Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp1408294rdb; Fri, 1 Dec 2023 16:11:49 -0800 (PST) X-Google-Smtp-Source: AGHT+IHiniSudsKWxa1t+bPHYNcohHR0EM8rz1f4gPsb/Y3Ak99HcrWoVHW6GZ4na3q0pM2MTPQV X-Received: by 2002:a05:6a20:9186:b0:18f:97c:6163 with SMTP id v6-20020a056a20918600b0018f097c6163mr469274pzd.96.1701475909305; Fri, 01 Dec 2023 16:11:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701475909; cv=none; d=google.com; s=arc-20160816; b=rqxgvxjh77MPpvsIpqQiC0MM2f2eMN60qVOlmQrmcifGiLGMGXsvxkSB9tK4uiK/ir A3slQmUNRx9b0iCHjiicNVwuZGCQBbAzINpLJB7SeBQc3eaixRueWxm8/gNUdEDmBQu8 +NKEn6VL1CZ62r225JwtbiKN8eIUeZS+dTFeLkLhiyaCMrGvuShvOuqCjSepCd2NzerX ugFM5ez5gQMmcOTXmibojio6CiuJ6Z/Kimd3OdidtzV912/Aibn/icZp4kk+6F+tw3Au oLh6cL8Qkbbb2v2XvXCV0K1xBrE9CrmRK6q8Unahpy1NoBkshVQ9ttlyLrgHT23eiJlN Tb7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=Qy+N5d1sKzj7I4P1vs4/0wYYWCdSwATy3bQ5v3nl6OA=; fh=gbhaqmsQ3WUibJrIi9GgTRE1km8OmWgyu3MRLYci8ug=; b=NDvyCwbZ4tOth5kTZOqiRTEQC7JKvSiLcwpHR+QerkB9KmpihCQBcPOj9Q9QVKz+pF IO7Q2k4hv+p+txfSrn+QaeRKkNMjR3VIDyi7uQ1I212V2qc5bfB0yPGUL8SNTGLbwVG1 lJj4CbL7btbyjuqlmYuJ54ekvZGl7eYlqppmdalRa1N25b2m8rbW0HWXxJ6AU2SZ9+CX 0p78wSgpMIsMfZ55fiM5S5hM+do/gxJ8y3MQdwQIqL3FZ/tJ7os4Pg3hf9NoX1G4FQYc 1REHqqCMn6BCn1tkP0m2jY52GTiVVAn1G/6bjPEE5/teF23U/JuCeAZoKwIpPYTWtCMR Z8IA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=WP7q2qW1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id s21-20020a63d055000000b00578d3f8d4d4si3964994pgi.448.2023.12.01.16.11.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 16:11:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=WP7q2qW1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 52F4E8075031; Fri, 1 Dec 2023 16:11:46 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1441941AbjLBALc (ORCPT + 99 others); Fri, 1 Dec 2023 19:11:32 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59566 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235338AbjLBALN (ORCPT ); Fri, 1 Dec 2023 19:11:13 -0500 Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ED03830F9; Fri, 1 Dec 2023 16:10:31 -0800 (PST) Received: by mail-wr1-x42b.google.com with SMTP id ffacd0b85a97d-3331752d2b9so1900687f8f.3; Fri, 01 Dec 2023 16:10:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701475830; x=1702080630; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Qy+N5d1sKzj7I4P1vs4/0wYYWCdSwATy3bQ5v3nl6OA=; b=WP7q2qW1NmijZu9TDdUHVQ2+PXdrdGIva85EC8TskC+4NQ+etjhNXPahFELL5p+qhE 1NpQvMUq+RB/KodXFgNHCmyT8NWicHl/u1OQl5RSS6KMdR75nwBFBy9AQnk5NcuWsE0p +snmnhlYM7Ch7AO8fMT9irlBtUpbTfP5ps0ohaNh2p15yPP8qXOhlk3hVL8pWvos/5NW waDl92cLCNwuao9rgxloma4ipPaBwe3ZDs+UZYu4x88mfg8NIDTDuHMfinTkMRXCBnER ipy5wzx8cB3kJ14ex4sDOgQ7cPw4ef3mgJ3buk35zGpyMRyGDUI2MQkYIbORj0ptz8st /YPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701475830; x=1702080630; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Qy+N5d1sKzj7I4P1vs4/0wYYWCdSwATy3bQ5v3nl6OA=; b=m2NjHrgUwMEUJ7FuIPaSrhMgGOsbgA4/YUdN7AKfeKjqhG4j5n8M5JR6lvWBUP2MJi s772JGThVllQLXVIrpo7vK6kEBopB9zStiCi2rC73CMtJABVzPuAxzSJwk+vccAgtOTO bHldPhafYAn5W2VwxWTEVxibudC1jbGLMOsjHJNPopNCZSnXmqrAfnKU0VtrGstYCgcW YTI8nWW2EwXC/Vcv67DerhDt5rCBv37z+iN+0KndzE9GT3YiDRzsAZQCom9cIdmdpUZP W1g+uE30bEIn0cSawcMbiHa6GA+Wx2OAy3+BoGxpeZANPG0NOs5V7yYi2fbZGoX4M54Y zIWQ== X-Gm-Message-State: AOJu0YxbNY9P9CGaIEdKMbZfXyeGe4cxtkGSLt/BIOrCpbIvnmwzTtbU qnnsxiCDg7Uf0pmTUKNhGLR2BVC2XLZgN8D7dK0McZhh X-Received: by 2002:a05:6000:bc2:b0:32d:9df1:6f68 with SMTP id dm2-20020a0560000bc200b0032d9df16f68mr1430697wrb.22.1701475830145; Fri, 01 Dec 2023 16:10:30 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Alexei Starovoitov Date: Fri, 1 Dec 2023 16:10:18 -0800 Message-ID: Subject: Re: [PATCH ipsec-next v3 0/9] Add bpf_xdp_get_xfrm_state() kfunc To: Daniel Xu Cc: Network Development , LKML , bpf , clang-built-linux , "open list:KERNEL SELFTEST FRAMEWORK" , Steffen Klassert , antony.antony@secunet.com, Yonghong Song , Eddy Z , devel@linux-ipsec.