15b497af4SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-only 2546ac1ffSJohn Fastabend /* Copyright (c) 2017 Covalent IO, Inc. http://covalent.io 3546ac1ffSJohn Fastabend */ 4546ac1ffSJohn Fastabend 5546ac1ffSJohn Fastabend /* Devmaps primary use is as a backend map for XDP BPF helper call 6546ac1ffSJohn Fastabend * bpf_redirect_map(). Because XDP is mostly concerned with performance we 7546ac1ffSJohn Fastabend * spent some effort to ensure the datapath with redirect maps does not use 8546ac1ffSJohn Fastabend * any locking. This is a quick note on the details. 9546ac1ffSJohn Fastabend * 10546ac1ffSJohn Fastabend * We have three possible paths to get into the devmap control plane bpf 11546ac1ffSJohn Fastabend * syscalls, bpf programs, and driver side xmit/flush operations. A bpf syscall 12546ac1ffSJohn Fastabend * will invoke an update, delete, or lookup operation. To ensure updates and 13546ac1ffSJohn Fastabend * deletes appear atomic from the datapath side xchg() is used to modify the 14546ac1ffSJohn Fastabend * netdev_map array. Then because the datapath does a lookup into the netdev_map 15546ac1ffSJohn Fastabend * array (read-only) from an RCU critical section we use call_rcu() to wait for 16546ac1ffSJohn Fastabend * an rcu grace period before free'ing the old data structures. This ensures the 17546ac1ffSJohn Fastabend * datapath always has a valid copy. However, the datapath does a "flush" 18546ac1ffSJohn Fastabend * operation that pushes any pending packets in the driver outside the RCU 19546ac1ffSJohn Fastabend * critical section. Each bpf_dtab_netdev tracks these pending operations using 20d5df2830SToke Høiland-Jørgensen * a per-cpu flush list. The bpf_dtab_netdev object will not be destroyed until 21d5df2830SToke Høiland-Jørgensen * this list is empty, indicating outstanding flush operations have completed. 22546ac1ffSJohn Fastabend * 23546ac1ffSJohn Fastabend * BPF syscalls may race with BPF program calls on any of the update, delete 24546ac1ffSJohn Fastabend * or lookup operations. As noted above the xchg() operation also keep the 25546ac1ffSJohn Fastabend * netdev_map consistent in this case. From the devmap side BPF programs 26546ac1ffSJohn Fastabend * calling into these operations are the same as multiple user space threads 27546ac1ffSJohn Fastabend * making system calls. 282ddf71e2SJohn Fastabend * 292ddf71e2SJohn Fastabend * Finally, any of the above may race with a netdev_unregister notifier. The 302ddf71e2SJohn Fastabend * unregister notifier must search for net devices in the map structure that 312ddf71e2SJohn Fastabend * contain a reference to the net device and remove them. This is a two step 322ddf71e2SJohn Fastabend * process (a) dereference the bpf_dtab_netdev object in netdev_map and (b) 332ddf71e2SJohn Fastabend * check to see if the ifindex is the same as the net_device being removed. 344cc7b954SJohn Fastabend * When removing the dev a cmpxchg() is used to ensure the correct dev is 354cc7b954SJohn Fastabend * removed, in the case of a concurrent update or delete operation it is 364cc7b954SJohn Fastabend * possible that the initially referenced dev is no longer in the map. As the 374cc7b954SJohn Fastabend * notifier hook walks the map we know that new dev references can not be 384cc7b954SJohn Fastabend * added by the user because core infrastructure ensures dev_get_by_index() 394cc7b954SJohn Fastabend * calls will fail at this point. 406f9d451aSToke Høiland-Jørgensen * 416f9d451aSToke Høiland-Jørgensen * The devmap_hash type is a map type which interprets keys as ifindexes and 426f9d451aSToke Høiland-Jørgensen * indexes these using a hashmap. This allows maps that use ifindex as key to be 436f9d451aSToke Høiland-Jørgensen * densely packed instead of having holes in the lookup array for unused 446f9d451aSToke Høiland-Jørgensen * ifindexes. The setup and packet enqueue/send code is shared between the two 456f9d451aSToke Høiland-Jørgensen * types of devmap; only the lookup and insertion is different. 46546ac1ffSJohn Fastabend */ 47546ac1ffSJohn Fastabend #include <linux/bpf.h> 4867f29e07SJesper Dangaard Brouer #include <net/xdp.h> 49546ac1ffSJohn Fastabend #include <linux/filter.h> 5067f29e07SJesper Dangaard Brouer #include <trace/events/xdp.h> 51546ac1ffSJohn Fastabend 526e71b04aSChenbo Feng #define DEV_CREATE_FLAG_MASK \ 536e71b04aSChenbo Feng (BPF_F_NUMA_NODE | BPF_F_RDONLY | BPF_F_WRONLY) 546e71b04aSChenbo Feng 5575ccae62SToke Høiland-Jørgensen struct xdp_dev_bulk_queue { 565d053f9dSJesper Dangaard Brouer struct xdp_frame *q[DEV_MAP_BULK_SIZE]; 57d5df2830SToke Høiland-Jørgensen struct list_head flush_node; 5875ccae62SToke Høiland-Jørgensen struct net_device *dev; 5938edddb8SJesper Dangaard Brouer struct net_device *dev_rx; 605d053f9dSJesper Dangaard Brouer unsigned int count; 615d053f9dSJesper Dangaard Brouer }; 625d053f9dSJesper Dangaard Brouer 63546ac1ffSJohn Fastabend struct bpf_dtab_netdev { 6467f29e07SJesper Dangaard Brouer struct net_device *dev; /* must be first member, due to tracepoint */ 656f9d451aSToke Høiland-Jørgensen struct hlist_node index_hlist; 66546ac1ffSJohn Fastabend struct bpf_dtab *dtab; 67fbee97feSDavid Ahern struct bpf_prog *xdp_prog; 68af4d045cSDaniel Borkmann struct rcu_head rcu; 6975ccae62SToke Høiland-Jørgensen unsigned int idx; 707f1c0426SDavid Ahern struct bpf_devmap_val val; 71546ac1ffSJohn Fastabend }; 72546ac1ffSJohn Fastabend 73546ac1ffSJohn Fastabend struct bpf_dtab { 74546ac1ffSJohn Fastabend struct bpf_map map; 75071cdeceSToke Høiland-Jørgensen struct bpf_dtab_netdev **netdev_map; /* DEVMAP type only */ 762ddf71e2SJohn Fastabend struct list_head list; 776f9d451aSToke Høiland-Jørgensen 786f9d451aSToke Høiland-Jørgensen /* these are only used for DEVMAP_HASH type maps */ 796f9d451aSToke Høiland-Jørgensen struct hlist_head *dev_index_head; 806f9d451aSToke Høiland-Jørgensen spinlock_t index_lock; 816f9d451aSToke Høiland-Jørgensen unsigned int items; 826f9d451aSToke Høiland-Jørgensen u32 n_buckets; 83546ac1ffSJohn Fastabend }; 84546ac1ffSJohn Fastabend 851d233886SToke Høiland-Jørgensen static DEFINE_PER_CPU(struct list_head, dev_flush_list); 864cc7b954SJohn Fastabend static DEFINE_SPINLOCK(dev_map_lock); 872ddf71e2SJohn Fastabend static LIST_HEAD(dev_map_list); 882ddf71e2SJohn Fastabend 8999c51064SToke Høiland-Jørgensen static struct hlist_head *dev_map_create_hash(unsigned int entries, 9099c51064SToke Høiland-Jørgensen int numa_node) 916f9d451aSToke Høiland-Jørgensen { 926f9d451aSToke Høiland-Jørgensen int i; 936f9d451aSToke Høiland-Jørgensen struct hlist_head *hash; 946f9d451aSToke Høiland-Jørgensen 9599c51064SToke Høiland-Jørgensen hash = bpf_map_area_alloc(entries * sizeof(*hash), numa_node); 966f9d451aSToke Høiland-Jørgensen if (hash != NULL) 976f9d451aSToke Høiland-Jørgensen for (i = 0; i < entries; i++) 986f9d451aSToke Høiland-Jørgensen INIT_HLIST_HEAD(&hash[i]); 996f9d451aSToke Høiland-Jørgensen 1006f9d451aSToke Høiland-Jørgensen return hash; 1016f9d451aSToke Høiland-Jørgensen } 1026f9d451aSToke Høiland-Jørgensen 103071cdeceSToke Høiland-Jørgensen static inline struct hlist_head *dev_map_index_hash(struct bpf_dtab *dtab, 104071cdeceSToke Høiland-Jørgensen int idx) 105071cdeceSToke Høiland-Jørgensen { 106071cdeceSToke Høiland-Jørgensen return &dtab->dev_index_head[idx & (dtab->n_buckets - 1)]; 107071cdeceSToke Høiland-Jørgensen } 108071cdeceSToke Høiland-Jørgensen 109fca16e51SToke Høiland-Jørgensen static int dev_map_init_map(struct bpf_dtab *dtab, union bpf_attr *attr) 110546ac1ffSJohn Fastabend { 111fbee97feSDavid Ahern u32 valsize = attr->value_size; 112546ac1ffSJohn Fastabend 113fbee97feSDavid Ahern /* check sanity of attributes. 2 value sizes supported: 114fbee97feSDavid Ahern * 4 bytes: ifindex 115fbee97feSDavid Ahern * 8 bytes: ifindex + prog fd 116fbee97feSDavid Ahern */ 117546ac1ffSJohn Fastabend if (attr->max_entries == 0 || attr->key_size != 4 || 118fbee97feSDavid Ahern (valsize != offsetofend(struct bpf_devmap_val, ifindex) && 119fbee97feSDavid Ahern valsize != offsetofend(struct bpf_devmap_val, bpf_prog.fd)) || 120fbee97feSDavid Ahern attr->map_flags & ~DEV_CREATE_FLAG_MASK) 121fca16e51SToke Høiland-Jørgensen return -EINVAL; 122546ac1ffSJohn Fastabend 1230cdbb4b0SToke Høiland-Jørgensen /* Lookup returns a pointer straight to dev->ifindex, so make sure the 1240cdbb4b0SToke Høiland-Jørgensen * verifier prevents writes from the BPF side 1250cdbb4b0SToke Høiland-Jørgensen */ 1260cdbb4b0SToke Høiland-Jørgensen attr->map_flags |= BPF_F_RDONLY_PROG; 1270cdbb4b0SToke Høiland-Jørgensen 128546ac1ffSJohn Fastabend 129bd475643SJakub Kicinski bpf_map_init_from_attr(&dtab->map, attr); 130546ac1ffSJohn Fastabend 1316f9d451aSToke Høiland-Jørgensen if (attr->map_type == BPF_MAP_TYPE_DEVMAP_HASH) { 1326f9d451aSToke Høiland-Jørgensen dtab->n_buckets = roundup_pow_of_two(dtab->map.max_entries); 1336f9d451aSToke Høiland-Jørgensen 1346f9d451aSToke Høiland-Jørgensen if (!dtab->n_buckets) /* Overflow check */ 1356f9d451aSToke Høiland-Jørgensen return -EINVAL; 1366f9d451aSToke Høiland-Jørgensen } 1376f9d451aSToke Høiland-Jørgensen 138071cdeceSToke Høiland-Jørgensen if (attr->map_type == BPF_MAP_TYPE_DEVMAP_HASH) { 13999c51064SToke Høiland-Jørgensen dtab->dev_index_head = dev_map_create_hash(dtab->n_buckets, 14099c51064SToke Høiland-Jørgensen dtab->map.numa_node); 141071cdeceSToke Høiland-Jørgensen if (!dtab->dev_index_head) 142844f157fSRoman Gushchin return -ENOMEM; 143071cdeceSToke Høiland-Jørgensen 144071cdeceSToke Høiland-Jørgensen spin_lock_init(&dtab->index_lock); 145071cdeceSToke Høiland-Jørgensen } else { 146546ac1ffSJohn Fastabend dtab->netdev_map = bpf_map_area_alloc(dtab->map.max_entries * 14796eabe7aSMartin KaFai Lau sizeof(struct bpf_dtab_netdev *), 14896eabe7aSMartin KaFai Lau dtab->map.numa_node); 149546ac1ffSJohn Fastabend if (!dtab->netdev_map) 150844f157fSRoman Gushchin return -ENOMEM; 1516f9d451aSToke Høiland-Jørgensen } 1526f9d451aSToke Høiland-Jørgensen 153fca16e51SToke Høiland-Jørgensen return 0; 154fca16e51SToke Høiland-Jørgensen } 155fca16e51SToke Høiland-Jørgensen 156fca16e51SToke Høiland-Jørgensen static struct bpf_map *dev_map_alloc(union bpf_attr *attr) 157fca16e51SToke Høiland-Jørgensen { 158fca16e51SToke Høiland-Jørgensen struct bpf_dtab *dtab; 159fca16e51SToke Høiland-Jørgensen int err; 160fca16e51SToke Høiland-Jørgensen 161fca16e51SToke Høiland-Jørgensen if (!capable(CAP_NET_ADMIN)) 162fca16e51SToke Høiland-Jørgensen return ERR_PTR(-EPERM); 163fca16e51SToke Høiland-Jørgensen 1641440290aSRoman Gushchin dtab = kzalloc(sizeof(*dtab), GFP_USER | __GFP_ACCOUNT); 165fca16e51SToke Høiland-Jørgensen if (!dtab) 166fca16e51SToke Høiland-Jørgensen return ERR_PTR(-ENOMEM); 167fca16e51SToke Høiland-Jørgensen 168fca16e51SToke Høiland-Jørgensen err = dev_map_init_map(dtab, attr); 169fca16e51SToke Høiland-Jørgensen if (err) { 170546ac1ffSJohn Fastabend kfree(dtab); 171582db7e0STobias Klauser return ERR_PTR(err); 172546ac1ffSJohn Fastabend } 173546ac1ffSJohn Fastabend 174fca16e51SToke Høiland-Jørgensen spin_lock(&dev_map_lock); 175fca16e51SToke Høiland-Jørgensen list_add_tail_rcu(&dtab->list, &dev_map_list); 176fca16e51SToke Høiland-Jørgensen spin_unlock(&dev_map_lock); 177fca16e51SToke Høiland-Jørgensen 178fca16e51SToke Høiland-Jørgensen return &dtab->map; 179fca16e51SToke Høiland-Jørgensen } 180fca16e51SToke Høiland-Jørgensen 181546ac1ffSJohn Fastabend static void dev_map_free(struct bpf_map *map) 182546ac1ffSJohn Fastabend { 183546ac1ffSJohn Fastabend struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 1840536b852SBjörn Töpel int i; 185546ac1ffSJohn Fastabend 186546ac1ffSJohn Fastabend /* At this point bpf_prog->aux->refcnt == 0 and this map->refcnt == 0, 187546ac1ffSJohn Fastabend * so the programs (can be more than one that used this map) were 18842a84a8cSJohn Fastabend * disconnected from events. The following synchronize_rcu() guarantees 18942a84a8cSJohn Fastabend * both rcu read critical sections complete and waits for 19042a84a8cSJohn Fastabend * preempt-disable regions (NAPI being the relevant context here) so we 19142a84a8cSJohn Fastabend * are certain there will be no further reads against the netdev_map and 19242a84a8cSJohn Fastabend * all flush operations are complete. Flush operations can only be done 19342a84a8cSJohn Fastabend * from NAPI context for this reason. 