Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp4483960rdb; Tue, 12 Dec 2023 00:05:31 -0800 (PST) X-Google-Smtp-Source: AGHT+IG2xW1j4fSDpTDxPnOWt/q241Gf3ZB7ZaBALjBX7gAM4qA8qoz9dviODabX/2SbeIL2UZpa X-Received: by 2002:a17:902:ce86:b0:1d0:3fb3:920a with SMTP id f6-20020a170902ce8600b001d03fb3920amr3274566plg.19.1702368330860; Tue, 12 Dec 2023 00:05:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702368330; cv=none; d=google.com; s=arc-20160816; b=JO0ubq3qIn0/BreLU7r+fTRaoqH7dTjMIKVKSdT7Nliy6yK0+NibD7WI3fF80DTynX BLVKd7x8nG1FEbRmCrh7BjS3nw1QEDSIbPEOql9MKPLa1HGwyCH269Al4NMuEYu5bqs2 ID+4Z3menDNb027RYdMMdU9q+6ka82JZdGhJ4PZ6jg7EPDm72iXCNwyPhoOj5NtQyZ6m Uf4iK59p+Da2/aySS30wbxre6pVo7A3kWcOCPcgbcKqvSVPHW3NOgXil8Bo5SDiUCawa 5Bs3ls1psCQAs4asQlklw8clxRWoGeyCaYVbwoQl60ylPQg1I23maCcjMq20agqDoUg9 HKiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:subject:from:to :content-language:user-agent:mime-version:date:message-id :dkim-signature; bh=xyrJ/oaF1a1+OdMWUr85QqR8PoKu+Afm3G/pEUOxUgM=; fh=DqLtHT4uwpRaxataxaT+YpNybfj75YnfEt6saRUBqMU=; b=neApJzX5t7mBh4cgKcDu9BtRcfWR80vk64DtNe4fnZekPt1FJzPNrsZhWaNzpUzLbB ENA/LCW/hjLuRUy7AXsnIty60XazZCbizgI0kn6tEwqJrGLX3phXO+6AuqY/gwgj9W6E 25zWBUV9aVa4HAWeP5Ul9a91sPIu3pRcGKlBTWDHo5l51dxivhNl75xG7vor1o1iQ0vY 0HfV0fCABbqiReBylaVjSbexbUAXOGX6Y24YqJWPar220YANoWU3BygA1NQXxsKt210o RtB7mmq3m7GxWPA3FjBKnPAcrjRm9wLbnAF7FvdHCL4rARIPv/gjAjEEfguQOxX1rbHK qN7Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@daynix-com.20230601.gappssmtp.com header.s=20230601 header.b=k4ms8joL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id p17-20020a170902ead100b001d07b6a0aefsi7507565pld.214.2023.12.12.00.05.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 00:05:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@daynix-com.20230601.gappssmtp.com header.s=20230601 header.b=k4ms8joL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 7A934804DD8C; Tue, 12 Dec 2023 00:05:28 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345973AbjLLIFT (ORCPT + 99 others); Tue, 12 Dec 2023 03:05:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58004 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229728AbjLLIFR (ORCPT ); Tue, 12 Dec 2023 03:05:17 -0500 Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2F4FECF for ; Tue, 12 Dec 2023 00:05:23 -0800 (PST) Received: by mail-pg1-x536.google.com with SMTP id 41be03b00d2f7-5c239897895so2682465a12.2 for ; Tue, 12 Dec 2023 00:05:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=daynix-com.20230601.gappssmtp.com; s=20230601; t=1702368322; x=1702973122; darn=vger.kernel.org; h=content-transfer-encoding:cc:subject:from:to:content-language :user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=xyrJ/oaF1a1+OdMWUr85QqR8PoKu+Afm3G/pEUOxUgM=; b=k4ms8joLRiz69TcncnStNynkMWeX1AAk+q95UPMY08nbTrIPCfAcvMGA8aCj+ZU+lq FYvkGgoDgIU/D4aSbpnM88tWrC11CVQxtjE2ovvCGfndzEoXVZ/PJP58dSUZ0/VVQ2cF HzP8xylyMNogQxZO9AgOervvJOBMCzrSnGRwEwxoIFm8/RYYUpa2UUK8Pm/OICIt+giu bsaKrXXR1NPcxwT6ywFNalqw665P7aKMwEflfMTJcNjakqvAXzd5D0VR86398MrWmMpO UEf1PyoKtz+iIIakiuo0G3cV/+GD+35l5W6HFbkN01kyduWl/MALvQ1uuCT49p7RhReC gzbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702368322; x=1702973122; h=content-transfer-encoding:cc:subject:from:to:content-language :user-agent:mime-version:date:message-id:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=xyrJ/oaF1a1+OdMWUr85QqR8PoKu+Afm3G/pEUOxUgM=; b=jiAQiAvOsMuA+xqgAltitD1GYewDmFNFGfW+gAOf3TMvFUCuO/+oYxCRqk+TbgPrz9 lYdcbPlBm/fbpqF9wVZROe3gmTdivxLa0r7X6lNdFP/gwS9WGtsC1mBL9YSmJqG7BAAw y+As8VT7wrof4gsbf7W/+8LaalU4WyPYZRaMKSfmUioBXxkahPSuwImmPhWFwzYk4oix sMbxZF6Ani18taAzyjc44EKW5QnaaL7RrVicTtub37h2nBA2D4MvBtLVsruj7rvxwusS XgfdnEsXmC4bo7qFjwHiNVaT2ipRZoE5Ic1/nPIoaLnhMItbh0331JKWHsvhjzfMy41e bR2Q== X-Gm-Message-State: AOJu0YybUnzSkUElisnizkqlOPz0l48BwZ8TufzvbTKlbGsXvjDfBSJa fl5K/B0AWlmmqFXjCKpTzbmp/Q== X-Received: by 2002:a05:6a21:999d:b0:18f:fb0d:e961 with SMTP id ve29-20020a056a21999d00b0018ffb0de961mr3147656pzb.60.1702368322598; Tue, 12 Dec 2023 00:05:22 -0800 (PST) Received: from [157.82.205.15] ([157.82.205.15]) by smtp.gmail.com with ESMTPSA id j17-20020a056a00175100b006ce6bf5491dsm7531509pfc.198.2023.12.12.00.05.