Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp897721pxf; Thu, 1 Apr 2021 17:21:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwyeg8aWyoyrUVCnMn0iB0j47RcRrYIj+PGMsEscNtnSfMnrwC9fjnl1m4eCRowSHpR+l5F X-Received: by 2002:a05:6402:b2a:: with SMTP id bo10mr12511017edb.144.1617322862832; Thu, 01 Apr 2021 17:21:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617322862; cv=none; d=google.com; s=arc-20160816; b=p4QqKAgBmg0TEqa+VoxNlUVV9axIe3UchUntR0j83cyd4drUIcPUTwMQrMnbkIb5ZJ tUdXim0TlVCsM2JE8zGrmtWxqQeieO80++o+bEKhLiqOaJXLsGXpOgRf7/TTUWcgrAhM oVuWa1JFGA5144hjgFH9DrrC8QoxtyEQ9BXzPSEp0HYJOhFJGHAlMxQtzFaaaikOeMLR EDdh1TS0S2anMIWg6UTtMgyxwqEC1eEw+j1RtIaet5Wa/hnRnAsCkPXIiNZFciKhHmmt 6P9NpFBN4gWbEbtH9e4Q9zA+nFJi+FCyztRQ3rc0ePR+Qc/siwLC6GPiCmfoJJ3TqRgg zAtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=WztwYLytZIlZlGRQUyQ9UvlvrQy7v4lVMiAoITEQdGw=; b=NIeqvafj5JsNfHDjFuJ1G6md2sWxrNQQ/9XKO4V3M1psbV5K/7OeRcKRxPqBeApDAM Unt46ngb7B0oNyUoxUCp5XaLCbSQuDLuo6BBMjPoEQ8tTWRbgAXlb8PAcvBUkpQktlR4 Ekbwn2hkpRSO9amXDhP2UFGID4GgsTIG+KQ5X3X20KV2Ky6AojqvQlMXn/3IJLvG8S+3 zZ1wSwR3wnH6KL3s64dYaOYIvEnMiYdi5sgaECh2XLVXaagyt0CZSTOxox8TJSz9N68s H0pVw712J4nDhZ57PZMSD84ufmXMDOsXKSEC6gWvDPaGNxgQs0z/eohkqNoT9Duge5sW ULBg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id co24si5573840edb.599.2021.04.01.17.20.40; Thu, 01 Apr 2021 17:21:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236222AbhDBAUO (ORCPT + 99 others); Thu, 1 Apr 2021 20:20:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60622 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233677AbhDBAUK (ORCPT ); Thu, 1 Apr 2021 20:20:10 -0400 Received: from www62.your-server.de (www62.your-server.de [IPv6:2a01:4f8:d0a:276a::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BB528C0613E6; Thu, 1 Apr 2021 17:20:10 -0700 (PDT) Received: from sslproxy06.your-server.de ([78.46.172.3]) by www62.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from ) id 1lS7X8-0008fS-Ef; Fri, 02 Apr 2021 02:19:30 +0200 Received: from [85.7.101.30] (helo=pc-6.home) by sslproxy06.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lS7X7-0001gm-W8; Fri, 02 Apr 2021 02:19:30 +0200 Subject: Re: [PATCH bpf-next 3/5] libbpf: add low level TC-BPF API To: Kumar Kartikeya Dwivedi Cc: Andrii Nakryiko , bpf , Jesper Dangaard Brouer , =?UTF-8?Q?Toke_H=c3=b8iland-J=c3=b8rgensen?= , Alexei Starovoitov , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Shuah Khan , "David S. Miller" , Jakub Kicinski , Jesper Dangaard Brouer , Peter Zijlstra , open list , Networking , "open list:KERNEL SELFTEST FRAMEWORK" References: <20210325120020.236504-1-memxor@gmail.com> <20210325120020.236504-4-memxor@gmail.com> <20210328080648.oorx2no2j6zslejk@apollo> <48b99ccc-8ef6-4ba9-00f9-d7e71ae4fb5d@iogearbox.net> <20210331094400.ldznoctli6fljz64@apollo> From: Daniel Borkmann Message-ID: <5d59b5ee-a21e-1860-e2e5-d03f89306fd8@iogearbox.net> Date: Fri, 2 Apr 2021 02:19:29 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 MIME-Version: 1.0 In-Reply-To: <20210331094400.ldznoctli6fljz64@apollo> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.102.4/26127/Thu Apr 1 13:11:26 2021) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/31/21 11:44 AM, Kumar Kartikeya Dwivedi wrote: > On Wed, Mar 31, 2021 at 02:55:47AM IST, Daniel Borkmann wrote: >> Do we even need the _block variant? I would rather prefer to take the chance >> and make it as simple as possible, and only iff really needed extend with >> other APIs, for example: > > The block variant can be dropped, I'll use the TC_BLOCK/TC_DEV alternative which > sets parent_id/ifindex properly. > >> bpf_tc_attach(prog_fd, ifindex, {INGRESS,EGRESS}); >> >> Internally, this will create the sch_clsact qdisc & cls_bpf filter instance >> iff not present yet, and attach to a default prio 1 handle 1, and _always_ in >> direct-action mode. This is /as simple as it gets/ and we don't need to bother >> users with more complex tc/cls_bpf internals unless desired. For example, >> extended APIs could add prio/parent so that multi-prog can be attached to a >> single cls_bpf instance, but even that could be a second step, imho. > > I am not opposed to clsact qdisc setup if INGRESS/EGRESS is supplied (not sure > how others feel about it). What speaks against it? It would be 100% clear from API side where the prog is being attached. Same as with tc cmdline where you specify 'ingress'/'egress'. > We could make direct_action mode default, and similarly choose prio To be honest, I wouldn't even support a mode from the lib/API side where direct_action is not set. It should always be forced to true. Everything else is rather broken setup-wise, imho, since it won't scale. We added direct_action a bit later to the kernel than original cls_bpf, but if I would do it again today, I'd make it the only available option. I don't see a reasonable use-case where you have it to false. > as 1 by default instead of letting the kernel do it. Then you can just pass in > NULL for bpf_tc_cls_opts and be close to what you're proposing. For protocol we > can choose ETH_P_ALL by default too if the user doesn't set it. Same here with ETH_P_ALL, I'm not sure anyone uses anything other than ETH_P_ALL, so yes, that should be default. > With these modifications, the equivalent would look like > bpf_tc_cls_attach(prog_fd, TC_DEV(ifindex, INGRESS), NULL, &id); Few things compared to bpf_tc_attach(prog_fd, ifindex, {INGRESS,EGRESS}): 1) nit, but why even 'cls' in the name. I think we shouldn't expose such old-days tc semantics to a user. Just bpf_tc_attach() is cleaner/simpler to understand. 2) What's the 'TC_DEV(ifindex, INGRESS)' macro doing exactly? Looks unnecessary, why not regular args to the API? 3) Exposed bpf_tc_attach() API could internally call a bpf_tc_attach_opts() API with preset defaults, and the latter could have all the custom bits if the user needs to go beyond the simple API, so from your bpf_tc_cls_attach() I'd also drop the NULL. 4) For the simple API I'd likely also drop the id (you could have a query API if needed). > So as long as the user doesn't care about other details, they can just pass opts > as NULL.