce() in tc, from Peter. 3) numerous bpf tc tunneling improvements, from Willem. 4) and other miscellaneous improvements from Adrian, Alan, Daniel, Ivan, Stanislav. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller
@@ -1478,13 +1478,27 @@ union bpf_attr {
|
||||
* Grow or shrink the room for data in the packet associated to
|
||||
* *skb* by *len_diff*, and according to the selected *mode*.
|
||||
*
|
||||
* There is a single supported mode at this time:
|
||||
* There are two supported modes at this time:
|
||||
*
|
||||
* * **BPF_ADJ_ROOM_MAC**: Adjust room at the mac layer
|
||||
* (room space is added or removed below the layer 2 header).
|
||||
*
|
||||
* * **BPF_ADJ_ROOM_NET**: Adjust room at the network layer
|
||||
* (room space is added or removed below the layer 3 header).
|
||||
*
|
||||
* All values for *flags* are reserved for future usage, and must
|
||||
* be left at zero.
|
||||
* The following flags are supported at this time:
|
||||
*
|
||||
* * **BPF_F_ADJ_ROOM_FIXED_GSO**: Do not adjust gso_size.
|
||||
* Adjusting mss in this way is not allowed for datagrams.
|
||||
*
|
||||
* * **BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 **:
|
||||
* * **BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 **:
|
||||
* Any new space is reserved to hold a tunnel header.
|
||||
* Configure skb offsets and other fields accordingly.
|
||||
*
|
||||
* * **BPF_F_ADJ_ROOM_ENCAP_L4_GRE **:
|
||||
* * **BPF_F_ADJ_ROOM_ENCAP_L4_UDP **:
|
||||
* Use with ENCAP_L3 flags to further specify the tunnel type.
|
||||
*
|
||||
* A call to this helper is susceptible to change the underlaying
|
||||
* packet buffer. Therefore, at load time, all checks on pointers
|
||||
@@ -2431,6 +2445,38 @@ union bpf_attr {
|
||||
* Return
|
||||
* A **struct bpf_sock** pointer on success, or **NULL** in
|
||||
* case of failure.
|
||||
*
|
||||
* struct bpf_sock *bpf_skc_lookup_tcp(void *ctx, struct bpf_sock_tuple *tuple, u32 tuple_size, u64 netns, u64 flags)
|
||||
* Description
|
||||
* Look for TCP socket matching *tuple*, optionally in a child
|
||||
* network namespace *netns*. The return value must be checked,
|
||||
* and if non-**NULL**, released via **bpf_sk_release**\ ().
|
||||
*
|
||||
* This function is identical to bpf_sk_lookup_tcp, except that it
|
||||
* also returns timewait or request sockets. Use bpf_sk_fullsock
|
||||
* or bpf_tcp_socket to access the full structure.
|
||||
*
|
||||
* This helper is available only if the kernel was compiled with
|
||||
* **CONFIG_NET** configuration option.
|
||||
* Return
|
||||
* Pointer to **struct bpf_sock**, or **NULL** in case of failure.
|
||||
* For sockets with reuseport option, the **struct bpf_sock**
|
||||
* result is from **reuse->socks**\ [] using the hash of the tuple.
|
||||
*
|
||||
* int bpf_tcp_check_syncookie(struct bpf_sock *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
|
||||
* Description
|
||||
* Check whether iph and th contain a valid SYN cookie ACK for
|
||||
* the listening socket in sk.
|
||||
*
|
||||
* iph points to the start of the IPv4 or IPv6 header, while
|
||||
* iph_len contains sizeof(struct iphdr) or sizeof(struct ip6hdr).
|
||||
*
|
||||
* th points to the start of the TCP header, while th_len contains
|
||||
* sizeof(struct tcphdr).
|
||||
*
|
||||
* Return
|
||||
* 0 if iph and th are a valid SYN cookie ACK, or a negative error
|
||||
* otherwise.
|
||||
*/
|
||||
#define __BPF_FUNC_MAPPER(FN) \
|
||||
FN(unspec), \
|
||||
@@ -2531,7 +2577,9 @@ union bpf_attr {
|
||||
FN(sk_fullsock), \
|
||||
FN(tcp_sock), \
|
||||
FN(skb_ecn_set_ce), \
|
||||
FN(get_listener_sock),
|
||||
FN(get_listener_sock), \
|
||||
FN(skc_lookup_tcp), \
|
||||
FN(tcp_check_syncookie),
|
||||
|
||||
/* integer value in 'imm' field of BPF_CALL instruction selects which helper
|
||||
* function eBPF program intends to call
|
||||
@@ -2590,9 +2638,18 @@ enum bpf_func_id {
|
||||
/* Current network namespace */
|
||||
#define BPF_F_CURRENT_NETNS (-1L)
|
||||
|
||||
/* BPF_FUNC_skb_adjust_room flags. */
|
||||
#define BPF_F_ADJ_ROOM_FIXED_GSO (1ULL << 0)
|
||||
|
||||
#define BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 (1ULL << 1)
|
||||
#define BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 (1ULL << 2)
|
||||
#define BPF_F_ADJ_ROOM_ENCAP_L4_GRE (1ULL << 3)
|
||||
#define BPF_F_ADJ_ROOM_ENCAP_L4_UDP (1ULL << 4)
|
||||
|
||||
/* Mode for BPF_FUNC_skb_adjust_room helper. */
|
||||
enum bpf_adj_room_mode {
|
||||
BPF_ADJ_ROOM_NET,
|
||||
BPF_ADJ_ROOM_MAC,
|
||||
};
|
||||
|
||||
/* Mode for BPF_FUNC_skb_load_bytes_relative helper. */
|
||||
|
||||
Reference in New Issue
Block a user