ebpf: add sched_act_type and map it to sk_filter's verifier ops
In order to prepare eBPF support for tc action, we need to add
sched_act_type, so that the eBPF verifier is aware of what helper
function act_bpf may use, that it can load skb data and read out
currently available skb fields.
This is bascially analogous to 96be4325f4
("ebpf: add sched_cls_type
and map it to sk_filter's verifier ops").
BPF_PROG_TYPE_SCHED_CLS and BPF_PROG_TYPE_SCHED_ACT need to be
separate since both will have a different set of functionality in
future (classifier vs action), thus we won't run into ABI troubles
when the point in time comes to diverge functionality from the
classifier.
The future plan for act_bpf would be that it will be able to write
into skb->data and alter selected fields mirrored in struct __sk_buff.
For an initial support, it's sufficient to map it to sk_filter_ops.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Cc: Jiri Pirko <jiri@resnulli.us>
Reviewed-by: Jiri Pirko <jiri@resnulli.us>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
0fa74a4be4
commit
94caee8c31
|
@ -119,6 +119,7 @@ enum bpf_prog_type {
|
||||||
BPF_PROG_TYPE_UNSPEC,
|
BPF_PROG_TYPE_UNSPEC,
|
||||||
BPF_PROG_TYPE_SOCKET_FILTER,
|
BPF_PROG_TYPE_SOCKET_FILTER,
|
||||||
BPF_PROG_TYPE_SCHED_CLS,
|
BPF_PROG_TYPE_SCHED_CLS,
|
||||||
|
BPF_PROG_TYPE_SCHED_ACT,
|
||||||
};
|
};
|
||||||
|
|
||||||
#define BPF_PSEUDO_MAP_FD 1
|
#define BPF_PSEUDO_MAP_FD 1
|
||||||
|
|
|
@ -1180,6 +1180,7 @@ static bool may_access_skb(enum bpf_prog_type type)
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case BPF_PROG_TYPE_SOCKET_FILTER:
|
case BPF_PROG_TYPE_SOCKET_FILTER:
|
||||||
case BPF_PROG_TYPE_SCHED_CLS:
|
case BPF_PROG_TYPE_SCHED_CLS:
|
||||||
|
case BPF_PROG_TYPE_SCHED_ACT:
|
||||||
return true;
|
return true;
|
||||||
default:
|
default:
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -1263,10 +1263,16 @@ static struct bpf_prog_type_list sched_cls_type __read_mostly = {
|
||||||
.type = BPF_PROG_TYPE_SCHED_CLS,
|
.type = BPF_PROG_TYPE_SCHED_CLS,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static struct bpf_prog_type_list sched_act_type __read_mostly = {
|
||||||
|
.ops = &sk_filter_ops,
|
||||||
|
.type = BPF_PROG_TYPE_SCHED_ACT,
|
||||||
|
};
|
||||||
|
|
||||||
static int __init register_sk_filter_ops(void)
|
static int __init register_sk_filter_ops(void)
|
||||||
{
|
{
|
||||||
bpf_register_prog_type(&sk_filter_type);
|
bpf_register_prog_type(&sk_filter_type);
|
||||||
bpf_register_prog_type(&sched_cls_type);
|
bpf_register_prog_type(&sched_cls_type);
|
||||||
|
bpf_register_prog_type(&sched_act_type);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue