15b497af4SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-only 2546ac1ffSJohn Fastabend /* Copyright (c) 2017 Covalent IO, Inc. http://covalent.io 3546ac1ffSJohn Fastabend */ 4546ac1ffSJohn Fastabend 5546ac1ffSJohn Fastabend /* Devmaps primary use is as a backend map for XDP BPF helper call 6546ac1ffSJohn Fastabend * bpf_redirect_map(). Because XDP is mostly concerned with performance we 7546ac1ffSJohn Fastabend * spent some effort to ensure the datapath with redirect maps does not use 8546ac1ffSJohn Fastabend * any locking. This is a quick note on the details. 9546ac1ffSJohn Fastabend * 10546ac1ffSJohn Fastabend * We have three possible paths to get into the devmap control plane bpf 11546ac1ffSJohn Fastabend * syscalls, bpf programs, and driver side xmit/flush operations. A bpf syscall 12546ac1ffSJohn Fastabend * will invoke an update, delete, or lookup operation. To ensure updates and 13546ac1ffSJohn Fastabend * deletes appear atomic from the datapath side xchg() is used to modify the 14546ac1ffSJohn Fastabend * netdev_map array. Then because the datapath does a lookup into the netdev_map 15546ac1ffSJohn Fastabend * array (read-only) from an RCU critical section we use call_rcu() to wait for 16546ac1ffSJohn Fastabend * an rcu grace period before free'ing the old data structures. This ensures the 17546ac1ffSJohn Fastabend * datapath always has a valid copy. However, the datapath does a "flush" 18546ac1ffSJohn Fastabend * operation that pushes any pending packets in the driver outside the RCU 19546ac1ffSJohn Fastabend * critical section. Each bpf_dtab_netdev tracks these pending operations using 20d5df2830SToke Høiland-Jørgensen * a per-cpu flush list. The bpf_dtab_netdev object will not be destroyed until 21d5df2830SToke Høiland-Jørgensen * this list is empty, indicating outstanding flush operations have completed. 22546ac1ffSJohn Fastabend * 23546ac1ffSJohn Fastabend * BPF syscalls may race with BPF program calls on any of the update, delete 24546ac1ffSJohn Fastabend * or lookup operations. As noted above the xchg() operation also keep the 25546ac1ffSJohn Fastabend * netdev_map consistent in this case. From the devmap side BPF programs 26546ac1ffSJohn Fastabend * calling into these operations are the same as multiple user space threads 27546ac1ffSJohn Fastabend * making system calls. 282ddf71e2SJohn Fastabend * 292ddf71e2SJohn Fastabend * Finally, any of the above may race with a netdev_unregister notifier. The 302ddf71e2SJohn Fastabend * unregister notifier must search for net devices in the map structure that 312ddf71e2SJohn Fastabend * contain a reference to the net device and remove them. This is a two step 322ddf71e2SJohn Fastabend * process (a) dereference the bpf_dtab_netdev object in netdev_map and (b) 332ddf71e2SJohn Fastabend * check to see if the ifindex is the same as the net_device being removed. 344cc7b954SJohn Fastabend * When removing the dev a cmpxchg() is used to ensure the correct dev is 354cc7b954SJohn Fastabend * removed, in the case of a concurrent update or delete operation it is 364cc7b954SJohn Fastabend * possible that the initially referenced dev is no longer in the map. As the 374cc7b954SJohn Fastabend * notifier hook walks the map we know that new dev references can not be 384cc7b954SJohn Fastabend * added by the user because core infrastructure ensures dev_get_by_index() 394cc7b954SJohn Fastabend * calls will fail at this point. 406f9d451aSToke Høiland-Jørgensen * 416f9d451aSToke Høiland-Jørgensen * The devmap_hash type is a map type which interprets keys as ifindexes and 426f9d451aSToke Høiland-Jørgensen * indexes these using a hashmap. This allows maps that use ifindex as key to be 436f9d451aSToke Høiland-Jørgensen * densely packed instead of having holes in the lookup array for unused 446f9d451aSToke Høiland-Jørgensen * ifindexes. The setup and packet enqueue/send code is shared between the two 456f9d451aSToke Høiland-Jørgensen * types of devmap; only the lookup and insertion is different. 46546ac1ffSJohn Fastabend */ 47546ac1ffSJohn Fastabend #include <linux/bpf.h> 4867f29e07SJesper Dangaard Brouer #include <net/xdp.h> 49546ac1ffSJohn Fastabend #include <linux/filter.h> 5067f29e07SJesper Dangaard Brouer #include <trace/events/xdp.h> 51546ac1ffSJohn Fastabend 526e71b04aSChenbo Feng #define DEV_CREATE_FLAG_MASK \ 536e71b04aSChenbo Feng (BPF_F_NUMA_NODE | BPF_F_RDONLY | BPF_F_WRONLY) 546e71b04aSChenbo Feng 5575ccae62SToke Høiland-Jørgensen struct xdp_dev_bulk_queue { 565d053f9dSJesper Dangaard Brouer struct xdp_frame *q[DEV_MAP_BULK_SIZE]; 57d5df2830SToke Høiland-Jørgensen struct list_head flush_node; 5875ccae62SToke Høiland-Jørgensen struct net_device *dev; 5938edddb8SJesper Dangaard Brouer struct net_device *dev_rx; 605d053f9dSJesper Dangaard Brouer unsigned int count; 615d053f9dSJesper Dangaard Brouer }; 625d053f9dSJesper Dangaard Brouer 637f1c0426SDavid Ahern /* DEVMAP values */ 647f1c0426SDavid Ahern struct bpf_devmap_val { 657f1c0426SDavid Ahern u32 ifindex; /* device index */ 66fbee97feSDavid Ahern union { 67fbee97feSDavid Ahern int fd; /* prog fd on map write */ 68fbee97feSDavid Ahern u32 id; /* prog id on map read */ 69fbee97feSDavid Ahern } bpf_prog; 707f1c0426SDavid Ahern }; 717f1c0426SDavid Ahern 72546ac1ffSJohn Fastabend struct bpf_dtab_netdev { 7367f29e07SJesper Dangaard Brouer struct net_device *dev; /* must be first member, due to tracepoint */ 746f9d451aSToke Høiland-Jørgensen struct hlist_node index_hlist; 75546ac1ffSJohn Fastabend struct bpf_dtab *dtab; 76fbee97feSDavid Ahern struct bpf_prog *xdp_prog; 77af4d045cSDaniel Borkmann struct rcu_head rcu; 7875ccae62SToke Høiland-Jørgensen unsigned int idx; 797f1c0426SDavid Ahern struct bpf_devmap_val val; 80546ac1ffSJohn Fastabend }; 81546ac1ffSJohn Fastabend 82546ac1ffSJohn Fastabend struct bpf_dtab { 83546ac1ffSJohn Fastabend struct bpf_map map; 84071cdeceSToke Høiland-Jørgensen struct bpf_dtab_netdev **netdev_map; /* DEVMAP type only */ 852ddf71e2SJohn Fastabend struct list_head list; 866f9d451aSToke Høiland-Jørgensen 876f9d451aSToke Høiland-Jørgensen /* these are only used for DEVMAP_HASH type maps */ 886f9d451aSToke