194546ac1ffSJohn Fastabend */ 195274043c6SDaniel Borkmann 196274043c6SDaniel Borkmann spin_lock(&dev_map_lock); 197274043c6SDaniel Borkmann list_del_rcu(&dtab->list); 198274043c6SDaniel Borkmann spin_unlock(&dev_map_lock); 199274043c6SDaniel Borkmann 200f6069b9aSDaniel Borkmann bpf_clear_redirect_map(map); 201546ac1ffSJohn Fastabend synchronize_rcu(); 202546ac1ffSJohn Fastabend 2032baae354SEric Dumazet /* Make sure prior __dev_map_entry_free() have completed. */ 2042baae354SEric Dumazet rcu_barrier(); 2052baae354SEric Dumazet 206071cdeceSToke Høiland-Jørgensen if (dtab->map.map_type == BPF_MAP_TYPE_DEVMAP_HASH) { 207071cdeceSToke Høiland-Jørgensen for (i = 0; i < dtab->n_buckets; i++) { 208071cdeceSToke Høiland-Jørgensen struct bpf_dtab_netdev *dev; 209071cdeceSToke Høiland-Jørgensen struct hlist_head *head; 210071cdeceSToke Høiland-Jørgensen struct hlist_node *next; 211071cdeceSToke Høiland-Jørgensen 212071cdeceSToke Høiland-Jørgensen head = dev_map_index_hash(dtab, i); 213071cdeceSToke Høiland-Jørgensen 214071cdeceSToke Høiland-Jørgensen hlist_for_each_entry_safe(dev, next, head, index_hlist) { 215071cdeceSToke Høiland-Jørgensen hlist_del_rcu(&dev->index_hlist); 216fbee97feSDavid Ahern if (dev->xdp_prog) 217fbee97feSDavid Ahern bpf_prog_put(dev->xdp_prog); 218071cdeceSToke Høiland-Jørgensen dev_put(dev->dev); 219071cdeceSToke Høiland-Jørgensen kfree(dev); 220071cdeceSToke Høiland-Jørgensen } 221071cdeceSToke Høiland-Jørgensen } 222071cdeceSToke Høiland-Jørgensen 22399c51064SToke Høiland-Jørgensen bpf_map_area_free(dtab->dev_index_head); 224071cdeceSToke Høiland-Jørgensen } else { 225546ac1ffSJohn Fastabend for (i = 0; i < dtab->map.max_entries; i++) { 226546ac1ffSJohn Fastabend struct bpf_dtab_netdev *dev; 227546ac1ffSJohn Fastabend 228546ac1ffSJohn Fastabend dev = dtab->netdev_map[i]; 229546ac1ffSJohn Fastabend if (!dev) 230546ac1ffSJohn Fastabend continue; 231546ac1ffSJohn Fastabend 232fbee97feSDavid Ahern if (dev->xdp_prog) 233fbee97feSDavid Ahern bpf_prog_put(dev->xdp_prog); 234546ac1ffSJohn Fastabend dev_put(dev->dev); 235546ac1ffSJohn Fastabend kfree(dev); 236546ac1ffSJohn Fastabend } 237546ac1ffSJohn Fastabend 238546ac1ffSJohn Fastabend bpf_map_area_free(dtab->netdev_map); 239071cdeceSToke Høiland-Jørgensen } 240071cdeceSToke Høiland-Jørgensen 241546ac1ffSJohn Fastabend kfree(dtab); 242546ac1ffSJohn Fastabend } 243546ac1ffSJohn Fastabend 244546ac1ffSJohn Fastabend static int dev_map_get_next_key(struct bpf_map *map, void *key, void *next_key) 245546ac1ffSJohn Fastabend { 246546ac1ffSJohn Fastabend struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 247546ac1ffSJohn Fastabend u32 index = key ? *(u32 *)key : U32_MAX; 248af4d045cSDaniel Borkmann u32 *next = next_key; 249546ac1ffSJohn Fastabend 250546ac1ffSJohn Fastabend if (index >= dtab->map.max_entries) { 251546ac1ffSJohn Fastabend *next = 0; 252546ac1ffSJohn Fastabend return 0; 253546ac1ffSJohn Fastabend } 254546ac1ffSJohn Fastabend 255546ac1ffSJohn Fastabend if (index == dtab->map.max_entries - 1) 256546ac1ffSJohn Fastabend return -ENOENT; 257546ac1ffSJohn Fastabend *next = index + 1; 258546ac1ffSJohn Fastabend return 0; 259546ac1ffSJohn Fastabend } 260546ac1ffSJohn Fastabend 261*e6a4750fSBjörn Töpel static void *__dev_map_hash_lookup_elem(struct bpf_map *map, u32 key) 2626f9d451aSToke Høiland-Jørgensen { 2636f9d451aSToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 2646f9d451aSToke Høiland-Jørgensen struct hlist_head *head = dev_map_index_hash(dtab, key); 2656f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *dev; 2666f9d451aSToke Høiland-Jørgensen 267485ec2eaSAmol Grover hlist_for_each_entry_rcu(dev, head, index_hlist, 268485ec2eaSAmol Grover lockdep_is_held(&dtab->index_lock)) 2696f9d451aSToke Høiland-Jørgensen if (dev->idx == key) 2706f9d451aSToke Høiland-Jørgensen return dev; 2716f9d451aSToke Høiland-Jørgensen 2726f9d451aSToke Høiland-Jørgensen return NULL; 2736f9d451aSToke Høiland-Jørgensen } 2746f9d451aSToke Høiland-Jørgensen 2756f9d451aSToke Høiland-Jørgensen static int dev_map_hash_get_next_key(struct bpf_map *map, void *key, 2766f9d451aSToke Høiland-Jørgensen void *next_key) 2776f9d451aSToke Høiland-Jørgensen { 2786f9d451aSToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 2796f9d451aSToke Høiland-Jørgensen u32 idx, *next = next_key; 2806f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *dev, *next_dev; 2816f9d451aSToke Høiland-Jørgensen struct hlist_head *head; 2826f9d451aSToke Høiland-Jørgensen int i = 0; 2836f9d451aSToke Høiland-Jørgensen 2846f9d451aSToke Høiland-Jørgensen if (!key) 2856f9d451aSToke Høiland-Jørgensen goto find_first; 2866f9d451aSToke Høiland-Jørgensen 2876f9d451aSToke Høiland-Jørgensen idx = *(u32 *)key; 2886f9d451aSToke Høiland-Jørgensen 2896f9d451aSToke Høiland-Jørgensen dev = __dev_map_hash_lookup_elem(map, idx); 2906f9d451aSToke Høiland-Jørgensen if (!dev) 2916f9d451aSToke Høiland-Jørgensen goto find_first; 2926f9d451aSToke Høiland-Jørgensen 2936f9d451aSToke Høiland-Jørgensen next_dev = hlist_entry_safe(rcu_dereference_raw(hlist_next_rcu(&dev->index_hlist)), 2946f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev, index_hlist); 2956f9d451aSToke Høiland-Jørgensen 2966f9d451aSToke Høiland-Jørgensen if (next_dev) { 2976f9d451aSToke Høiland-Jørgensen *next = next_dev->idx; 2986f9d451aSToke Høiland-Jørgensen return 0; 2996f9d451aSToke Høiland-Jørgensen } 3006f9d451aSToke Høiland-Jørgensen 3016f9d451aSToke Høiland-Jørgensen i = idx & (dtab->n_buckets - 1); 3026f9d451aSToke Høiland-Jørgensen i++; 3036f9d451aSToke Høiland-Jørgensen 3046f9d451aSToke Høiland-Jørgensen find_first: 3056f9d451aSToke Høiland-Jørgensen for (; i < dtab->n_buckets; i++) { 3066f9d451aSToke Høiland-Jørgensen head = dev_map_index_hash(dtab, i); 3076f9d451aSToke Høiland-Jørgensen 3086f9d451aSToke Høiland-Jørgensen next_dev = hlist_entry_safe(rcu_dereference_raw(hlist_first_rcu(head)), 3096f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev, 3106f9d451aSToke Høiland-Jørgensen index_hlist); 3116f9d451aSToke Høiland-Jørgensen if (next_dev) { 