On Mon, Apr 22, 2019 at 08:55:43AM -0700, Stanislav Fomichev wrote: > Currently, when eth_get_headlen calls flow dissector, it doesn't pass any > skb. Because we use passed skb to lookup associated networking namespace > to find whether we have a BPF program attached or not, we always use > C-based flow dissector in this case. > > The goal of this patch series is to add new networking namespace argument > to the eth_get_headlen and make BPF flow dissector programs be able to > work in the skb-less case. > > The series goes like this: > * use new kernel context (struct bpf_flow_dissector) for flow dissector > programs; this makes it easy to distinguish between skb and no-skb > case and supports calling BPF flow dissector on a chunk of raw data > * convert BPF_PROG_TEST_RUN to use raw data > * plumb network namespace into __skb_flow_dissect from all callers > * handle no-skb case in __skb_flow_dissect > * update eth_get_headlen to include net namespace argument and > convert all existing users > * add selftest to make sure bpf_skb_load_bytes is not allowed in > the no-skb mode > * extend test_progs to exercise skb-less flow dissection as well > * stop adjusting nhoff/thoff by ETH_HLEN in BPF_PROG_TEST_RUN > > v6: > * more suggestions by Alexei: > * eth_get_headlen now takes net dev, not net namespace > * test skb-less case via tun eth_get_headlen > * fix return errors in bpf_flow_load > * don't adjust nhoff/thoff by ETH_HLEN All looks good to me. But I don't trust myself reviewing flow dissector bits :) Eric and Willem, could you please take a look as well and hopefully ack it ? Thanks!