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Fri, 01 Dec 2023 16:11:46 -0800 (PST) On Fri, Dec 1, 2023 at 12:23=E2=80=AFPM Daniel Xu wrote: > > This patchset adds two kfunc helpers, bpf_xdp_get_xfrm_state() and > bpf_xdp_xfrm_state_release() that wrap xfrm_state_lookup() and > xfrm_state_put(). The intent is to support software RSS (via XDP) for > the ongoing/upcoming ipsec pcpu work [0]. Recent experiments performed > on (hopefully) reproducible AWS testbeds indicate that single tunnel > pcpu ipsec can reach line rate on 100G ENA nics. > > Note this patchset only tests/shows generic xfrm_state access. The > "secret sauce" (if you can really even call it that) involves accessing > a soon-to-be-upstreamed pcpu_num field in xfrm_state. Early example is > available here [1]. > > [0]: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-multi-sa-perform= ance/03/ > [1]: https://github.com/danobi/xdp-tools/blob/e89a1c617aba3b50d990f779357= d6ce2863ecb27/xdp-bench/xdp_redirect_cpumap.bpf.c#L385-L406 > > Changes from v2: > * Fix/simplify BPF_CORE_WRITE_BITFIELD() algorithm > * Added verifier tests for bitfield writes > * Fix state leakage across test_tunnel subtests > > Changes from v1: > * Move xfrm tunnel tests to test_progs > * Fix writing to opts->error when opts is invalid > * Use __bpf_kfunc_start_defs() > * Remove unused vxlanhdr definition > * Add and use BPF_CORE_WRITE_BITFIELD() macro > * Make series bisect clean > > Changes from RFCv2: > * Rebased to ipsec-next > * Fix netns leak > > Changes from RFCv1: > * Add Antony's commit tags > * Add KF_ACQUIRE and KF_RELEASE semantics > > Daniel Xu (9): > bpf: xfrm: Add bpf_xdp_get_xfrm_state() kfunc > bpf: xfrm: Add bpf_xdp_xfrm_state_release() kfunc > libbpf: Add BPF_CORE_WRITE_BITFIELD() macro > bpf: selftests: test_loader: Support __btf_path() annotation > libbpf: selftests: Add verifier tests for CO-RE bitfield writes > bpf: selftests: test_tunnel: Setup fresh topology for each subtest > bpf: selftests: test_tunnel: Use vmlinux.h declarations > bpf: selftests: Move xfrm tunnel test to test_progs > bpf: xfrm: Add selftest for bpf_xdp_get_xfrm_state() > > include/net/xfrm.h | 9 + > net/xfrm/Makefile | 1 + > net/xfrm/xfrm_policy.c | 2 + > net/xfrm/xfrm_state_bpf.c | 128 ++++++++++++++ > tools/lib/bpf/bpf_core_read.h | 34 ++++ > .../selftests/bpf/prog_tests/test_tunnel.c | 162 +++++++++++++++++- > .../selftests/bpf/prog_tests/verifier.c | 2 + > tools/testing/selftests/bpf/progs/bpf_misc.h | 1 + > .../selftests/bpf/progs/bpf_tracing_net.h | 1 + > .../selftests/bpf/progs/test_tunnel_kern.c | 138 ++++++++------- > .../bpf/progs/verifier_bitfield_write.c | 100 +++++++++++ > tools/testing/selftests/bpf/test_loader.c | 7 + > tools/testing/selftests/bpf/test_tunnel.sh | 92 ---------- > 13 files changed, 522 insertions(+), 155 deletions(-) I really think this should go via bpf-next tree. The bpf changes are much bigger than ipsec.