3126f9d451aSToke Høiland-Jørgensen *next = next_dev->idx; 3136f9d451aSToke Høiland-Jørgensen return 0; 3146f9d451aSToke Høiland-Jørgensen } 3156f9d451aSToke Høiland-Jørgensen } 3166f9d451aSToke Høiland-Jørgensen 3176f9d451aSToke Høiland-Jørgensen return -ENOENT; 3186f9d451aSToke Høiland-Jørgensen } 3196f9d451aSToke Høiland-Jørgensen 320fbee97feSDavid Ahern bool dev_map_can_have_prog(struct bpf_map *map) 321fbee97feSDavid Ahern { 322fbee97feSDavid Ahern if ((map->map_type == BPF_MAP_TYPE_DEVMAP || 323fbee97feSDavid Ahern map->map_type == BPF_MAP_TYPE_DEVMAP_HASH) && 324fbee97feSDavid Ahern map->value_size != offsetofend(struct bpf_devmap_val, ifindex)) 325fbee97feSDavid Ahern return true; 326fbee97feSDavid Ahern 327fbee97feSDavid Ahern return false; 328fbee97feSDavid Ahern } 329fbee97feSDavid Ahern 330ebc4ecd4SBjörn Töpel static void bq_xmit_all(struct xdp_dev_bulk_queue *bq, u32 flags) 3315d053f9dSJesper Dangaard Brouer { 33275ccae62SToke Høiland-Jørgensen struct net_device *dev = bq->dev; 333e74de52eSJesper Dangaard Brouer int sent = 0, drops = 0, err = 0; 3345d053f9dSJesper Dangaard Brouer int i; 3355d053f9dSJesper Dangaard Brouer 3365d053f9dSJesper Dangaard Brouer if (unlikely(!bq->count)) 337ebc4ecd4SBjörn Töpel return; 3385d053f9dSJesper Dangaard Brouer 3395d053f9dSJesper Dangaard Brouer for (i = 0; i < bq->count; i++) { 3405d053f9dSJesper Dangaard Brouer struct xdp_frame *xdpf = bq->q[i]; 3415d053f9dSJesper Dangaard Brouer 3425d053f9dSJesper Dangaard Brouer prefetch(xdpf); 3435d053f9dSJesper Dangaard Brouer } 3445d053f9dSJesper Dangaard Brouer 345c1ece6b2SJesper Dangaard Brouer sent = dev->netdev_ops->ndo_xdp_xmit(dev, bq->count, bq->q, flags); 346735fc405SJesper Dangaard Brouer if (sent < 0) { 347e74de52eSJesper Dangaard Brouer err = sent; 348735fc405SJesper Dangaard Brouer sent = 0; 349735fc405SJesper Dangaard Brouer goto error; 35038edddb8SJesper Dangaard Brouer } 351735fc405SJesper Dangaard Brouer drops = bq->count - sent; 352735fc405SJesper Dangaard Brouer out: 3535d053f9dSJesper Dangaard Brouer bq->count = 0; 3545d053f9dSJesper Dangaard Brouer 35558aa94f9SJesper Dangaard Brouer trace_xdp_devmap_xmit(bq->dev_rx, dev, sent, drops, err); 35638edddb8SJesper Dangaard Brouer bq->dev_rx = NULL; 357d5df2830SToke Høiland-Jørgensen __list_del_clearprev(&bq->flush_node); 358ebc4ecd4SBjörn Töpel return; 359735fc405SJesper Dangaard Brouer error: 360735fc405SJesper Dangaard Brouer /* If ndo_xdp_xmit fails with an errno, no frames have been 361735fc405SJesper Dangaard Brouer * xmit'ed and it's our responsibility to them free all. 362735fc405SJesper Dangaard Brouer */ 363735fc405SJesper Dangaard Brouer for (i = 0; i < bq->count; i++) { 364735fc405SJesper Dangaard Brouer struct xdp_frame *xdpf = bq->q[i]; 365735fc405SJesper Dangaard Brouer 366735fc405SJesper Dangaard Brouer xdp_return_frame_rx_napi(xdpf); 367735fc405SJesper Dangaard Brouer drops++; 368735fc405SJesper Dangaard Brouer } 369735fc405SJesper Dangaard Brouer goto out; 3705d053f9dSJesper Dangaard Brouer } 3715d053f9dSJesper Dangaard Brouer 3721d233886SToke Høiland-Jørgensen /* __dev_flush is called from xdp_do_flush() which _must_ be signaled 37311393cc9SJohn Fastabend * from the driver before returning from its napi->poll() routine. The poll() 37411393cc9SJohn Fastabend * routine is called either from busy_poll context or net_rx_action signaled 37511393cc9SJohn Fastabend * from NET_RX_SOFTIRQ. Either way the poll routine must complete before the 376d5df2830SToke Høiland-Jørgensen * net device can be torn down. On devmap tear down we ensure the flush list 377d5df2830SToke Høiland-Jørgensen * is empty before completing to ensure all flush operations have completed. 378b23bfa56SJohn Fastabend * When drivers update the bpf program they may need to ensure any flush ops 379b23bfa56SJohn Fastabend * are also complete. Using synchronize_rcu or call_rcu will suffice for this 380b23bfa56SJohn Fastabend * because both wait for napi context to exit. 38111393cc9SJohn Fastabend */ 3821d233886SToke Høiland-Jørgensen void __dev_flush(void) 38311393cc9SJohn Fastabend { 3841d233886SToke Høiland-Jørgensen struct list_head *flush_list = this_cpu_ptr(&dev_flush_list); 38575ccae62SToke Høiland-Jørgensen struct xdp_dev_bulk_queue *bq, *tmp; 38611393cc9SJohn Fastabend 387d5df2830SToke Høiland-Jørgensen list_for_each_entry_safe(bq, tmp, flush_list, flush_node) 3880536b852SBjörn Töpel bq_xmit_all(bq, XDP_XMIT_FLUSH); 38911393cc9SJohn Fastabend } 39011393cc9SJohn Fastabend 391546ac1ffSJohn Fastabend /* rcu_read_lock (from syscall and BPF contexts) ensures that if a delete and/or 392546ac1ffSJohn Fastabend * update happens in parallel here a dev_put wont happen until after reading the 393546ac1ffSJohn Fastabend * ifindex. 394546ac1ffSJohn Fastabend */ 395*e6a4750fSBjörn Töpel static void *__dev_map_lookup_elem(struct bpf_map *map, u32 key) 396546ac1ffSJohn Fastabend { 397546ac1ffSJohn Fastabend struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 39867f29e07SJesper Dangaard Brouer struct bpf_dtab_netdev *obj; 399546ac1ffSJohn Fastabend 400af4d045cSDaniel Borkmann if (key >= map->max_entries) 401546ac1ffSJohn Fastabend return NULL; 402546ac1ffSJohn Fastabend 40367f29e07SJesper Dangaard Brouer obj = READ_ONCE(dtab->netdev_map[key]); 40467f29e07SJesper Dangaard Brouer return obj; 40567f29e07SJesper Dangaard Brouer } 40667f29e07SJesper Dangaard Brouer 4075d053f9dSJesper Dangaard Brouer /* Runs under RCU-read-side, plus in softirq under NAPI protection. 4085d053f9dSJesper Dangaard Brouer * Thus, safe percpu variable access. 