Høiland-Jørgensen struct hlist_head *dev_index_head; 896f9d451aSToke Høiland-Jørgensen spinlock_t index_lock; 906f9d451aSToke Høiland-Jørgensen unsigned int items; 916f9d451aSToke Høiland-Jørgensen u32 n_buckets; 92546ac1ffSJohn Fastabend }; 93546ac1ffSJohn Fastabend 941d233886SToke Høiland-Jørgensen static DEFINE_PER_CPU(struct list_head, dev_flush_list); 954cc7b954SJohn Fastabend static DEFINE_SPINLOCK(dev_map_lock); 962ddf71e2SJohn Fastabend static LIST_HEAD(dev_map_list); 972ddf71e2SJohn Fastabend 986f9d451aSToke Høiland-Jørgensen static struct hlist_head *dev_map_create_hash(unsigned int entries) 996f9d451aSToke Høiland-Jørgensen { 1006f9d451aSToke Høiland-Jørgensen int i; 1016f9d451aSToke Høiland-Jørgensen struct hlist_head *hash; 1026f9d451aSToke Høiland-Jørgensen 1036f9d451aSToke Høiland-Jørgensen hash = kmalloc_array(entries, sizeof(*hash), GFP_KERNEL); 1046f9d451aSToke Høiland-Jørgensen if (hash != NULL) 1056f9d451aSToke Høiland-Jørgensen for (i = 0; i < entries; i++) 1066f9d451aSToke Høiland-Jørgensen INIT_HLIST_HEAD(&hash[i]); 1076f9d451aSToke Høiland-Jørgensen 1086f9d451aSToke Høiland-Jørgensen return hash; 1096f9d451aSToke Høiland-Jørgensen } 1106f9d451aSToke Høiland-Jørgensen 111071cdeceSToke Høiland-Jørgensen static inline struct hlist_head *dev_map_index_hash(struct bpf_dtab *dtab, 112071cdeceSToke Høiland-Jørgensen int idx) 113071cdeceSToke Høiland-Jørgensen { 114071cdeceSToke Høiland-Jørgensen return &dtab->dev_index_head[idx & (dtab->n_buckets - 1)]; 115071cdeceSToke Høiland-Jørgensen } 116071cdeceSToke Høiland-Jørgensen 117fca16e51SToke Høiland-Jørgensen static int dev_map_init_map(struct bpf_dtab *dtab, union bpf_attr *attr) 118546ac1ffSJohn Fastabend { 119fbee97feSDavid Ahern u32 valsize = attr->value_size; 12096360004SBjörn Töpel u64 cost = 0; 12196360004SBjörn Töpel int err; 122546ac1ffSJohn Fastabend 123fbee97feSDavid Ahern /* check sanity of attributes. 2 value sizes supported: 124fbee97feSDavid Ahern * 4 bytes: ifindex 125fbee97feSDavid Ahern * 8 bytes: ifindex + prog fd 126fbee97feSDavid Ahern */ 127546ac1ffSJohn Fastabend if (attr->max_entries == 0 || attr->key_size != 4 || 128fbee97feSDavid Ahern (valsize != offsetofend(struct bpf_devmap_val, ifindex) && 129fbee97feSDavid Ahern valsize != offsetofend(struct bpf_devmap_val, bpf_prog.fd)) || 130fbee97feSDavid Ahern attr->map_flags & ~DEV_CREATE_FLAG_MASK) 131fca16e51SToke Høiland-Jørgensen return -EINVAL; 132546ac1ffSJohn Fastabend 1330cdbb4b0SToke Høiland-Jørgensen /* Lookup returns a pointer straight to dev->ifindex, so make sure the 1340cdbb4b0SToke Høiland-Jørgensen * verifier prevents writes from the BPF side 1350cdbb4b0SToke Høiland-Jørgensen */ 1360cdbb4b0SToke Høiland-Jørgensen attr->map_flags |= BPF_F_RDONLY_PROG; 1370cdbb4b0SToke Høiland-Jørgensen 138546ac1ffSJohn Fastabend 139bd475643SJakub Kicinski bpf_map_init_from_attr(&dtab->map, attr); 140546ac1ffSJohn Fastabend 1416f9d451aSToke Høiland-Jørgensen if (attr->map_type == BPF_MAP_TYPE_DEVMAP_HASH) { 1426f9d451aSToke Høiland-Jørgensen dtab->n_buckets = roundup_pow_of_two(dtab->map.max_entries); 1436f9d451aSToke Høiland-Jørgensen 1446f9d451aSToke Høiland-Jørgensen if (!dtab->n_buckets) /* Overflow check */ 1456f9d451aSToke Høiland-Jørgensen return -EINVAL; 14605679ca6SToke Høiland-Jørgensen cost += (u64) sizeof(struct hlist_head) * dtab->n_buckets; 147071cdeceSToke Høiland-Jørgensen } else { 148071cdeceSToke Høiland-Jørgensen cost += (u64) dtab->map.max_entries * sizeof(struct bpf_dtab_netdev *); 1496f9d451aSToke Høiland-Jørgensen } 1506f9d451aSToke Høiland-Jørgensen 151b936ca64SRoman Gushchin /* if map size is larger than memlock limit, reject it */ 152c85d6913SRoman Gushchin err = bpf_map_charge_init(&dtab->map.memory, cost); 153546ac1ffSJohn Fastabend if (err) 154fca16e51SToke Høiland-Jørgensen return -EINVAL; 155582db7e0STobias Klauser 156071cdeceSToke Høiland-Jørgensen if (attr->map_type == BPF_MAP_TYPE_DEVMAP_HASH) { 157071cdeceSToke Høiland-Jørgensen dtab->dev_index_head = dev_map_create_hash(dtab->n_buckets); 158071cdeceSToke Høiland-Jørgensen if (!dtab->dev_index_head) 15996360004SBjörn Töpel goto free_charge; 160071cdeceSToke Høiland-Jørgensen 161071cdeceSToke Høiland-Jørgensen spin_lock_init(&dtab->index_lock); 162071cdeceSToke Høiland-Jørgensen } else { 163546ac1ffSJohn Fastabend dtab->netdev_map = bpf_map_area_alloc(dtab->map.max_entries * 16496eabe7aSMartin KaFai Lau sizeof(struct bpf_dtab_netdev *), 16596eabe7aSMartin KaFai Lau dtab->map.numa_node); 166546ac1ffSJohn Fastabend if (!dtab->netdev_map) 16796360004SBjörn Töpel goto free_charge; 1686f9d451aSToke Høiland-Jørgensen } 1696f9d451aSToke Høiland-Jørgensen 170fca16e51SToke Høiland-Jørgensen return 0; 171d5df2830SToke Høiland-Jørgensen 172b936ca64SRoman Gushchin free_charge: 173b936ca64SRoman Gushchin bpf_map_charge_finish(&dtab->map.memory); 174fca16e51SToke Høiland-Jørgensen return -ENOMEM; 175fca16e51SToke Høiland-Jørgensen } 176fca16e51SToke Høiland-Jørgensen 177fca16e51SToke Høiland-Jørgensen static struct bpf_map *dev_map_alloc(union bpf_attr *attr) 178fca16e51SToke Høiland-Jørgensen { 179fca16e51SToke Høiland-Jørgensen struct bpf_dtab *dtab; 180fca16e51SToke Høiland-Jørgensen int err; 181fca16e51SToke Høiland-Jørgensen 182fca16e51SToke Høiland-Jørgensen if (!capable(CAP_NET_ADMIN)) 183fca16e51SToke Høiland-Jørgensen return ERR_PTR(-EPERM); 184fca16e51SToke Høiland-Jørgensen 185fca16e51SToke Høiland-Jørgensen dtab = kzalloc(sizeof(*dtab), GFP_USER); 186fca16e51SToke Høiland-Jørgensen if (!dtab) 187fca16e51SToke Høiland-Jørgensen return ERR_PTR(-ENOMEM); 188fca16e51SToke Høiland-Jørgensen 189fca16e51SToke Høiland-Jørgensen err = dev_map_init_map(dtab, attr); 190fca16e51SToke Høiland-Jørgensen if (err) { 191546ac1ffSJohn Fastabend kfree(dtab); 192582db7e0STobias Klauser return ERR_PTR(err); 193546ac1ffSJohn Fastabend } 194546ac1ffSJohn Fastabend 195fca16e51SToke Høiland-Jørgensen spin_lock(&dev_map_lock); 196fca16e51SToke Høiland-Jørgensen list_add_tail_rcu(&dtab->list, &dev_map_list); 197fca16e51SToke Høiland-Jørgensen spin_unlock(&dev_map_lock); 198fca16e51SToke Høiland-Jørgensen 199fca16e51SToke