linux_dsm_epyc7002/scripts
Jakub Sitnicki e9ddbb7707 bpf: Introduce SK_LOOKUP program type with a dedicated attach point
Add a new program type BPF_PROG_TYPE_SK_LOOKUP with a dedicated attach type
BPF_SK_LOOKUP. The new program kind is to be invoked by the transport layer
when looking up a listening socket for a new connection request for
connection oriented protocols, or when looking up an unconnected socket for
a packet for connection-less protocols.

When called, SK_LOOKUP BPF program can select a socket that will receive
the packet. This serves as a mechanism to overcome the limits of what
bind() API allows to express. Two use-cases driving this work are:

 (1) steer packets destined to an IP range, on fixed port to a socket

     192.0.2.0/24, port 80 -> NGINX socket

 (2) steer packets destined to an IP address, on any port to a socket

     198.51.100.1, any port -> L7 proxy socket

In its run-time context program receives information about the packet that
triggered the socket lookup. Namely IP version, L4 protocol identifier, and
address 4-tuple. Context can be further extended to include ingress
interface identifier.

To select a socket BPF program fetches it from a map holding socket
references, like SOCKMAP or SOCKHASH, and calls bpf_sk_assign(ctx, sk, ...)
helper to record the selection. Transport layer then uses the selected
socket as a result of socket lookup.

In its basic form, SK_LOOKUP acts as a filter and hence must return either
SK_PASS or SK_DROP. If the program returns with SK_PASS, transport should
look for a socket to receive the packet, or use the one selected by the
program if available, while SK_DROP informs the transport layer that the
lookup should fail.

This patch only enables the user to attach an SK_LOOKUP program to a
network namespace. Subsequent patches hook it up to run on local delivery
path in ipv4 and ipv6 stacks.

