matthias
/
iproute2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
2,085 Commits 5 Branches 108 Tags 7.5 MiB
C 91.1%
C++ 5.9%
Shell 2.1%
Makefile 0.5%
Yacc 0.2%
Go to file
Daniel Borkmann 4bd624467b tc: built-in eBPF exec proxy 
This work follows upon commit 6256f8c9e4 ("tc, bpf: finalize eBPF
support for cls and act front-end") and takes up the idea proposed by
Hannes Frederic Sowa to spawn a shell (or any other command) that holds
generated eBPF map file descriptors.

File descriptors, based on their id, are being fetched from the same
unix domain socket as demonstrated in the bpf_agent, the shell spawned
via execvpe(2) and the map fds passed over the environment, and thus
are made available to applications in the fashion of std{in,out,err}
for read/write access, for example in case of iproute2's examples/bpf/:

  # env | grep BPF
  BPF_NUM_MAPS=3
  BPF_MAP1=6        <- BPF_MAP_ID_QUEUE (id 1)
  BPF_MAP0=5        <- BPF_MAP_ID_PROTO (id 0)
  BPF_MAP2=7        <- BPF_MAP_ID_DROPS (id 2)

  # ls -la /proc/self/fd
  [...]
  lrwx------. 1 root root 64 Apr 14 16:46 0 -> /dev/pts/4
  lrwx------. 1 root root 64 Apr 14 16:46 1 -> /dev/pts/4
  lrwx------. 1 root root 64 Apr 14 16:46 2 -> /dev/pts/4
  [...]
  lrwx------. 1 root root 64 Apr 14 16:46 5 -> anon_inode:bpf-map
  lrwx------. 1 root root 64 Apr 14 16:46 6 -> anon_inode:bpf-map
  lrwx------. 1 root root 64 Apr 14 16:46 7 -> anon_inode:bpf-map

The advantage (as opposed to the direct/native usage) is that now the
shell is map fd owner and applications can terminate and easily reattach
to descriptors w/o any kernel changes. Moreover, multiple applications
can easily read/write eBPF maps simultaneously.

To further allow users for experimenting with that, next step is to add
a small helper that can get along with simple data types, so that also
shell scripts can make use of bpf syscall, f.e to read/write into maps.

Generally, this allows for prepopulating maps, or any runtime altering
which could influence eBPF program behaviour (f.e. different run-time
classifications, skb modifications, ...), dumping of statistics, etc.

Reference: http://thread.gmane.org/gmane.linux.network/357471/focus=357860
Suggested-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
 		2015-04-27 16:39:23 -07:00
bridge iproute2: unify naming for entries offloaded to hardware 2015-04-13 09:40:46 -07:00
doc ip: support RFC4191 router preference 2015-03-24 15:45:23 -07:00
etc/iproute2 rt_dsfield: fix Expedited Forwarding PHB 2014-12-03 18:50:59 -08:00
examples tc: built-in eBPF exec proxy 2015-04-27 16:39:23 -07:00
genl genl: fix a typo in help message of ctrl 2014-02-10 14:41:25 -08:00
include libnamespaces: fix warning about syscall() 2015-04-27 11:41:46 -07:00
ip mroute: remove invalid check against NLM_F_MULTI 2015-04-27 11:41:46 -07:00
lib netns: allow to dump and monitor nsid 2015-04-20 10:02:38 -07:00
man netns: allow to dump and monitor nsid 2015-04-20 10:02:38 -07:00
misc lnstat: dump to stdout, not stderr 2015-04-20 09:58:46 -07:00
netem netem: fix installs of dist files 2010-07-31 19:31:04 -07:00
tc tc: built-in eBPF exec proxy 2015-04-27 16:39:23 -07:00
testsuite tests: Add few 'ip link' related tests 2015-02-05 10:16:25 -08:00
.gitignore gitignore: Ignore 'doc' files generated at runtime 2014-10-29 22:26:15 -07:00
COPYING Update address of FSF in license 2008-03-08 13:31:03 -08:00
Makefile turn Makefile more distribution friendly 2015-04-20 09:53:24 -07:00
README README: update mail address and download location 2013-01-18 09:54:58 -08:00
README.decnet Decnet documentation update 2005-06-13 18:47:56 +00:00
README.devel iproute2: fix minor typo in comments 2011-07-11 10:11:09 -07:00
README.distribution README cleanup's 2012-01-03 15:04:55 -08:00
README.iproute2+tc tc, bpf: finalize eBPF support for cls and act front-end 2015-04-10 13:31:19 -07:00
README.lnstat Rename: misc/README.lnstat -> README.lnstat 2004-10-19 20:24:47 +00:00
configure Merge branch 'master' into net-next 2015-04-13 09:39:46 -07:00

README 

This is a set of utilities for Linux networking.

Information:
    http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2

Download:
    http://www.kernel.org/pub/linux/utils/net/iproute2/

Repository:
    git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git

How to compile this.
--------------------
1. libdbm

arpd needs to have the db4 development libraries. For Debian
users this is the package with a name like libdb4.x-dev.
DBM_INCLUDE points to the directory with db_185.h which
is the include file used by arpd to get to the old format Berkeley
database routines.  Often this is in the db-devel package.

2. make

The makefile will automatically build a Config file which
contains whether or not ATM is available, etc.

3. To make documentation, cd to doc/ directory , then
   look at start of Makefile and set correct values for
   PAGESIZE=a4		, ie: a4 , letter ...	(string)
   PAGESPERPAGE=2	, ie: 1 , 2 ...		(numeric)
   and make there. It assumes, that latex, dvips and psnup
   are in your path.

4. This package includes matching sanitized kernel headers because
   the build environment may not have up to date versions. See Makefile
   if you have special requirements and need to point at different
   kernel include files.

Stephen Hemminger
stephen@networkplumber.org

Alexey Kuznetsov
kuznet@ms2.inr.ac.ru