Høiland-Jørgensen return &dtab->map; 200fca16e51SToke Høiland-Jørgensen } 201fca16e51SToke Høiland-Jørgensen 202546ac1ffSJohn Fastabend static void dev_map_free(struct bpf_map *map) 203546ac1ffSJohn Fastabend { 204546ac1ffSJohn Fastabend struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 2050536b852SBjörn Töpel int i; 206546ac1ffSJohn Fastabend 207546ac1ffSJohn Fastabend /* At this point bpf_prog->aux->refcnt == 0 and this map->refcnt == 0, 208546ac1ffSJohn Fastabend * so the programs (can be more than one that used this map) were 20942a84a8cSJohn Fastabend * disconnected from events. The following synchronize_rcu() guarantees 21042a84a8cSJohn Fastabend * both rcu read critical sections complete and waits for 21142a84a8cSJohn Fastabend * preempt-disable regions (NAPI being the relevant context here) so we 21242a84a8cSJohn Fastabend * are certain there will be no further reads against the netdev_map and 21342a84a8cSJohn Fastabend * all flush operations are complete. Flush operations can only be done 21442a84a8cSJohn Fastabend * from NAPI context for this reason. 215546ac1ffSJohn Fastabend */ 216274043c6SDaniel Borkmann 217274043c6SDaniel Borkmann spin_lock(&dev_map_lock); 218274043c6SDaniel Borkmann list_del_rcu(&dtab->list); 219274043c6SDaniel Borkmann spin_unlock(&dev_map_lock); 220274043c6SDaniel Borkmann 221f6069b9aSDaniel Borkmann bpf_clear_redirect_map(map); 222546ac1ffSJohn Fastabend synchronize_rcu(); 223546ac1ffSJohn Fastabend 2242baae354SEric Dumazet /* Make sure prior __dev_map_entry_free() have completed. */ 2252baae354SEric Dumazet rcu_barrier(); 2262baae354SEric Dumazet 227071cdeceSToke Høiland-Jørgensen if (dtab->map.map_type == BPF_MAP_TYPE_DEVMAP_HASH) { 228071cdeceSToke Høiland-Jørgensen for (i = 0; i < dtab->n_buckets; i++) { 229071cdeceSToke Høiland-Jørgensen struct bpf_dtab_netdev *dev; 230071cdeceSToke Høiland-Jørgensen struct hlist_head *head; 231071cdeceSToke Høiland-Jørgensen struct hlist_node *next; 232071cdeceSToke Høiland-Jørgensen 233071cdeceSToke Høiland-Jørgensen head = dev_map_index_hash(dtab, i); 234071cdeceSToke Høiland-Jørgensen 235071cdeceSToke Høiland-Jørgensen hlist_for_each_entry_safe(dev, next, head, index_hlist) { 236071cdeceSToke Høiland-Jørgensen hlist_del_rcu(&dev->index_hlist); 237fbee97feSDavid Ahern if (dev->xdp_prog) 238fbee97feSDavid Ahern bpf_prog_put(dev->xdp_prog); 239071cdeceSToke Høiland-Jørgensen dev_put(dev->dev); 240071cdeceSToke Høiland-Jørgensen kfree(dev); 241071cdeceSToke Høiland-Jørgensen } 242071cdeceSToke Høiland-Jørgensen } 243071cdeceSToke Høiland-Jørgensen 244071cdeceSToke Høiland-Jørgensen kfree(dtab->dev_index_head); 245071cdeceSToke Høiland-Jørgensen } else { 246546ac1ffSJohn Fastabend for (i = 0; i < dtab->map.max_entries; i++) { 247546ac1ffSJohn Fastabend struct bpf_dtab_netdev *dev; 248546ac1ffSJohn Fastabend 249546ac1ffSJohn Fastabend dev = dtab->netdev_map[i]; 250546ac1ffSJohn Fastabend if (!dev) 251546ac1ffSJohn Fastabend continue; 252546ac1ffSJohn Fastabend 253fbee97feSDavid Ahern if (dev->xdp_prog) 254fbee97feSDavid Ahern bpf_prog_put(dev->xdp_prog); 255546ac1ffSJohn Fastabend dev_put(dev->dev); 256546ac1ffSJohn Fastabend kfree(dev); 257546ac1ffSJohn Fastabend } 258546ac1ffSJohn Fastabend 259546ac1ffSJohn Fastabend bpf_map_area_free(dtab->netdev_map); 260071cdeceSToke Høiland-Jørgensen } 261071cdeceSToke Høiland-Jørgensen 262546ac1ffSJohn Fastabend kfree(dtab); 263546ac1ffSJohn Fastabend } 264546ac1ffSJohn Fastabend 265546ac1ffSJohn Fastabend static int dev_map_get_next_key(struct bpf_map *map, void *key, void *next_key) 266546ac1ffSJohn Fastabend { 267546ac1ffSJohn Fastabend struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 268546ac1ffSJohn Fastabend u32 index = key ? *(u32 *)key : U32_MAX; 269af4d045cSDaniel Borkmann u32 *next = next_key; 270546ac1ffSJohn Fastabend 271546ac1ffSJohn Fastabend if (index >= dtab->map.max_entries) { 272546ac1ffSJohn Fastabend *next = 0; 273546ac1ffSJohn Fastabend return 0; 274546ac1ffSJohn Fastabend } 275546ac1ffSJohn Fastabend 276546ac1ffSJohn Fastabend if (index == dtab->map.max_entries - 1) 277546ac1ffSJohn Fastabend return -ENOENT; 278546ac1ffSJohn Fastabend *next = index + 1; 279546ac1ffSJohn Fastabend return 0; 280546ac1ffSJohn Fastabend } 281546ac1ffSJohn Fastabend 2826f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *__dev_map_hash_lookup_elem(struct bpf_map *map, u32 key) 2836f9d451aSToke Høiland-Jørgensen { 2846f9d451aSToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 2856f9d451aSToke Høiland-Jørgensen struct hlist_head *head = dev_map_index_hash(dtab, key); 2866f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *dev; 2876f9d451aSToke Høiland-Jørgensen 288485ec2eaSAmol Grover hlist_for_each_entry_rcu(dev, head, index_hlist, 289485ec2eaSAmol Grover lockdep_is_held(&dtab->index_lock)) 2906f9d451aSToke Høiland-Jørgensen if (dev->idx == key) 2916f9d451aSToke Høiland-Jørgensen return dev; 2926f9d451aSToke Høiland-Jørgensen 2936f9d451aSToke Høiland-Jørgensen return NULL; 2946f9d451aSToke Høiland-Jørgensen } 2956f9d451aSToke Høiland-Jørgensen 2966f9d451aSToke Høiland-Jørgensen static int dev_map_hash_get_next_key(struct bpf_map *map, void *key, 2976f9d451aSToke Høiland-Jørgensen void *next_key) 2986f9d451aSToke Høiland-Jørgensen { 2996f9d451aSToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 3006f9d451aSToke Høiland-Jørgensen u32 idx, *next = next_key; 3016f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *dev, *next_dev; 3026f9d451aSToke Høiland-Jørgensen struct hlist_head *head; 3036f9d451aSToke Høiland-Jørgensen int i = 0; 3046f9d451aSToke Høiland-Jørgensen 3056f9d451aSToke Høiland-Jørgensen if (!key) 3066f9d451aSToke Høiland-Jørgensen goto find_first; 3076f9d451aSToke Høiland-Jørgensen 3086f9d451aSToke Høiland-Jørgensen idx = *(u32 *)key; 3096f9d451aSToke Høiland-Jørgensen 3106f9d451aSToke Høiland-Jørgensen dev = __dev_map_hash_lookup_elem(map, idx); 3116f9d451aSToke Høiland-Jørgensen if (!dev) 3126f9d451aSToke Høiland-Jørgensen goto find_first; 3136f9d451aSToke Høiland-Jørgensen 3146f9d451aSToke Høiland-Jørgensen next_dev = hlist_entry_safe(rcu_dereference_raw(hlist_next_rcu(&dev->index_hlist)), 