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 12 Dec 2023 00:05:22 -0800 (PST) Message-ID: <2f33be45-fe11-4b69-8e89-4d2824a0bf01@daynix.com> Date: Tue, 12 Dec 2023 17:05:15 +0900 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: en-US To: Alexei Starovoitov , Jason Wang , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Jonathan Corbet , Willem de Bruijn , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , "Michael S. Tsirkin" , Xuan Zhuo , Mykola Lysenko , Shuah Khan , Yuri Benditovich , Andrew Melnychenko , Benjamin Tissoires From: Akihiko Odaki Subject: Should I add BPF kfuncs for userspace apps? And how? Cc: bpf , "open list:DOCUMENTATION" , kvm@vger.kernel.org, LKML , virtualization@lists.linux-foundation.org, "open list:KERNEL SELFTEST FRAMEWORK" , Network Development Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 12 Dec 2023 00:05:28 -0800 (PST) Hi, It is said eBPF is a safe way to extend kernels and that is very attarctive, but we need to use kfuncs to add new usage of eBPF and kfuncs are said as unstable as EXPORT_SYMBOL_GPL. So now I'd like to ask some questions: 1) Which should I choose, BPF kfuncs or ioctl, when adding a new feature for userspace apps? 2) How should I use BPF kfuncs from userspace apps if I add them? Here, a "userspace app" means something not like a system-wide daemon like systemd (particularly, I have QEMU in mind). I'll describe the context more below: --- I'm working on a new feature that aids virtio-net implementations using tuntap virtual network device. You can see [1] for details, but basically it's to extend BPF_PROG_TYPE_SOCKET_FILTER to report four more bytes. However, with long discussions we have confirmed extending BPF_PROG_TYPE_SOCKET_FILTER is not going to happen, and adding kfuncs is the way forward. So I decided how to add kfuncs to the kernel and how to use it. There are rich documentations for the kernel side, but I found little about the userspace. The best I could find is a systemd change proposal that is based on WIP kernel changes[2]. So now I'm wondering how I should use BPF kfuncs from userspace apps if I add them. In the systemd discussion, it is told that Linus said it's fine to use BPF kfuncs in a private infrastructure big companies own, or in systemd as those users know well about the system[3]. Indeed, those users should be able to make more assumptions on the kernel than "normal" userspace applications can. Returning to my proposal, I'm proposing a new feature to be used by QEMU or other VMM applications. QEMU is more like a normal userspace application, and usually does not make much assumptions on the kernel it runs on. For example, it's generally safe to run a Debian container including QEMU installed with apt on Fedora. BPF kfuncs may work even in such a situation thanks to CO-RE, but it sounds like *accidentally* creating UAPIs. Considering all above, how can I integrate BPF kfuncs to the application? If BPF kfuncs are like EXPORT_SYMBOL_GPL, the natural way to handle them is to think of BPF programs as some sort of kernel modules and incorporate logic that behaves like modprobe. More concretely, I can put eBPF binaries to a directory like: /usr/local/share/qemu/ebpf/$KERNEL_RELEASE Then, QEMU can uname() and get the path to the binary. It will give an error if it can't find the binary for the current kernel so that it won't create accidental UAPIs. The obvious downside of this is that it complicates packaging a lot; it requires packaging QEMU eBPF binaries each time a new kernel comes up. This complexity is centrally managed by modprobe for kernel modules, but apparently each application needs to take care of it for BPF programs. In conclusion, I see too much complexity to use BPF in a userspace application, which we didn't have to care for BPF_PROG_TYPE_SOCKET_FILTER. Isn't there a better way? Or shouldn't I use BPF in my case in the first place? Thanks, Akihiko Odaki [1] https://lore.kernel.org/all/20231015141644.260646-1-akihiko.odaki@daynix.com/ [2] https://github.com/systemd/systemd/pull/29797 [3] https://github.com/systemd/systemd/pull/29797#discussion_r1384637939