4095d053f9dSJesper Dangaard Brouer */ 410ebc4ecd4SBjörn Töpel static void bq_enqueue(struct net_device *dev, struct xdp_frame *xdpf, 41138edddb8SJesper Dangaard Brouer struct net_device *dev_rx) 4125d053f9dSJesper Dangaard Brouer { 4131d233886SToke Høiland-Jørgensen struct list_head *flush_list = this_cpu_ptr(&dev_flush_list); 41475ccae62SToke Høiland-Jørgensen struct xdp_dev_bulk_queue *bq = this_cpu_ptr(dev->xdp_bulkq); 4155d053f9dSJesper Dangaard Brouer 4165d053f9dSJesper Dangaard Brouer if (unlikely(bq->count == DEV_MAP_BULK_SIZE)) 4170536b852SBjörn Töpel bq_xmit_all(bq, 0); 4185d053f9dSJesper Dangaard Brouer 41938edddb8SJesper Dangaard Brouer /* Ingress dev_rx will be the same for all xdp_frame's in 42038edddb8SJesper Dangaard Brouer * bulk_queue, because bq stored per-CPU and must be flushed 42138edddb8SJesper Dangaard Brouer * from net_device drivers NAPI func end. 42238edddb8SJesper Dangaard Brouer */ 42338edddb8SJesper Dangaard Brouer if (!bq->dev_rx) 42438edddb8SJesper Dangaard Brouer bq->dev_rx = dev_rx; 42538edddb8SJesper Dangaard Brouer 4265d053f9dSJesper Dangaard Brouer bq->q[bq->count++] = xdpf; 427d5df2830SToke Høiland-Jørgensen 428d5df2830SToke Høiland-Jørgensen if (!bq->flush_node.prev) 429d5df2830SToke Høiland-Jørgensen list_add(&bq->flush_node, flush_list); 4305d053f9dSJesper Dangaard Brouer } 4315d053f9dSJesper Dangaard Brouer 4321d233886SToke Høiland-Jørgensen static inline int __xdp_enqueue(struct net_device *dev, struct xdp_buff *xdp, 43338edddb8SJesper Dangaard Brouer struct net_device *dev_rx) 43467f29e07SJesper Dangaard Brouer { 43567f29e07SJesper Dangaard Brouer struct xdp_frame *xdpf; 436d8d7218aSToshiaki Makita int err; 43767f29e07SJesper Dangaard Brouer 43867f29e07SJesper Dangaard Brouer if (!dev->netdev_ops->ndo_xdp_xmit) 43967f29e07SJesper Dangaard Brouer return -EOPNOTSUPP; 44067f29e07SJesper Dangaard Brouer 441d8d7218aSToshiaki Makita err = xdp_ok_fwd_dev(dev, xdp->data_end - xdp->data); 442d8d7218aSToshiaki Makita if (unlikely(err)) 443d8d7218aSToshiaki Makita return err; 444d8d7218aSToshiaki Makita 4451b698fa5SLorenzo Bianconi xdpf = xdp_convert_buff_to_frame(xdp); 44667f29e07SJesper Dangaard Brouer if (unlikely(!xdpf)) 44767f29e07SJesper Dangaard Brouer return -EOVERFLOW; 44867f29e07SJesper Dangaard Brouer 449ebc4ecd4SBjörn Töpel bq_enqueue(dev, xdpf, dev_rx); 450ebc4ecd4SBjörn Töpel return 0; 451546ac1ffSJohn Fastabend } 452546ac1ffSJohn Fastabend 453fbee97feSDavid Ahern static struct xdp_buff *dev_map_run_prog(struct net_device *dev, 454fbee97feSDavid Ahern struct xdp_buff *xdp, 455fbee97feSDavid Ahern struct bpf_prog *xdp_prog) 456fbee97feSDavid Ahern { 45764b59025SDavid Ahern struct xdp_txq_info txq = { .dev = dev }; 458fbee97feSDavid Ahern u32 act; 459fbee97feSDavid Ahern 46026afa0a4SDavid Ahern xdp_set_data_meta_invalid(xdp); 46164b59025SDavid Ahern xdp->txq = &txq; 46264b59025SDavid Ahern 463fbee97feSDavid Ahern act = bpf_prog_run_xdp(xdp_prog, xdp); 464fbee97feSDavid Ahern switch (act) { 465fbee97feSDavid Ahern case XDP_PASS: 466fbee97feSDavid Ahern return xdp; 467fbee97feSDavid Ahern case XDP_DROP: 468fbee97feSDavid Ahern break; 469fbee97feSDavid Ahern default: 470fbee97feSDavid Ahern bpf_warn_invalid_xdp_action(act); 471fbee97feSDavid Ahern fallthrough; 472fbee97feSDavid Ahern case XDP_ABORTED: 473fbee97feSDavid Ahern trace_xdp_exception(dev, xdp_prog, act); 474fbee97feSDavid Ahern break; 475fbee97feSDavid Ahern } 476fbee97feSDavid Ahern 477fbee97feSDavid Ahern xdp_return_buff(xdp); 478fbee97feSDavid Ahern return NULL; 479fbee97feSDavid Ahern } 480fbee97feSDavid Ahern 4811d233886SToke Høiland-Jørgensen int dev_xdp_enqueue(struct net_device *dev, struct xdp_buff *xdp, 4821d233886SToke Høiland-Jørgensen struct net_device *dev_rx) 4831d233886SToke Høiland-Jørgensen { 4841d233886SToke Høiland-Jørgensen return __xdp_enqueue(dev, xdp, dev_rx); 4851d233886SToke Høiland-Jørgensen } 4861d233886SToke Høiland-Jørgensen 4871d233886SToke Høiland-Jørgensen int dev_map_enqueue(struct bpf_dtab_netdev *dst, struct xdp_buff *xdp, 4881d233886SToke Høiland-Jørgensen struct net_device *dev_rx) 4891d233886SToke Høiland-Jørgensen { 4901d233886SToke Høiland-Jørgensen struct net_device *dev = dst->dev; 4911d233886SToke Høiland-Jørgensen 492fbee97feSDavid Ahern if (dst->xdp_prog) { 493fbee97feSDavid Ahern xdp = dev_map_run_prog(dev, xdp, dst->xdp_prog); 494fbee97feSDavid Ahern if (!xdp) 495fbee97feSDavid Ahern return 0; 496fbee97feSDavid Ahern } 4971d233886SToke Høiland-Jørgensen return __xdp_enqueue(dev, xdp, dev_rx); 4981d233886SToke Høiland-Jørgensen } 4991d233886SToke Høiland-Jørgensen 5006d5fc195SToshiaki Makita int dev_map_generic_redirect(struct bpf_dtab_netdev *dst, struct sk_buff *skb, 5016d5fc195SToshiaki Makita struct bpf_prog *xdp_prog) 5026d5fc195SToshiaki Makita { 5036d5fc195SToshiaki Makita int err; 5046d5fc195SToshiaki Makita 505d8d7218aSToshiaki Makita err = xdp_ok_fwd_dev(dst->dev, skb->len); 5066d5fc195SToshiaki Makita if (unlikely(err)) 5076d5fc195SToshiaki Makita return err; 5086d5fc195SToshiaki Makita skb->dev = dst->dev; 5096d5fc195SToshiaki Makita generic_xdp_tx(skb, xdp_prog); 5106d5fc195SToshiaki Makita 5116d5fc195SToshiaki Makita return 0; 5126d5fc195SToshiaki Makita } 5136d5fc195SToshiaki Makita 514af4d045cSDaniel Borkmann static void *dev_map_lookup_elem(struct bpf_map *map, void *key) 51511393cc9SJohn Fastabend { 51667f29e07SJesper Dangaard Brouer struct bpf_dtab_netdev *obj = __dev_map_lookup_elem(map, *(u32 *)key); 517af4d045cSDaniel Borkmann 5187f1c0426SDavid Ahern return obj ? &obj->val : NULL; 519af4d045cSDaniel Borkmann } 520af4d045cSDaniel Borkmann 5216f9d451aSToke Høiland-Jørgensen static void *dev_map_hash_lookup_elem(struct bpf_map *map, void *key) 5226f9d451aSToke Høiland-Jørgensen { 5236f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *obj = __dev_map_hash_lookup_elem(map, 5246f9d451aSToke Høiland-Jørgensen *(u32 *)key); 5257f1c0426SDavid Ahern return obj ? &obj->val : NULL; 5266f9d451aSToke Høiland-Jørgensen } 5276f9d451aSToke Høiland-Jørgensen 528546ac1ffSJohn Fastabend static void __dev_map_entry_free(struct rcu_head *rcu) 529546ac1ffSJohn Fastabend { 530af4d045cSDaniel Borkmann struct bpf_dtab_netdev *dev; 531546ac1ffSJohn Fastabend 532af4d045cSDaniel Borkmann dev = container_of(rcu, struct bpf_dtab_netdev, rcu); 533fbee97feSDavid Ahern if (dev->xdp_prog) 534fbee97feSDavid Ahern bpf_prog_put(dev->xdp_prog); 535af4d045cSDaniel Borkmann dev_put(dev->dev); 536af4d045cSDaniel Borkmann kfree(dev); 537546ac1ffSJohn Fastabend } 538546ac1ffSJohn Fastabend 539546ac1ffSJohn Fastabend static int dev_map_delete_elem(struct bpf_map *map, void *key) 540546ac1ffSJohn Fastabend { 541546ac1ffSJohn