3156f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev, index_hlist); 3166f9d451aSToke Høiland-Jørgensen 3176f9d451aSToke Høiland-Jørgensen if (next_dev) { 3186f9d451aSToke Høiland-Jørgensen *next = next_dev->idx; 3196f9d451aSToke Høiland-Jørgensen return 0; 3206f9d451aSToke Høiland-Jørgensen } 3216f9d451aSToke Høiland-Jørgensen 3226f9d451aSToke Høiland-Jørgensen i = idx & (dtab->n_buckets - 1); 3236f9d451aSToke Høiland-Jørgensen i++; 3246f9d451aSToke Høiland-Jørgensen 3256f9d451aSToke Høiland-Jørgensen find_first: 3266f9d451aSToke Høiland-Jørgensen for (; i < dtab->n_buckets; i++) { 3276f9d451aSToke Høiland-Jørgensen head = dev_map_index_hash(dtab, i); 3286f9d451aSToke Høiland-Jørgensen 3296f9d451aSToke Høiland-Jørgensen next_dev = hlist_entry_safe(rcu_dereference_raw(hlist_first_rcu(head)), 3306f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev, 3316f9d451aSToke Høiland-Jørgensen index_hlist); 3326f9d451aSToke Høiland-Jørgensen if (next_dev) { 3336f9d451aSToke Høiland-Jørgensen *next = next_dev->idx; 3346f9d451aSToke Høiland-Jørgensen return 0; 3356f9d451aSToke Høiland-Jørgensen } 3366f9d451aSToke Høiland-Jørgensen } 3376f9d451aSToke Høiland-Jørgensen 3386f9d451aSToke Høiland-Jørgensen return -ENOENT; 3396f9d451aSToke Høiland-Jørgensen } 3406f9d451aSToke Høiland-Jørgensen 341fbee97feSDavid Ahern bool dev_map_can_have_prog(struct bpf_map *map) 342fbee97feSDavid Ahern { 343fbee97feSDavid Ahern if ((map->map_type == BPF_MAP_TYPE_DEVMAP || 344fbee97feSDavid Ahern map->map_type == BPF_MAP_TYPE_DEVMAP_HASH) && 345fbee97feSDavid Ahern map->value_size != offsetofend(struct bpf_devmap_val, ifindex)) 346fbee97feSDavid Ahern return true; 347fbee97feSDavid Ahern 348fbee97feSDavid Ahern return false; 349fbee97feSDavid Ahern } 350fbee97feSDavid Ahern 35175ccae62SToke Høiland-Jørgensen static int bq_xmit_all(struct xdp_dev_bulk_queue *bq, u32 flags) 3525d053f9dSJesper Dangaard Brouer { 35375ccae62SToke Høiland-Jørgensen struct net_device *dev = bq->dev; 354e74de52eSJesper Dangaard Brouer int sent = 0, drops = 0, err = 0; 3555d053f9dSJesper Dangaard Brouer int i; 3565d053f9dSJesper Dangaard Brouer 3575d053f9dSJesper Dangaard Brouer if (unlikely(!bq->count)) 3585d053f9dSJesper Dangaard Brouer return 0; 3595d053f9dSJesper Dangaard Brouer 3605d053f9dSJesper Dangaard Brouer for (i = 0; i < bq->count; i++) { 3615d053f9dSJesper Dangaard Brouer struct xdp_frame *xdpf = bq->q[i]; 3625d053f9dSJesper Dangaard Brouer 3635d053f9dSJesper Dangaard Brouer prefetch(xdpf); 3645d053f9dSJesper Dangaard Brouer } 3655d053f9dSJesper Dangaard Brouer 366c1ece6b2SJesper Dangaard Brouer sent = dev->netdev_ops->ndo_xdp_xmit(dev, bq->count, bq->q, flags); 367735fc405SJesper Dangaard Brouer if (sent < 0) { 368e74de52eSJesper Dangaard Brouer err = sent; 369735fc405SJesper Dangaard Brouer sent = 0; 370735fc405SJesper Dangaard Brouer goto error; 37138edddb8SJesper Dangaard Brouer } 372735fc405SJesper Dangaard Brouer drops = bq->count - sent; 373735fc405SJesper Dangaard Brouer out: 3745d053f9dSJesper Dangaard Brouer bq->count = 0; 3755d053f9dSJesper Dangaard Brouer 37658aa94f9SJesper Dangaard Brouer trace_xdp_devmap_xmit(bq->dev_rx, dev, sent, drops, err); 37738edddb8SJesper Dangaard Brouer bq->dev_rx = NULL; 378d5df2830SToke Høiland-Jørgensen __list_del_clearprev(&bq->flush_node); 3795d053f9dSJesper Dangaard Brouer return 0; 380735fc405SJesper Dangaard Brouer error: 381735fc405SJesper Dangaard Brouer /* If ndo_xdp_xmit fails with an errno, no frames have been 382735fc405SJesper Dangaard Brouer * xmit'ed and it's our responsibility to them free all. 383735fc405SJesper Dangaard Brouer */ 384735fc405SJesper Dangaard Brouer for (i = 0; i < bq->count; i++) { 385735fc405SJesper Dangaard Brouer struct xdp_frame *xdpf = bq->q[i]; 386735fc405SJesper Dangaard Brouer 387735fc405SJesper Dangaard Brouer xdp_return_frame_rx_napi(xdpf); 388735fc405SJesper Dangaard Brouer drops++; 389735fc405SJesper Dangaard Brouer } 390735fc405SJesper Dangaard Brouer goto out; 3915d053f9dSJesper Dangaard Brouer } 3925d053f9dSJesper Dangaard Brouer 3931d233886SToke Høiland-Jørgensen /* __dev_flush is called from xdp_do_flush() which _must_ be signaled 39411393cc9SJohn Fastabend * from the driver before returning from its napi->poll() routine. The poll() 39511393cc9SJohn Fastabend * routine is called either from busy_poll context or net_rx_action signaled 39611393cc9SJohn Fastabend * from NET_RX_SOFTIRQ. Either way the poll routine must complete before the 397d5df2830SToke Høiland-Jørgensen * net device can be torn down. On devmap tear down we ensure the flush list 398d5df2830SToke Høiland-Jørgensen * is empty before completing to ensure all flush operations have completed. 399b23bfa56SJohn Fastabend * When drivers update the bpf program they may need to ensure any flush ops 400b23bfa56SJohn Fastabend * are also complete. Using synchronize_rcu or call_rcu will suffice for this 401b23bfa56SJohn Fastabend * because both wait for napi context to exit. 40211393cc9SJohn Fastabend */ 4031d233886SToke Høiland-Jørgensen void __dev_flush(void) 40411393cc9SJohn Fastabend { 4051d233886SToke Høiland-Jørgensen struct list_head *flush_list = this_cpu_ptr(&dev_flush_list); 40675ccae62SToke Høiland-Jørgensen struct xdp_dev_bulk_queue *bq, *tmp; 40711393cc9SJohn Fastabend 408d5df2830SToke Høiland-Jørgensen list_for_each_entry_safe(bq, tmp, flush_list, flush_node) 4090536b852SBjörn Töpel bq_xmit_all(bq, XDP_XMIT_FLUSH); 41011393cc9SJohn Fastabend } 41111393cc9SJohn Fastabend 412546ac1ffSJohn Fastabend /* rcu_read_lock (from syscall and BPF contexts) ensures that if a delete and/or 413546ac1ffSJohn Fastabend * update happens in parallel here a dev_put wont happen until after reading the 414546ac1ffSJohn Fastabend * ifindex. 