[ovs-dev] [PATCH v3 1/4] netdev-afxdp: Enable loading XDP program.

Toshiaki Makita toshiaki.makita1 at gmail.com
Mon Jul 27 15:04:40 UTC 2020


Hi William,

On 2020/07/16 23:09, Toshiaki Makita wrote:
> On 2020/07/16 10:30, William Tu wrote:
>> On Mon, Jun 29, 2020 at 8:30 AM Toshiaki Makita
>> <toshiaki.makita1 at gmail.com> wrote:
>>>
>>> From: William Tu <u9012063 at gmail.com>
>>>
>>> Now netdev-afxdp always forwards all packets to userspace because
>>> it is using libbpf's default XDP program, see 'xsk_load_xdp_prog'.
>>> There are some cases when users want to keep packets in kernel instead
>>> of sending to userspace, for example, management traffic such as SSH
>>> should be processed in kernel.
>>>
>>> The patch enables loading the user-provided XDP program by
>>>    $ovs-vsctl -- set int afxdp-p0 options:xdp-obj=<path/to/xdp/obj>
>>>
>>> So users can implement their filtering logic or traffic steering idea
>>> in their XDP program, and rest of the traffic passes to AF_XDP socket
>>> handled by OVS.
>>>
>>> Note: kernel in AF_XDP CI test is updated to 5.5 because libbpf from 5.3
>>> does not have newly used APIs like "bpf_program__get_type".
>>>
>>> Signed-off-by: William Tu <u9012063 at gmail.com>
>>> Co-Authored-by: Toshiaki Makita <toshiaki.makita1 at gmail.com>
>>> Signed-off-by: Toshiaki Makita <toshiaki.makita1 at gmail.com>
>>> ---
>>>   .travis.yml                           |   2 +-
>>>   Documentation/intro/install/afxdp.rst |  59 ++++++++++
>>>   NEWS                                  |   2 +
>>>   lib/netdev-afxdp.c                    | 154 ++++++++++++++++++++++++--
>>>   lib/netdev-linux-private.h            |   3 +
>>>   5 files changed, 212 insertions(+), 8 deletions(-)
>>>
>>> diff --git a/.travis.yml b/.travis.yml
>>> index 527240a67..26b55a3e6 100644
>>> --- a/.travis.yml
>>> +++ b/.travis.yml
>>> @@ -40,7 +40,7 @@ env:
>>>     - TESTSUITE=1 LIBS=-ljemalloc
>>>     - KERNEL_LIST="5.5  4.20 4.19 4.18 4.17 4.16"
>>>     - KERNEL_LIST="4.15 4.14 4.9  4.4  3.19 3.16"
>>> -  - AFXDP=1 KERNEL=5.3
>>> +  - AFXDP=1 KERNEL=5.5
>>>     - M32=1 OPTS="--disable-ssl"
>>>     - DPDK=1 OPTS="--enable-shared"
>>>     - DPDK_SHARED=1
>>> diff --git a/Documentation/intro/install/afxdp.rst 
>>> b/Documentation/intro/install/afxdp.rst
>>> index 3c8f78825..2cd02477f 100644
>>> --- a/Documentation/intro/install/afxdp.rst
>>> +++ b/Documentation/intro/install/afxdp.rst
>>> @@ -300,6 +300,65 @@ Or, use OVS pmd tool::
>>>     ovs-appctl dpif-netdev/pmd-stats-show
>>>
>>>
>>> +Loading Custom XDP Program
>>> +--------------------------
>>> +By defailt, netdev-afxdp always forwards all packets to userspace because
>>> +it is using libbpf's default XDP program. There are some cases when users
>>> +want to keep packets in kernel instead of sending to userspace, for example,
>>> +management traffic such as SSH should be processed in kernel. This can be
>>> +done by loading the user-provided XDP program::
>>> +
>>> +  ovs-vsctl -- set int afxdp-p0 options:xdp-obj=<path/to/xdp/obj>
>>
>> I tested it again and realize it's actually working ok.
>> at xsk_load_prog, we've checked using BTF the existence of "xsks_map".
> 
> I think bpf_object__find_map_by_name() does not depend on BTF.
> 
>> And only loaded to the ifindex when the "xsks_map" is there in object file.
>>
>> The error I got before is due to using an old object file which has no BTF info.
>> (due to compile using clang8). In that case it's creating infinitely
>> loop for adding
>> and deleting.
>>
>> In short, this patch works OK, as long as BTF info is there in the object.
>> William
> 
> So BTF should not have anything to do with this problem...
> I'll test it with a program without BTF.

Tested it with a program without BTF nor maps.

```
$ readelf -S noop.o | grep map
$ readelf -S noop.o | grep BTF
$
```

Even with this program, reconfiguration loop did not happen as expected.

Toshiaki Makita


More information about the dev mailing list