Fastabend struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 542546ac1ffSJohn Fastabend struct bpf_dtab_netdev *old_dev; 543546ac1ffSJohn Fastabend int k = *(u32 *)key; 544546ac1ffSJohn Fastabend 545546ac1ffSJohn Fastabend if (k >= map->max_entries) 546546ac1ffSJohn Fastabend return -EINVAL; 547546ac1ffSJohn Fastabend 548af4d045cSDaniel Borkmann /* Use call_rcu() here to ensure any rcu critical sections have 54942a84a8cSJohn Fastabend * completed as well as any flush operations because call_rcu 55042a84a8cSJohn Fastabend * will wait for preempt-disable region to complete, NAPI in this 55142a84a8cSJohn Fastabend * context. And additionally, the driver tear down ensures all 55242a84a8cSJohn Fastabend * soft irqs are complete before removing the net device in the 55342a84a8cSJohn Fastabend * case of dev_put equals zero. 554546ac1ffSJohn Fastabend */ 555546ac1ffSJohn Fastabend old_dev = xchg(&dtab->netdev_map[k], NULL); 556546ac1ffSJohn Fastabend if (old_dev) 557546ac1ffSJohn Fastabend call_rcu(&old_dev->rcu, __dev_map_entry_free); 558546ac1ffSJohn Fastabend return 0; 559546ac1ffSJohn Fastabend } 560546ac1ffSJohn Fastabend 5616f9d451aSToke Høiland-Jørgensen static int dev_map_hash_delete_elem(struct bpf_map *map, void *key) 5626f9d451aSToke Høiland-Jørgensen { 5636f9d451aSToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 5646f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *old_dev; 5656f9d451aSToke Høiland-Jørgensen int k = *(u32 *)key; 5666f9d451aSToke Høiland-Jørgensen unsigned long flags; 5676f9d451aSToke Høiland-Jørgensen int ret = -ENOENT; 5686f9d451aSToke Høiland-Jørgensen 5696f9d451aSToke Høiland-Jørgensen spin_lock_irqsave(&dtab->index_lock, flags); 5706f9d451aSToke Høiland-Jørgensen 5716f9d451aSToke Høiland-Jørgensen old_dev = __dev_map_hash_lookup_elem(map, k); 5726f9d451aSToke Høiland-Jørgensen if (old_dev) { 5736f9d451aSToke Høiland-Jørgensen dtab->items--; 5746f9d451aSToke Høiland-Jørgensen hlist_del_init_rcu(&old_dev->index_hlist); 5756f9d451aSToke Høiland-Jørgensen call_rcu(&old_dev->rcu, __dev_map_entry_free); 5766f9d451aSToke Høiland-Jørgensen ret = 0; 5776f9d451aSToke Høiland-Jørgensen } 5786f9d451aSToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 5796f9d451aSToke Høiland-Jørgensen 5806f9d451aSToke Høiland-Jørgensen return ret; 5816f9d451aSToke Høiland-Jørgensen } 5826f9d451aSToke Høiland-Jørgensen 583fca16e51SToke Høiland-Jørgensen static struct bpf_dtab_netdev *__dev_map_alloc_node(struct net *net, 584fca16e51SToke Høiland-Jørgensen struct bpf_dtab *dtab, 5857f1c0426SDavid Ahern struct bpf_devmap_val *val, 586fca16e51SToke Høiland-Jørgensen unsigned int idx) 587546ac1ffSJohn Fastabend { 588fbee97feSDavid Ahern struct bpf_prog *prog = NULL; 589fca16e51SToke Høiland-Jørgensen struct bpf_dtab_netdev *dev; 590546ac1ffSJohn Fastabend 5911440290aSRoman Gushchin dev = bpf_map_kmalloc_node(&dtab->map, sizeof(*dev), 5921440290aSRoman Gushchin GFP_ATOMIC | __GFP_NOWARN, 59375ccae62SToke Høiland-Jørgensen dtab->map.numa_node); 594546ac1ffSJohn Fastabend if (!dev) 595fca16e51SToke Høiland-Jørgensen return ERR_PTR(-ENOMEM); 596546ac1ffSJohn Fastabend 5977f1c0426SDavid Ahern dev->dev = dev_get_by_index(net, val->ifindex); 5987f1c0426SDavid Ahern if (!dev->dev) 5997f1c0426SDavid Ahern goto err_out; 600546ac1ffSJohn Fastabend 601281920b7SJesper Dangaard Brouer if (val->bpf_prog.fd > 0) { 602fbee97feSDavid Ahern prog = bpf_prog_get_type_dev(val->bpf_prog.fd, 603fbee97feSDavid Ahern BPF_PROG_TYPE_XDP, false); 604fbee97feSDavid Ahern if (IS_ERR(prog)) 605fbee97feSDavid Ahern goto err_put_dev; 606fbee97feSDavid Ahern if (prog->expected_attach_type != BPF_XDP_DEVMAP) 607fbee97feSDavid Ahern goto err_put_prog; 608fbee97feSDavid Ahern } 609fbee97feSDavid Ahern 610fca16e51SToke Høiland-Jørgensen dev->idx = idx; 611546ac1ffSJohn Fastabend dev->dtab = dtab; 612fbee97feSDavid Ahern if (prog) { 613fbee97feSDavid Ahern dev->xdp_prog = prog; 614fbee97feSDavid Ahern dev->val.bpf_prog.id = prog->aux->id; 615fbee97feSDavid Ahern } else { 616fbee97feSDavid Ahern dev->xdp_prog = NULL; 617fbee97feSDavid Ahern dev->val.bpf_prog.id = 0; 618fbee97feSDavid Ahern } 6197f1c0426SDavid Ahern dev->val.ifindex = val->ifindex; 620fca16e51SToke Høiland-Jørgensen 621fca16e51SToke Høiland-Jørgensen return dev; 622fbee97feSDavid Ahern err_put_prog: 623fbee97feSDavid Ahern bpf_prog_put(prog); 624fbee97feSDavid Ahern err_put_dev: 625fbee97feSDavid Ahern dev_put(dev->dev); 6267f1c0426SDavid Ahern err_out: 6277f1c0426SDavid Ahern kfree(dev); 6287f1c0426SDavid Ahern return ERR_PTR(-EINVAL); 629fca16e51SToke Høiland-Jørgensen } 630fca16e51SToke Høiland-Jørgensen 631fca16e51SToke Høiland-Jørgensen static int __dev_map_update_elem(struct net *net, struct bpf_map *map, 632fca16e51SToke Høiland-Jørgensen void *key, void *value, u64 map_flags) 633fca16e51SToke Høiland-Jørgensen { 634fca16e51SToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 635fca16e51SToke Høiland-Jørgensen struct bpf_dtab_netdev *dev, *old_dev; 636281920b7SJesper Dangaard Brouer struct bpf_devmap_val val = {}; 637fca16e51SToke Høiland-Jørgensen u32 i = *(u32 *)key; 638fca16e51SToke Høiland-Jørgensen 639fca16e51SToke Høiland-Jørgensen if (unlikely(map_flags > BPF_EXIST)) 640fca16e51SToke Høiland-Jørgensen return -EINVAL; 641fca16e51SToke Høiland-Jørgensen if (unlikely(i >= dtab->map.max_entries)) 642fca16e51SToke Høiland-Jørgensen return -E2BIG; 643fca16e51SToke Høiland-Jørgensen if (unlikely(map_flags == BPF_NOEXIST)) 644fca16e51SToke Høiland-Jørgensen return -EEXIST; 645fca16e51SToke Høiland-Jørgensen 6467f1c0426SDavid Ahern /* already verified value_size <= sizeof val */ 6477f1c0426SDavid Ahern memcpy(&val, value, map->value_size); 6487f1c0426SDavid Ahern 6497f1c0426SDavid Ahern if (!val.ifindex) { 650fca16e51SToke Høiland-Jørgensen dev = NULL; 651fbee97feSDavid Ahern /* can not specify fd if ifindex is 0 */ 652281920b7SJesper Dangaard Brouer if (val.bpf_prog.fd > 0) 653fbee97feSDavid Ahern return -EINVAL; 654fca16e51SToke Høiland-Jørgensen } else { 6557f1c0426SDavid Ahern dev = __dev_map_alloc_node(net, dtab, &val, i); 656fca16e51SToke Høiland-Jørgensen if (IS_ERR(dev)) 657fca16e51SToke Høiland-Jørgensen return PTR_ERR(dev); 658546ac1ffSJohn Fastabend } 659546ac1ffSJohn Fastabend 660546ac1ffSJohn Fastabend /* Use call_rcu() here to ensure rcu critical sections have completed 661546ac1ffSJohn Fastabend * Remembering the driver side flush operation will happen before the 662546ac1ffSJohn Fastabend * net device is removed. 