415546ac1ffSJohn Fastabend */ 41667f29e07SJesper Dangaard Brouer struct bpf_dtab_netdev *__dev_map_lookup_elem(struct bpf_map *map, u32 key) 417546ac1ffSJohn Fastabend { 418546ac1ffSJohn Fastabend struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 41967f29e07SJesper Dangaard Brouer struct bpf_dtab_netdev *obj; 420546ac1ffSJohn Fastabend 421af4d045cSDaniel Borkmann if (key >= map->max_entries) 422546ac1ffSJohn Fastabend return NULL; 423546ac1ffSJohn Fastabend 42467f29e07SJesper Dangaard Brouer obj = READ_ONCE(dtab->netdev_map[key]); 42567f29e07SJesper Dangaard Brouer return obj; 42667f29e07SJesper Dangaard Brouer } 42767f29e07SJesper Dangaard Brouer 4285d053f9dSJesper Dangaard Brouer /* Runs under RCU-read-side, plus in softirq under NAPI protection. 4295d053f9dSJesper Dangaard Brouer * Thus, safe percpu variable access. 4305d053f9dSJesper Dangaard Brouer */ 43175ccae62SToke Høiland-Jørgensen static int bq_enqueue(struct net_device *dev, struct xdp_frame *xdpf, 43238edddb8SJesper Dangaard Brouer struct net_device *dev_rx) 4335d053f9dSJesper Dangaard Brouer { 4341d233886SToke Høiland-Jørgensen struct list_head *flush_list = this_cpu_ptr(&dev_flush_list); 43575ccae62SToke Høiland-Jørgensen struct xdp_dev_bulk_queue *bq = this_cpu_ptr(dev->xdp_bulkq); 4365d053f9dSJesper Dangaard Brouer 4375d053f9dSJesper Dangaard Brouer if (unlikely(bq->count == DEV_MAP_BULK_SIZE)) 4380536b852SBjörn Töpel bq_xmit_all(bq, 0); 4395d053f9dSJesper Dangaard Brouer 44038edddb8SJesper Dangaard Brouer /* Ingress dev_rx will be the same for all xdp_frame's in 44138edddb8SJesper Dangaard Brouer * bulk_queue, because bq stored per-CPU and must be flushed 44238edddb8SJesper Dangaard Brouer * from net_device drivers NAPI func end. 44338edddb8SJesper Dangaard Brouer */ 44438edddb8SJesper Dangaard Brouer if (!bq->dev_rx) 44538edddb8SJesper Dangaard Brouer bq->dev_rx = dev_rx; 44638edddb8SJesper Dangaard Brouer 4475d053f9dSJesper Dangaard Brouer bq->q[bq->count++] = xdpf; 448d5df2830SToke Høiland-Jørgensen 449d5df2830SToke Høiland-Jørgensen if (!bq->flush_node.prev) 450d5df2830SToke Høiland-Jørgensen list_add(&bq->flush_node, flush_list); 451d5df2830SToke Høiland-Jørgensen 4525d053f9dSJesper Dangaard Brouer return 0; 4535d053f9dSJesper Dangaard Brouer } 4545d053f9dSJesper Dangaard Brouer 4551d233886SToke Høiland-Jørgensen static inline int __xdp_enqueue(struct net_device *dev, struct xdp_buff *xdp, 45638edddb8SJesper Dangaard Brouer struct net_device *dev_rx) 45767f29e07SJesper Dangaard Brouer { 45867f29e07SJesper Dangaard Brouer struct xdp_frame *xdpf; 459d8d7218aSToshiaki Makita int err; 46067f29e07SJesper Dangaard Brouer 46167f29e07SJesper Dangaard Brouer if (!dev->netdev_ops->ndo_xdp_xmit) 46267f29e07SJesper Dangaard Brouer return -EOPNOTSUPP; 46367f29e07SJesper Dangaard Brouer 464d8d7218aSToshiaki Makita err = xdp_ok_fwd_dev(dev, xdp->data_end - xdp->data); 465d8d7218aSToshiaki Makita if (unlikely(err)) 466d8d7218aSToshiaki Makita return err; 467d8d7218aSToshiaki Makita 4681b698fa5SLorenzo Bianconi xdpf = xdp_convert_buff_to_frame(xdp); 46967f29e07SJesper Dangaard Brouer if (unlikely(!xdpf)) 47067f29e07SJesper Dangaard Brouer return -EOVERFLOW; 47167f29e07SJesper Dangaard Brouer 47275ccae62SToke Høiland-Jørgensen return bq_enqueue(dev, xdpf, dev_rx); 473546ac1ffSJohn Fastabend } 474546ac1ffSJohn Fastabend 475fbee97feSDavid Ahern static struct xdp_buff *dev_map_run_prog(struct net_device *dev, 476fbee97feSDavid Ahern struct xdp_buff *xdp, 477fbee97feSDavid Ahern struct bpf_prog *xdp_prog) 478fbee97feSDavid Ahern { 47964b59025SDavid Ahern struct xdp_txq_info txq = { .dev = dev }; 480fbee97feSDavid Ahern u32 act; 481fbee97feSDavid Ahern 482*26afa0a4SDavid Ahern xdp_set_data_meta_invalid(xdp); 48364b59025SDavid Ahern xdp->txq = &txq; 48464b59025SDavid Ahern 485fbee97feSDavid Ahern act = bpf_prog_run_xdp(xdp_prog, xdp); 486fbee97feSDavid Ahern switch (act) { 487fbee97feSDavid Ahern case XDP_PASS: 488fbee97feSDavid Ahern return xdp; 489fbee97feSDavid Ahern case XDP_DROP: 490fbee97feSDavid Ahern break; 491fbee97feSDavid Ahern default: 492fbee97feSDavid Ahern bpf_warn_invalid_xdp_action(act); 493fbee97feSDavid Ahern fallthrough; 494fbee97feSDavid Ahern case XDP_ABORTED: 495fbee97feSDavid Ahern trace_xdp_exception(dev, xdp_prog, act); 496fbee97feSDavid Ahern break; 497fbee97feSDavid Ahern } 498fbee97feSDavid Ahern 499fbee97feSDavid Ahern xdp_return_buff(xdp); 500fbee97feSDavid Ahern return NULL; 501fbee97feSDavid Ahern } 502fbee97feSDavid Ahern 5031d233886SToke Høiland-Jørgensen int dev_xdp_enqueue(struct net_device *dev, struct xdp_buff *xdp, 5041d233886SToke Høiland-Jørgensen struct net_device *dev_rx) 5051d233886SToke Høiland-Jørgensen { 5061d233886SToke Høiland-Jørgensen return __xdp_enqueue(dev, xdp, dev_rx); 5071d233886SToke Høiland-Jørgensen } 5081d233886SToke Høiland-Jørgensen 5091d233886SToke Høiland-Jørgensen int dev_map_enqueue(struct bpf_dtab_netdev *dst, struct xdp_buff *xdp, 5101d233886SToke Høiland-Jørgensen struct net_device *dev_rx) 5111d233886SToke Høiland-Jørgensen { 5121d233886SToke Høiland-Jørgensen struct net_device *dev = dst->dev; 5131d233886SToke Høiland-Jørgensen 514fbee97feSDavid Ahern if (dst->xdp_prog) { 515fbee97feSDavid Ahern xdp = dev_map_run_prog(dev, xdp, dst->xdp_prog); 516fbee97feSDavid Ahern if (!xdp) 517fbee97feSDavid Ahern return 0; 518fbee97feSDavid Ahern } 5191d233886SToke Høiland-Jørgensen return __xdp_enqueue(dev, xdp, dev_rx); 5201d233886SToke Høiland-Jørgensen } 5211d233886SToke Høiland-Jørgensen 5226d5fc195SToshiaki Makita int dev_map_generic_redirect(struct bpf_dtab_netdev *dst, struct sk_buff *skb, 5236d5fc195SToshiaki Makita struct bpf_prog *xdp_prog) 5246d5fc195SToshiaki Makita { 5256d5fc195SToshiaki Makita int err; 5266d5fc195SToshiaki Makita 527d8d7218aSToshiaki Makita err = xdp_ok_fwd_dev(dst->dev, skb->len); 5286d5fc195SToshiaki Makita if (unlikely(err)) 5296d5fc195SToshiaki Makita return err; 5306d5fc195SToshiaki Makita skb->dev = dst->dev; 5316d5fc195SToshiaki Makita generic_xdp_tx(skb, xdp_prog); 5326d5fc195SToshiaki Makita 5336d5fc195SToshiaki Makita return 0; 5346d5fc195SToshiaki Makita } 5356d5fc195SToshiaki Makita 536af4d045cSDaniel Borkmann static void *dev_map_lookup_elem(struct bpf_map *map, void *key) 53711393cc9SJohn Fastabend { 53867f29e07SJesper Dangaard Brouer struct bpf_dtab_netdev *obj = __dev_map_lookup_elem(map, *(u32 *)key); 539af4d045cSDaniel Borkmann 5407f1c0426SDavid Ahern return obj ? &obj->val : NULL; 541af4d045cSDaniel