git.kernel.dk Git - linux-2.6-block.git/commit

author	Eyal Birger <eyal.birger@gmail.com>
	Sat, 3 Dec 2022 08:46:57 +0000 (10:46 +0200)
committer	Martin KaFai Lau <martin.lau@kernel.org>
	Tue, 6 Dec 2022 05:58:27 +0000 (21:58 -0800)
commit	94151f5aa9667c562281abeaaa5e89b9d5c17729
tree	5bffd7339951e44a3969285a64e17678b4f4acf6	tree \| snapshot
parent	ee9a113ab63468137802898bcd2c598998c96938	commit \| diff

xfrm: interface: Add unstable helpers for setting/getting XFRM metadata from TC-BPF

This change adds xfrm metadata helpers using the unstable kfunc call
interface for the TC-BPF hooks. This allows steering traffic towards
different IPsec connections based on logic implemented in bpf programs.

This object is built based on the availability of BTF debug info.

When setting the xfrm metadata, percpu metadata dsts are used in order
to avoid allocating a metadata dst per packet.

In order to guarantee safe module unload, the percpu dsts are allocated
on first use and never freed. The percpu pointer is stored in
net/core/filter.c so that it can be reused on module reload.

The metadata percpu dsts take ownership of the original skb dsts so
that they may be used as part of the xfrm transmission logic - e.g.
for MTU calculations.

Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
Link: https://lore.kernel.org/r/20221203084659.1837829-3-eyal.birger@gmail.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>

include/net/dst_metadata.h		diff \| blob \| blame \| history
include/net/xfrm.h		diff \| blob \| blame \| history
net/core/dst.c		diff \| blob \| blame \| history
net/core/filter.c		diff \| blob \| blame \| history
net/xfrm/Makefile		diff \| blob \| blame \| history
net/xfrm/xfrm_interface_bpf.c	[new file with mode: 0644]	blob
net/xfrm/xfrm_interface_core.c		diff \| blob \| blame \| history