663546ac1ffSJohn Fastabend */ 664546ac1ffSJohn Fastabend old_dev = xchg(&dtab->netdev_map[i], dev); 665546ac1ffSJohn Fastabend if (old_dev) 666546ac1ffSJohn Fastabend call_rcu(&old_dev->rcu, __dev_map_entry_free); 667546ac1ffSJohn Fastabend 668546ac1ffSJohn Fastabend return 0; 669546ac1ffSJohn Fastabend } 670546ac1ffSJohn Fastabend 671fca16e51SToke Høiland-Jørgensen static int dev_map_update_elem(struct bpf_map *map, void *key, void *value, 672fca16e51SToke Høiland-Jørgensen u64 map_flags) 673fca16e51SToke Høiland-Jørgensen { 674fca16e51SToke Høiland-Jørgensen return __dev_map_update_elem(current->nsproxy->net_ns, 675fca16e51SToke Høiland-Jørgensen map, key, value, map_flags); 676fca16e51SToke Høiland-Jørgensen } 677fca16e51SToke Høiland-Jørgensen 6786f9d451aSToke Høiland-Jørgensen static int __dev_map_hash_update_elem(struct net *net, struct bpf_map *map, 6796f9d451aSToke Høiland-Jørgensen void *key, void *value, u64 map_flags) 6806f9d451aSToke Høiland-Jørgensen { 6816f9d451aSToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 6826f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *dev, *old_dev; 683281920b7SJesper Dangaard Brouer struct bpf_devmap_val val = {}; 6846f9d451aSToke Høiland-Jørgensen u32 idx = *(u32 *)key; 6856f9d451aSToke Høiland-Jørgensen unsigned long flags; 686af58e7eeSToke Høiland-Jørgensen int err = -EEXIST; 6876f9d451aSToke Høiland-Jørgensen 6887f1c0426SDavid Ahern /* already verified value_size <= sizeof val */ 6897f1c0426SDavid Ahern memcpy(&val, value, map->value_size); 6907f1c0426SDavid Ahern 6917f1c0426SDavid Ahern if (unlikely(map_flags > BPF_EXIST || !val.ifindex)) 6926f9d451aSToke Høiland-Jørgensen return -EINVAL; 6936f9d451aSToke Høiland-Jørgensen 694af58e7eeSToke Høiland-Jørgensen spin_lock_irqsave(&dtab->index_lock, flags); 695af58e7eeSToke Høiland-Jørgensen 6966f9d451aSToke Høiland-Jørgensen old_dev = __dev_map_hash_lookup_elem(map, idx); 6976f9d451aSToke Høiland-Jørgensen if (old_dev && (map_flags & BPF_NOEXIST)) 698af58e7eeSToke Høiland-Jørgensen goto out_err; 6996f9d451aSToke Høiland-Jørgensen 7007f1c0426SDavid Ahern dev = __dev_map_alloc_node(net, dtab, &val, idx); 701af58e7eeSToke Høiland-Jørgensen if (IS_ERR(dev)) { 702af58e7eeSToke Høiland-Jørgensen err = PTR_ERR(dev); 703af58e7eeSToke Høiland-Jørgensen goto out_err; 704af58e7eeSToke Høiland-Jørgensen } 7056f9d451aSToke Høiland-Jørgensen 7066f9d451aSToke Høiland-Jørgensen if (old_dev) { 7076f9d451aSToke Høiland-Jørgensen hlist_del_rcu(&old_dev->index_hlist); 7086f9d451aSToke Høiland-Jørgensen } else { 7096f9d451aSToke Høiland-Jørgensen if (dtab->items >= dtab->map.max_entries) { 7106f9d451aSToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 7116f9d451aSToke Høiland-Jørgensen call_rcu(&dev->rcu, __dev_map_entry_free); 7126f9d451aSToke Høiland-Jørgensen return -E2BIG; 7136f9d451aSToke Høiland-Jørgensen } 7146f9d451aSToke Høiland-Jørgensen dtab->items++; 7156f9d451aSToke Høiland-Jørgensen } 7166f9d451aSToke Høiland-Jørgensen 7176f9d451aSToke Høiland-Jørgensen hlist_add_head_rcu(&dev->index_hlist, 7186f9d451aSToke Høiland-Jørgensen dev_map_index_hash(dtab, idx)); 7196f9d451aSToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 7206f9d451aSToke Høiland-Jørgensen 7216f9d451aSToke Høiland-Jørgensen if (old_dev) 7226f9d451aSToke Høiland-Jørgensen call_rcu(&old_dev->rcu, __dev_map_entry_free); 7236f9d451aSToke Høiland-Jørgensen 7246f9d451aSToke Høiland-Jørgensen return 0; 725af58e7eeSToke Høiland-Jørgensen 726af58e7eeSToke Høiland-Jørgensen out_err: 727af58e7eeSToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 728af58e7eeSToke Høiland-Jørgensen return err; 7296f9d451aSToke Høiland-Jørgensen } 7306f9d451aSToke Høiland-Jørgensen 7316f9d451aSToke Høiland-Jørgensen static int dev_map_hash_update_elem(struct bpf_map *map, void *key, void *value, 7326f9d451aSToke Høiland-Jørgensen u64 map_flags) 7336f9d451aSToke Høiland-Jørgensen { 7346f9d451aSToke Høiland-Jørgensen return __dev_map_hash_update_elem(current->nsproxy->net_ns, 7356f9d451aSToke Høiland-Jørgensen map, key, value, map_flags); 7366f9d451aSToke Høiland-Jørgensen } 7376f9d451aSToke Høiland-Jørgensen 738*e6a4750fSBjörn Töpel static int dev_map_redirect(struct bpf_map *map, u32 ifindex, u64 flags) 739*e6a4750fSBjörn Töpel { 740*e6a4750fSBjörn Töpel return __bpf_xdp_redirect_map(map, ifindex, flags, __dev_map_lookup_elem); 741*e6a4750fSBjörn Töpel } 742*e6a4750fSBjörn Töpel 743*e6a4750fSBjörn Töpel static int dev_hash_map_redirect(struct bpf_map *map, u32 ifindex, u64 flags) 744*e6a4750fSBjörn Töpel { 745*e6a4750fSBjörn Töpel return __bpf_xdp_redirect_map(map, ifindex, flags, __dev_map_hash_lookup_elem); 746*e6a4750fSBjörn Töpel } 747*e6a4750fSBjörn Töpel 7482872e9acSAndrey Ignatov static int dev_map_btf_id; 749546ac1ffSJohn Fastabend const struct bpf_map_ops dev_map_ops = { 750f4d05259SMartin KaFai Lau .map_meta_equal = bpf_map_meta_equal, 751546ac1ffSJohn Fastabend .map_alloc = dev_map_alloc, 752546ac1ffSJohn Fastabend .map_free = dev_map_free, 753546ac1ffSJohn Fastabend .map_get_next_key = dev_map_get_next_key, 754546ac1ffSJohn Fastabend .map_lookup_elem = dev_map_lookup_elem, 755546ac1ffSJohn Fastabend .map_update_elem = dev_map_update_elem, 756546ac1ffSJohn Fastabend .map_delete_elem = dev_map_delete_elem, 757e8d2bec0SDaniel Borkmann .map_check_btf = map_check_no_btf, 7582872e9acSAndrey Ignatov .map_btf_name = "bpf_dtab", 7592872e9acSAndrey Ignatov .map_btf_id = &dev_map_btf_id, 760*e6a4750fSBjörn Töpel .map_redirect = dev_map_redirect, 761546ac1ffSJohn Fastabend }; 7622ddf71e2SJohn Fastabend 7632872e9acSAndrey Ignatov static int dev_map_hash_map_btf_id; 7646f9d451aSToke Høiland-Jørgensen const struct bpf_map_ops dev_map_hash_ops = { 765f4d05259SMartin KaFai