Borkmann } 542af4d045cSDaniel Borkmann 5436f9d451aSToke Høiland-Jørgensen static void *dev_map_hash_lookup_elem(struct bpf_map *map, void *key) 5446f9d451aSToke Høiland-Jørgensen { 5456f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *obj = __dev_map_hash_lookup_elem(map, 5466f9d451aSToke Høiland-Jørgensen *(u32 *)key); 5477f1c0426SDavid Ahern return obj ? &obj->val : NULL; 5486f9d451aSToke Høiland-Jørgensen } 5496f9d451aSToke Høiland-Jørgensen 550546ac1ffSJohn Fastabend static void __dev_map_entry_free(struct rcu_head *rcu) 551546ac1ffSJohn Fastabend { 552af4d045cSDaniel Borkmann struct bpf_dtab_netdev *dev; 553546ac1ffSJohn Fastabend 554af4d045cSDaniel Borkmann dev = container_of(rcu, struct bpf_dtab_netdev, rcu); 555fbee97feSDavid Ahern if (dev->xdp_prog) 556fbee97feSDavid Ahern bpf_prog_put(dev->xdp_prog); 557af4d045cSDaniel Borkmann dev_put(dev->dev); 558af4d045cSDaniel Borkmann kfree(dev); 559546ac1ffSJohn Fastabend } 560546ac1ffSJohn Fastabend 561546ac1ffSJohn Fastabend static int dev_map_delete_elem(struct bpf_map *map, void *key) 562546ac1ffSJohn Fastabend { 563546ac1ffSJohn Fastabend struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 564546ac1ffSJohn Fastabend struct bpf_dtab_netdev *old_dev; 565546ac1ffSJohn Fastabend int k = *(u32 *)key; 566546ac1ffSJohn Fastabend 567546ac1ffSJohn Fastabend if (k >= map->max_entries) 568546ac1ffSJohn Fastabend return -EINVAL; 569546ac1ffSJohn Fastabend 570af4d045cSDaniel Borkmann /* Use call_rcu() here to ensure any rcu critical sections have 57142a84a8cSJohn Fastabend * completed as well as any flush operations because call_rcu 57242a84a8cSJohn Fastabend * will wait for preempt-disable region to complete, NAPI in this 57342a84a8cSJohn Fastabend * context. And additionally, the driver tear down ensures all 57442a84a8cSJohn Fastabend * soft irqs are complete before removing the net device in the 57542a84a8cSJohn Fastabend * case of dev_put equals zero. 576546ac1ffSJohn Fastabend */ 577546ac1ffSJohn Fastabend old_dev = xchg(&dtab->netdev_map[k], NULL); 578546ac1ffSJohn Fastabend if (old_dev) 579546ac1ffSJohn Fastabend call_rcu(&old_dev->rcu, __dev_map_entry_free); 580546ac1ffSJohn Fastabend return 0; 581546ac1ffSJohn Fastabend } 582546ac1ffSJohn Fastabend 5836f9d451aSToke Høiland-Jørgensen static int dev_map_hash_delete_elem(struct bpf_map *map, void *key) 5846f9d451aSToke Høiland-Jørgensen { 5856f9d451aSToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 5866f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *old_dev; 5876f9d451aSToke Høiland-Jørgensen int k = *(u32 *)key; 5886f9d451aSToke Høiland-Jørgensen unsigned long flags; 5896f9d451aSToke Høiland-Jørgensen int ret = -ENOENT; 5906f9d451aSToke Høiland-Jørgensen 5916f9d451aSToke Høiland-Jørgensen spin_lock_irqsave(&dtab->index_lock, flags); 5926f9d451aSToke Høiland-Jørgensen 5936f9d451aSToke Høiland-Jørgensen old_dev = __dev_map_hash_lookup_elem(map, k); 5946f9d451aSToke Høiland-Jørgensen if (old_dev) { 5956f9d451aSToke Høiland-Jørgensen dtab->items--; 5966f9d451aSToke Høiland-Jørgensen hlist_del_init_rcu(&old_dev->index_hlist); 5976f9d451aSToke Høiland-Jørgensen call_rcu(&old_dev->rcu, __dev_map_entry_free); 5986f9d451aSToke Høiland-Jørgensen ret = 0; 5996f9d451aSToke Høiland-Jørgensen } 6006f9d451aSToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 6016f9d451aSToke Høiland-Jørgensen 6026f9d451aSToke Høiland-Jørgensen return ret; 6036f9d451aSToke Høiland-Jørgensen } 6046f9d451aSToke Høiland-Jørgensen 605fca16e51SToke Høiland-Jørgensen static struct bpf_dtab_netdev *__dev_map_alloc_node(struct net *net, 606fca16e51SToke Høiland-Jørgensen struct bpf_dtab *dtab, 6077f1c0426SDavid Ahern struct bpf_devmap_val *val, 608fca16e51SToke Høiland-Jørgensen unsigned int idx) 609546ac1ffSJohn Fastabend { 610fbee97feSDavid Ahern struct bpf_prog *prog = NULL; 611fca16e51SToke Høiland-Jørgensen struct bpf_dtab_netdev *dev; 612546ac1ffSJohn Fastabend 61375ccae62SToke Høiland-Jørgensen dev = kmalloc_node(sizeof(*dev), GFP_ATOMIC | __GFP_NOWARN, 61475ccae62SToke Høiland-Jørgensen dtab->map.numa_node); 615546ac1ffSJohn Fastabend if (!dev) 616fca16e51SToke Høiland-Jørgensen return ERR_PTR(-ENOMEM); 617546ac1ffSJohn Fastabend 6187f1c0426SDavid Ahern dev->dev = dev_get_by_index(net, val->ifindex); 6197f1c0426SDavid Ahern if (!dev->dev) 6207f1c0426SDavid Ahern goto err_out; 621546ac1ffSJohn Fastabend 622fbee97feSDavid Ahern if (val->bpf_prog.fd >= 0) { 623fbee97feSDavid Ahern prog = bpf_prog_get_type_dev(val->bpf_prog.fd, 624fbee97feSDavid Ahern BPF_PROG_TYPE_XDP, false); 625fbee97feSDavid Ahern if (IS_ERR(prog)) 626fbee97feSDavid Ahern goto err_put_dev; 627fbee97feSDavid Ahern if (prog->expected_attach_type != BPF_XDP_DEVMAP) 628fbee97feSDavid Ahern goto err_put_prog; 629fbee97feSDavid Ahern } 630fbee97feSDavid Ahern 631fca16e51SToke Høiland-Jørgensen dev->idx = idx; 632546ac1ffSJohn Fastabend dev->dtab = dtab; 633fbee97feSDavid Ahern if (prog) { 634fbee97feSDavid Ahern dev->xdp_prog = prog; 635fbee97feSDavid Ahern dev->val.bpf_prog.id = prog->aux->id; 636fbee97feSDavid Ahern } else { 637fbee97feSDavid Ahern dev->xdp_prog = NULL; 638fbee97feSDavid Ahern dev->val.bpf_prog.id = 0; 639fbee97feSDavid Ahern } 6407f1c0426SDavid Ahern dev->val.ifindex = val->ifindex; 641fca16e51SToke Høiland-Jørgensen 642fca16e51SToke Høiland-Jørgensen return dev; 643fbee97feSDavid Ahern err_put_prog: 644fbee97feSDavid Ahern bpf_prog_put(prog); 645fbee97feSDavid Ahern err_put_dev: 646fbee97feSDavid Ahern dev_put(dev->dev); 6477f1c0426SDavid Ahern err_out: 6487f1c0426SDavid Ahern kfree(dev); 6497f1c0426SDavid Ahern return ERR_PTR(-EINVAL); 650fca16e51SToke Høiland-Jørgensen } 651fca16e51SToke Høiland-Jørgensen 652fca16e51SToke Høiland-Jørgensen static int __dev_map_update_elem(struct net *net, struct bpf_map *map, 653fca16e51SToke Høiland-Jørgensen void *key, void *value, u64 map_flags) 654fca16e51SToke Høiland-Jørgensen { 655fca16e51SToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 656fbee97feSDavid Ahern struct bpf_devmap_val val = { .bpf_prog.fd = -1 }; 657fca16e51SToke Høiland-Jørgensen struct bpf_dtab_netdev *dev, *old_dev; 