Suggested-by: Marek Majkowski <marek@cloudflare.com>
Signed-off-by: Jakub Sitnicki <jakub@cloudflare.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20200717103536.397595-3-jakub@cloudflare.com
2020-07-17 20:18:16 -07:00
..
atomic locking/atomics: Provide the arch_atomic_ interface to generic code 2020-06-25 08:23:22 -07:00
basic modpost,fixdep: Replace zero-length array with flexible-array 2020-05-26 00:03:16 +09:00
coccinelle net: remove newlines in NL_SET_ERR_MSG_MOD 2020-05-07 17:56:14 -07:00
dtc scripts/dtc: Update to upstream version v1.6.0-11-g9d7888cbf19c 2020-06-30 08:42:26 -06:00
dummy-tools kbuild: add dummy toolchains to enable all cc-option etc. in Kconfig 2020-04-09 00:13:45 +09:00
gcc-plugins gcc-plugins: fix gcc-plugins directory path in documentation 2020-06-28 12:16:55 +09:00
gdb scripts/gdb: repair rb_first() and rb_last() 2020-05-07 19:27:20 -07:00
genksyms .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
kconfig kconfig: qconf: parse newer types at debug info 2020-07-02 00:11:06 +09:00
ksymoops
mod Kbuild updates for v5.8 2020-06-06 12:00:25 -07:00
package kbuild: fix broken builds because of GZIP,BZIP2,LZOP variables 2020-06-11 20:14:41 +09:00
selinux SPDX patches for 5.7-rc1. 2020-04-03 13:12:26 -07:00
tracing
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
adjust_autoksyms.sh kbuild: split adjust_autoksyms.sh in two parts 2020-03-03 20:49:21 +09:00
asn1_compiler.c
bin2c.c
bloat-o-meter
bootgraph.pl
bpf_helpers_doc.py bpf: Introduce SK_LOOKUP program type with a dedicated attach point 2020-07-17 20:18:16 -07:00
cc-can-link.sh
check_extable.sh
check-sysctl-docs docs: add a script to check sysctl docs 2020-02-25 03:35:16 -07:00
checkincludes.pl
checkkconfigsymbols.py
checkpatch.pl The Kernel Concurrency Sanitizer (KCSAN) 2020-06-11 18:55:43 -07:00
checkstack.pl scripts/checkstack.pl: fix arm sp regex 2020-05-26 00:03:16 +09:00
checksyscalls.sh
checkversion.pl
clang-version.sh
cleanfile
cleanpatch
coccicheck
config scripts/config: allow colons in option strings for sed 2020-04-23 01:10:16 +09:00
const_structs.checkpatch
decode_stacktrace.sh scripts/decode_stacktrace: warn when modpath is needed but is unset 2020-06-15 15:37:24 -07:00
decodecode scripts/decodecode: fix trapping instruction formatting 2020-05-07 19:27:20 -07:00
depmod.sh
diffconfig
documentation-file-ref-check scripts: documentation-file-ref-check: Add line break before exit 2020-04-15 15:13:13 -06:00
export_report.pl modpost: move the namespace field in Module.symvers last 2020-03-17 08:59:03 +09:00
extract_xc3028.pl
extract-cert.c
extract-ikconfig
extract-module-sig.pl
extract-sys-certs.pl
extract-vmlinux
faddr2line
file-size.sh
find-unused-docs.sh
gcc-goto.sh
gcc-ld
gcc-plugin.sh gcc-plugins: drop support for GCC <= 4.7 2020-04-09 00:13:45 +09:00
gcc-version.sh
gcc-x86_32-has-stack-protector.sh
gcc-x86_64-has-stack-protector.sh
gen_autoksyms.sh kbuild: generate autoksyms.h early 2020-03-03 20:49:21 +09:00
gen_compile_commands.py
gen_ksymdeps.sh
get_abi.pl
get_dvb_firmware
get_maintainer.pl get_maintainer: fix unexpected behavior for path/to//file (double slashes) 2020-06-04 19:06:24 -07:00
gfp-translate
headerdep.pl
headers_check.pl
headers_install.sh scripts: Fix typo in headers_install.sh 2020-06-17 10:44:55 +09:00
insert-sys-cert.c
jobserver-exec
kallsyms.c gcc-10 warnings: fix low-hanging fruit 2020-05-04 09:16:37 -07:00
Kbuild.include kbuild: improve cc-option to clean up all temporary files 2020-06-17 10:20:21 +09:00
Kconfig.include kconfig: unify cc-option and as-option 2020-06-17 10:38:42 +09:00
kernel-doc Replace HTTP links with HTTPS ones: documentation 2020-06-08 09:30:19 -06:00
ld-version.sh
leaking_addresses.pl
Lindent
link-vmlinux.sh bpf: Resolve BTF IDs in vmlinux image 2020-07-13 10:42:02 -07:00
Makefile kbuild: remove -I$(srctree)/tools/include from scripts/Makefile 2020-04-09 00:13:45 +09:00
Makefile.asm-generic
Makefile.build kbuild: update modules.order only when contained modules are updated 2020-06-03 13:22:17 +09:00
Makefile.clean kbuild: add infrastructure to build userspace programs 2020-05-17 18:52:01 +09:00
Makefile.dtbinst kbuild: refactor Makefile.dtbinst more 2020-03-25 10:19:43 +09:00
Makefile.extrawarn kbuild: Move -Wtype-limits to W=2 2020-07-09 18:00:56 -07:00
Makefile.gcc-plugins
Makefile.headersinst
Makefile.host kbuild: use -MMD instead of -MD to exclude system headers from dependency 2020-05-12 13:28:33 +09:00
Makefile.kasan
Makefile.kcov
Makefile.kcsan kcsan: Pass option tsan-instrument-read-before-write to Clang 2020-06-11 20:04:01 +02:00
Makefile.lib dt-bindings: copy process-schema-examples.yaml to process-schema.yaml 2020-06-30 08:42:26 -06:00
Makefile.modfinal
Makefile.modinst
Makefile.modpost modpost: move -d option in scripts/Makefile.modpost 2020-06-06 23:38:13 +09:00
Makefile.modsign
Makefile.package kbuild: fix broken builds because of GZIP,BZIP2,LZOP variables 2020-06-11 20:14:41 +09:00
Makefile.ubsan ubsan: split "bounds" checker from other options 2020-04-07 10:43:44 -07:00
Makefile.userprogs kbuild: add infrastructure to build userspace programs 2020-05-17 18:52:01 +09:00
makelst
markup_oops.pl
mkcompile_h kbuild: use CONFIG_CC_VERSION_TEXT to construct LINUX_COMPILER macro 2020-05-12 13:28:33 +09:00
mkmakefile
mksysmap mksysmap: Fix the mismatch of '.L' symbols in System.map 2020-06-06 23:39:20 +09:00
mkuboot.sh
module-common.lds
modules-check.sh kbuild: make module name conflict fatal error 2020-05-26 00:03:16 +09:00
namespace.pl
nsdeps
objdiff
parse-maintainers.pl parse-maintainers: Do not sort section content by default 2020-03-26 15:08:27 -07:00
patch-kernel
profile2linkerlist.pl
prune-kernel
recordmcount.c
recordmcount.h recordmcount: support >64k sections 2020-06-16 21:21:00 -04:00
recordmcount.pl
setlocalversion
show_delta
sign-file.c
sorttable.c
sorttable.h
spdxcheck-test.sh
spdxcheck.py
spelling.txt scripts/spelling: add a few more typos 2020-06-10 19:14:17 -07:00
sphinx-pre-install scripts: sphinx-pre-install: change the output order 2020-04-28 12:52:52 -06:00
split-man.pl
stackdelta
stackusage
subarch.include
tags.sh
tools-support-relr.sh
unifdef.c
ver_linux ver_linux: Query ld cache for versions of libc/libcpp run-time 2020-02-10 13:35:15 -08:00
xen-hypercalls.sh
xz_wrap.sh kbuild: add variables for compression tools 2020-06-06 23:42:01 +09:00