Lau .map_meta_equal = bpf_map_meta_equal, 7666f9d451aSToke Høiland-Jørgensen .map_alloc = dev_map_alloc, 7676f9d451aSToke Høiland-Jørgensen .map_free = dev_map_free, 7686f9d451aSToke Høiland-Jørgensen .map_get_next_key = dev_map_hash_get_next_key, 7696f9d451aSToke Høiland-Jørgensen .map_lookup_elem = dev_map_hash_lookup_elem, 7706f9d451aSToke Høiland-Jørgensen .map_update_elem = dev_map_hash_update_elem, 7716f9d451aSToke Høiland-Jørgensen .map_delete_elem = dev_map_hash_delete_elem, 7726f9d451aSToke Høiland-Jørgensen .map_check_btf = map_check_no_btf, 7732872e9acSAndrey Ignatov .map_btf_name = "bpf_dtab", 7742872e9acSAndrey Ignatov .map_btf_id = &dev_map_hash_map_btf_id, 775*e6a4750fSBjörn Töpel .map_redirect = dev_hash_map_redirect, 7766f9d451aSToke Høiland-Jørgensen }; 7776f9d451aSToke Høiland-Jørgensen 778ce197d83SToke Høiland-Jørgensen static void dev_map_hash_remove_netdev(struct bpf_dtab *dtab, 779ce197d83SToke Høiland-Jørgensen struct net_device *netdev) 780ce197d83SToke Høiland-Jørgensen { 781ce197d83SToke Høiland-Jørgensen unsigned long flags; 782ce197d83SToke Høiland-Jørgensen u32 i; 783ce197d83SToke Høiland-Jørgensen 784ce197d83SToke Høiland-Jørgensen spin_lock_irqsave(&dtab->index_lock, flags); 785ce197d83SToke Høiland-Jørgensen for (i = 0; i < dtab->n_buckets; i++) { 786ce197d83SToke Høiland-Jørgensen struct bpf_dtab_netdev *dev; 787ce197d83SToke Høiland-Jørgensen struct hlist_head *head; 788ce197d83SToke Høiland-Jørgensen struct hlist_node *next; 789ce197d83SToke Høiland-Jørgensen 790ce197d83SToke Høiland-Jørgensen head = dev_map_index_hash(dtab, i); 791ce197d83SToke Høiland-Jørgensen 792ce197d83SToke Høiland-Jørgensen hlist_for_each_entry_safe(dev, next, head, index_hlist) { 793ce197d83SToke Høiland-Jørgensen if (netdev != dev->dev) 794ce197d83SToke Høiland-Jørgensen continue; 795ce197d83SToke Høiland-Jørgensen 796ce197d83SToke Høiland-Jørgensen dtab->items--; 797ce197d83SToke Høiland-Jørgensen hlist_del_rcu(&dev->index_hlist); 798ce197d83SToke Høiland-Jørgensen call_rcu(&dev->rcu, __dev_map_entry_free); 799ce197d83SToke Høiland-Jørgensen } 800ce197d83SToke Høiland-Jørgensen } 801ce197d83SToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 802ce197d83SToke Høiland-Jørgensen } 803ce197d83SToke Høiland-Jørgensen 8042ddf71e2SJohn Fastabend static int dev_map_notification(struct notifier_block *notifier, 8052ddf71e2SJohn Fastabend ulong event, void *ptr) 8062ddf71e2SJohn Fastabend { 8072ddf71e2SJohn Fastabend struct net_device *netdev = netdev_notifier_info_to_dev(ptr); 8082ddf71e2SJohn Fastabend struct bpf_dtab *dtab; 80975ccae62SToke Høiland-Jørgensen int i, cpu; 8102ddf71e2SJohn Fastabend 8112ddf71e2SJohn Fastabend switch (event) { 81275ccae62SToke Høiland-Jørgensen case NETDEV_REGISTER: 81375ccae62SToke Høiland-Jørgensen if (!netdev->netdev_ops->ndo_xdp_xmit || netdev->xdp_bulkq) 81475ccae62SToke Høiland-Jørgensen break; 81575ccae62SToke Høiland-Jørgensen 81675ccae62SToke Høiland-Jørgensen /* will be freed in free_netdev() */ 8177d4553b6SJun'ichi Nomura netdev->xdp_bulkq = alloc_percpu(struct xdp_dev_bulk_queue); 81875ccae62SToke Høiland-Jørgensen if (!netdev->xdp_bulkq) 81975ccae62SToke Høiland-Jørgensen return NOTIFY_BAD; 82075ccae62SToke Høiland-Jørgensen 82175ccae62SToke Høiland-Jørgensen for_each_possible_cpu(cpu) 82275ccae62SToke Høiland-Jørgensen per_cpu_ptr(netdev->xdp_bulkq, cpu)->dev = netdev; 82375ccae62SToke Høiland-Jørgensen break; 8242ddf71e2SJohn Fastabend case NETDEV_UNREGISTER: 8254cc7b954SJohn Fastabend /* This rcu_read_lock/unlock pair is needed because 8264cc7b954SJohn Fastabend * dev_map_list is an RCU list AND to ensure a delete 8274cc7b954SJohn Fastabend * operation does not free a netdev_map entry while we 8284cc7b954SJohn Fastabend * are comparing it against the netdev being unregistered. 8294cc7b954SJohn Fastabend */ 8304cc7b954SJohn Fastabend rcu_read_lock(); 8314cc7b954SJohn Fastabend list_for_each_entry_rcu(dtab, &dev_map_list, list) { 832ce197d83SToke Høiland-Jørgensen if (dtab->map.map_type == BPF_MAP_TYPE_DEVMAP_HASH) { 833ce197d83SToke Høiland-Jørgensen dev_map_hash_remove_netdev(dtab, netdev); 834ce197d83SToke Høiland-Jørgensen continue; 835ce197d83SToke Høiland-Jørgensen } 836ce197d83SToke Høiland-Jørgensen 8372ddf71e2SJohn Fastabend for (i = 0; i < dtab->map.max_entries; i++) { 8384cc7b954SJohn Fastabend struct bpf_dtab_netdev *dev, *odev; 8392ddf71e2SJohn Fastabend 8404cc7b954SJohn Fastabend dev = READ_ONCE(dtab->netdev_map[i]); 841f592f804STaehee Yoo if (!dev || netdev != dev->dev) 8422ddf71e2SJohn Fastabend continue; 8434cc7b954SJohn Fastabend odev = cmpxchg(&dtab->netdev_map[i], dev, NULL); 8444cc7b954SJohn Fastabend if (dev == odev) 8452ddf71e2SJohn Fastabend call_rcu(&dev->rcu, 8462ddf71e2SJohn Fastabend __dev_map_entry_free); 8472ddf71e2SJohn Fastabend } 8482ddf71e2SJohn Fastabend } 8494cc7b954SJohn Fastabend rcu_read_unlock(); 8502ddf71e2SJohn Fastabend break; 8512ddf71e2SJohn Fastabend default: 8522ddf71e2SJohn Fastabend break; 8532ddf71e2SJohn Fastabend } 8542ddf71e2SJohn Fastabend return NOTIFY_OK; 8552ddf71e2SJohn Fastabend } 8562ddf71e2SJohn Fastabend 8572ddf71e2SJohn Fastabend static struct notifier_block dev_map_notifier = { 8582ddf71e2SJohn Fastabend .notifier_call = dev_map_notification, 8592ddf71e2SJohn Fastabend }; 8602ddf71e2SJohn Fastabend 8612ddf71e2SJohn Fastabend static int __init dev_map_init(void) 8622ddf71e2SJohn Fastabend { 86396360004SBjörn Töpel int cpu; 86496360004SBjörn Töpel 86567f29e07SJesper Dangaard Brouer /* Assure tracepoint shadow struct _bpf_dtab_netdev is in sync */ 86667f29e07SJesper Dangaard Brouer BUILD_BUG_ON(offsetof(struct bpf_dtab_netdev, dev) != 86767f29e07SJesper Dangaard Brouer offsetof(struct _bpf_dtab_netdev, dev)); 8682ddf71e2SJohn Fastabend register_netdevice_notifier(&dev_map_notifier); 86996360004SBjörn Töpel 87096360004SBjörn Töpel for_each_possible_cpu(cpu) 8711d233886SToke Høiland-Jørgensen INIT_LIST_HEAD(&per_cpu(dev_flush_list, cpu)); 8722ddf71e2SJohn Fastabend return 0; 8732ddf71e2SJohn Fastabend } 8742ddf71e2SJohn Fastabend 8752ddf71e2SJohn Fastabend subsys_initcall(dev_map_init); 876