658fca16e51SToke Høiland-Jørgensen u32 i = *(u32 *)key; 659fca16e51SToke Høiland-Jørgensen 660fca16e51SToke Høiland-Jørgensen if (unlikely(map_flags > BPF_EXIST)) 661fca16e51SToke Høiland-Jørgensen return -EINVAL; 662fca16e51SToke Høiland-Jørgensen if (unlikely(i >= dtab->map.max_entries)) 663fca16e51SToke Høiland-Jørgensen return -E2BIG; 664fca16e51SToke Høiland-Jørgensen if (unlikely(map_flags == BPF_NOEXIST)) 665fca16e51SToke Høiland-Jørgensen return -EEXIST; 666fca16e51SToke Høiland-Jørgensen 6677f1c0426SDavid Ahern /* already verified value_size <= sizeof val */ 6687f1c0426SDavid Ahern memcpy(&val, value, map->value_size); 6697f1c0426SDavid Ahern 6707f1c0426SDavid Ahern if (!val.ifindex) { 671fca16e51SToke Høiland-Jørgensen dev = NULL; 672fbee97feSDavid Ahern /* can not specify fd if ifindex is 0 */ 673fbee97feSDavid Ahern if (val.bpf_prog.fd != -1) 674fbee97feSDavid Ahern return -EINVAL; 675fca16e51SToke Høiland-Jørgensen } else { 6767f1c0426SDavid Ahern dev = __dev_map_alloc_node(net, dtab, &val, i); 677fca16e51SToke Høiland-Jørgensen if (IS_ERR(dev)) 678fca16e51SToke Høiland-Jørgensen return PTR_ERR(dev); 679546ac1ffSJohn Fastabend } 680546ac1ffSJohn Fastabend 681546ac1ffSJohn Fastabend /* Use call_rcu() here to ensure rcu critical sections have completed 682546ac1ffSJohn Fastabend * Remembering the driver side flush operation will happen before the 683546ac1ffSJohn Fastabend * net device is removed. 684546ac1ffSJohn Fastabend */ 685546ac1ffSJohn Fastabend old_dev = xchg(&dtab->netdev_map[i], dev); 686546ac1ffSJohn Fastabend if (old_dev) 687546ac1ffSJohn Fastabend call_rcu(&old_dev->rcu, __dev_map_entry_free); 688546ac1ffSJohn Fastabend 689546ac1ffSJohn Fastabend return 0; 690546ac1ffSJohn Fastabend } 691546ac1ffSJohn Fastabend 692fca16e51SToke Høiland-Jørgensen static int dev_map_update_elem(struct bpf_map *map, void *key, void *value, 693fca16e51SToke Høiland-Jørgensen u64 map_flags) 694fca16e51SToke Høiland-Jørgensen { 695fca16e51SToke Høiland-Jørgensen return __dev_map_update_elem(current->nsproxy->net_ns, 696fca16e51SToke Høiland-Jørgensen map, key, value, map_flags); 697fca16e51SToke Høiland-Jørgensen } 698fca16e51SToke Høiland-Jørgensen 6996f9d451aSToke Høiland-Jørgensen static int __dev_map_hash_update_elem(struct net *net, struct bpf_map *map, 7006f9d451aSToke Høiland-Jørgensen void *key, void *value, u64 map_flags) 7016f9d451aSToke Høiland-Jørgensen { 7026f9d451aSToke Høiland-Jørgensen struct bpf_dtab *dtab = container_of(map, struct bpf_dtab, map); 703fbee97feSDavid Ahern struct bpf_devmap_val val = { .bpf_prog.fd = -1 }; 7046f9d451aSToke Høiland-Jørgensen struct bpf_dtab_netdev *dev, *old_dev; 7056f9d451aSToke Høiland-Jørgensen u32 idx = *(u32 *)key; 7066f9d451aSToke Høiland-Jørgensen unsigned long flags; 707af58e7eeSToke Høiland-Jørgensen int err = -EEXIST; 7086f9d451aSToke Høiland-Jørgensen 7097f1c0426SDavid Ahern /* already verified value_size <= sizeof val */ 7107f1c0426SDavid Ahern memcpy(&val, value, map->value_size); 7117f1c0426SDavid Ahern 7127f1c0426SDavid Ahern if (unlikely(map_flags > BPF_EXIST || !val.ifindex)) 7136f9d451aSToke Høiland-Jørgensen return -EINVAL; 7146f9d451aSToke Høiland-Jørgensen 715af58e7eeSToke Høiland-Jørgensen spin_lock_irqsave(&dtab->index_lock, flags); 716af58e7eeSToke Høiland-Jørgensen 7176f9d451aSToke Høiland-Jørgensen old_dev = __dev_map_hash_lookup_elem(map, idx); 7186f9d451aSToke Høiland-Jørgensen if (old_dev && (map_flags & BPF_NOEXIST)) 719af58e7eeSToke Høiland-Jørgensen goto out_err; 7206f9d451aSToke Høiland-Jørgensen 7217f1c0426SDavid Ahern dev = __dev_map_alloc_node(net, dtab, &val, idx); 722af58e7eeSToke Høiland-Jørgensen if (IS_ERR(dev)) { 723af58e7eeSToke Høiland-Jørgensen err = PTR_ERR(dev); 724af58e7eeSToke Høiland-Jørgensen goto out_err; 725af58e7eeSToke Høiland-Jørgensen } 7266f9d451aSToke Høiland-Jørgensen 7276f9d451aSToke Høiland-Jørgensen if (old_dev) { 7286f9d451aSToke Høiland-Jørgensen hlist_del_rcu(&old_dev->index_hlist); 7296f9d451aSToke Høiland-Jørgensen } else { 7306f9d451aSToke Høiland-Jørgensen if (dtab->items >= dtab->map.max_entries) { 7316f9d451aSToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 7326f9d451aSToke Høiland-Jørgensen call_rcu(&dev->rcu, __dev_map_entry_free); 7336f9d451aSToke Høiland-Jørgensen return -E2BIG; 7346f9d451aSToke Høiland-Jørgensen } 7356f9d451aSToke Høiland-Jørgensen dtab->items++; 7366f9d451aSToke Høiland-Jørgensen } 7376f9d451aSToke Høiland-Jørgensen 7386f9d451aSToke Høiland-Jørgensen hlist_add_head_rcu(&dev->index_hlist, 7396f9d451aSToke Høiland-Jørgensen dev_map_index_hash(dtab, idx)); 7406f9d451aSToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 7416f9d451aSToke Høiland-Jørgensen 7426f9d451aSToke Høiland-Jørgensen if (old_dev) 7436f9d451aSToke Høiland-Jørgensen call_rcu(&old_dev->rcu, __dev_map_entry_free); 7446f9d451aSToke Høiland-Jørgensen 7456f9d451aSToke Høiland-Jørgensen return 0; 746af58e7eeSToke Høiland-Jørgensen 747af58e7eeSToke Høiland-Jørgensen out_err: 748af58e7eeSToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 749af58e7eeSToke Høiland-Jørgensen return err; 7506f9d451aSToke Høiland-Jørgensen } 7516f9d451aSToke Høiland-Jørgensen 7526f9d451aSToke Høiland-Jørgensen static int dev_map_hash_update_elem(struct bpf_map *map, void *key, void *value, 7536f9d451aSToke Høiland-Jørgensen u64 map_flags) 7546f9d451aSToke Høiland-Jørgensen { 7556f9d451aSToke Høiland-Jørgensen return __dev_map_hash_update_elem(current->nsproxy->net_ns, 7566f9d451aSToke Høiland-Jørgensen map, key, value, map_flags); 7576f9d451aSToke Høiland-Jørgensen } 7586f9d451aSToke Høiland-Jørgensen 759546ac1ffSJohn Fastabend const struct bpf_map_ops dev_map_ops = { 760546ac1ffSJohn Fastabend .map_alloc = dev_map_alloc, 761546ac1ffSJohn Fastabend .map_free = dev_map_free, 762546ac1ffSJohn Fastabend .map_get_next_key = dev_map_get_next_key, 763546ac1ffSJohn Fastabend .map_lookup_elem = dev_map_lookup_elem, 764546ac1ffSJohn Fastabend .map_update_elem = dev_map_update_elem, 765546ac1ffSJohn Fastabend .map_delete_elem = dev_map_delete_elem, 766e8d2bec0SDaniel Borkmann .map_check_btf = map_check_no_btf, 767546ac1ffSJohn Fastabend }; 7682ddf71e2SJohn Fastabend 7696f9d451aSToke Høiland-Jørgensen const struct bpf_map_ops dev_map_hash_ops = { 7706f9d451aSToke Høiland-Jørgensen .map_alloc = dev_map_alloc, 7716f9d451aSToke Høiland-Jørgensen .map_free = dev_map_free, 7726f9d451aSToke Høiland-Jørgensen .map_get_next_key = dev_map_hash_get_next_key, 7736f9d451aSToke Høiland-Jørgensen .map_lookup_elem = dev_map_hash_lookup_elem, 7746f9d451aSToke Høiland-Jørgensen .map_update_elem = dev_map_hash_update_elem, 7756f9d451aSToke Høiland-Jørgensen .map_delete_elem = dev_map_hash_delete_elem, 7766f9d451aSToke Høiland-Jørgensen .map_check_btf = map_check_no_btf, 7776f9d451aSToke Høiland-Jørgensen }; 7786f9d451aSToke Høiland-Jørgensen 779ce197d83SToke Høiland-Jørgensen static void dev_map_hash_remove_netdev(struct bpf_dtab *dtab, 780ce197d83SToke Høiland-Jørgensen struct net_device *netdev) 781ce197d83SToke Høiland-Jørgensen { 782ce197d83SToke Høiland-Jørgensen unsigned long flags; 783ce197d83SToke Høiland-Jørgensen u32 i; 784ce197d83SToke Høiland-Jørgensen 785ce197d83SToke Høiland-Jørgensen spin_lock_irqsave(&dtab->index_lock, flags); 786ce197d83SToke Høiland-Jørgensen for (i = 0; i < dtab->n_buckets; i++) { 787ce197d83SToke Høiland-Jørgensen struct bpf_dtab_netdev *dev; 788ce197d83SToke Høiland-Jørgensen struct hlist_head *head; 789ce197d83SToke Høiland-Jørgensen struct hlist_node *next; 790ce197d83SToke Høiland-Jørgensen 791ce197d83SToke Høiland-Jørgensen head = dev_map_index_hash(dtab, i); 792ce197d83SToke Høiland-Jørgensen 793ce197d83SToke Høiland-Jørgensen hlist_for_each_entry_safe(dev, next, head, index_hlist) { 794ce197d83SToke Høiland-Jørgensen if (netdev != dev->dev) 795ce197d83SToke Høiland-Jørgensen continue; 796ce197d83SToke Høiland-Jørgensen 797ce197d83SToke Høiland-Jørgensen dtab->items--; 798ce197d83SToke Høiland-Jørgensen hlist_del_rcu(&dev->index_hlist); 799ce197d83SToke Høiland-Jørgensen call_rcu(&dev->rcu, __dev_map_entry_free); 800ce197d83SToke Høiland-Jørgensen } 801ce197d83SToke Høiland-Jørgensen } 802ce197d83SToke Høiland-Jørgensen spin_unlock_irqrestore(&dtab->index_lock, flags); 803ce197d83SToke Høiland-Jørgensen } 804ce197d83SToke Høiland-Jørgensen 8052ddf71e2SJohn Fastabend static int dev_map_notification(struct notifier_block *notifier, 8062ddf71e2SJohn Fastabend ulong event, void *ptr) 8072ddf71e2SJohn Fastabend { 8082ddf71e2SJohn Fastabend struct net_device *netdev = netdev_notifier_info_to_dev(ptr); 8092ddf71e2SJohn Fastabend struct bpf_dtab *dtab; 81075ccae62SToke Høiland-Jørgensen int i, cpu; 8112ddf71e2SJohn Fastabend 8122ddf71e2SJohn Fastabend switch (event) { 81375ccae62SToke Høiland-Jørgensen case NETDEV_REGISTER: 81475ccae62SToke Høiland-Jørgensen if (!netdev->netdev_ops->ndo_xdp_xmit || netdev->xdp_bulkq) 81575ccae62SToke Høiland-Jørgensen break; 81675ccae62SToke Høiland-Jørgensen 81775ccae62SToke Høiland-Jørgensen /* will be freed in free_netdev() */ 81875ccae62SToke Høiland-Jørgensen netdev->xdp_bulkq = 81975ccae62SToke Høiland-Jørgensen __alloc_percpu_gfp(sizeof(struct xdp_dev_bulk_queue), 82075ccae62SToke Høiland-Jørgensen sizeof(void *), GFP_ATOMIC); 82175ccae62SToke Høiland-Jørgensen if (!netdev->xdp_bulkq) 82275ccae62SToke Høiland-Jørgensen return NOTIFY_BAD; 82375ccae62SToke Høiland-Jørgensen 82475ccae62SToke Høiland-Jørgensen for_each_possible_cpu(cpu) 82575ccae62SToke Høiland-Jørgensen per_cpu_ptr(netdev->xdp_bulkq, cpu)->dev = netdev; 82675ccae62SToke Høiland-Jørgensen break; 8272ddf71e2SJohn Fastabend case NETDEV_UNREGISTER: 8284cc7b954SJohn Fastabend /* This rcu_read_lock/unlock pair is needed because 8294cc7b954SJohn Fastabend * dev_map_list is an RCU list AND to ensure a delete 8304cc7b954SJohn Fastabend * operation does not free a netdev_map entry while we 8314cc7b954SJohn Fastabend * are comparing it against the netdev being unregistered. 8324cc7b954SJohn Fastabend */ 8334cc7b954SJohn Fastabend rcu_read_lock(); 8344cc7b954SJohn Fastabend list_for_each_entry_rcu(dtab, &dev_map_list, list) { 835ce197d83SToke Høiland-Jørgensen if (dtab->map.map_type == BPF_MAP_TYPE_DEVMAP_HASH) { 836ce197d83SToke Høiland-Jørgensen dev_map_hash_remove_netdev(dtab, netdev); 837ce197d83SToke Høiland-Jørgensen continue; 838ce197d83SToke Høiland-Jørgensen } 839ce197d83SToke Høiland-Jørgensen 8402ddf71e2SJohn Fastabend for (i = 0; i < dtab->map.max_entries; i++) { 8414cc7b954SJohn Fastabend struct bpf_dtab_netdev *dev, *odev; 8422ddf71e2SJohn Fastabend 8434cc7b954SJohn Fastabend dev = READ_ONCE(dtab->netdev_map[i]); 844f592f804STaehee Yoo if (!dev || netdev != dev->dev) 8452ddf71e2SJohn Fastabend continue; 8464cc7b954SJohn Fastabend odev = cmpxchg(&dtab->netdev_map[i], dev, NULL); 8474cc7b954SJohn Fastabend if (dev == odev) 8482ddf71e2SJohn Fastabend call_rcu(&dev->rcu, 8492ddf71e2SJohn Fastabend __dev_map_entry_free); 8502ddf71e2SJohn Fastabend } 8512ddf71e2SJohn Fastabend } 8524cc7b954SJohn Fastabend rcu_read_unlock(); 8532ddf71e2SJohn Fastabend break; 8542ddf71e2SJohn Fastabend default: 8552ddf71e2SJohn Fastabend break; 8562ddf71e2SJohn Fastabend } 8572ddf71e2SJohn Fastabend return NOTIFY_OK; 8582ddf71e2SJohn Fastabend } 8592ddf71e2SJohn Fastabend 8602ddf71e2SJohn Fastabend static struct notifier_block dev_map_notifier = { 8612ddf71e2SJohn Fastabend .notifier_call = dev_map_notification, 8622ddf71e2SJohn Fastabend }; 8632ddf71e2SJohn Fastabend 8642ddf71e2SJohn Fastabend static int __init dev_map_init(void) 8652ddf71e2SJohn Fastabend { 86696360004SBjörn Töpel int cpu; 86796360004SBjörn Töpel 86867f29e07SJesper Dangaard Brouer /* Assure tracepoint shadow struct _bpf_dtab_netdev is in sync */ 86967f29e07SJesper Dangaard Brouer BUILD_BUG_ON(offsetof(struct bpf_dtab_netdev, dev) != 87067f29e07SJesper Dangaard Brouer offsetof(struct _bpf_dtab_netdev, dev)); 8712ddf71e2SJohn Fastabend register_netdevice_notifier(&dev_map_notifier); 87296360004SBjörn Töpel 87396360004SBjörn Töpel for_each_possible_cpu(cpu) 8741d233886SToke Høiland-Jørgensen INIT_LIST_HEAD(&per_cpu(dev_flush_list, cpu)); 8752ddf71e2SJohn Fastabend return 0; 8762ddf71e2SJohn Fastabend } 8772ddf71e2SJohn Fastabend 8782ddf71e2SJohn Fastabend subsys_initcall(dev_map_init); 879