Bpf iterator is introduced in Commit ae24345da54e
("bpf: Implement an interface to register bpf_iter targets")
which iterates through a particular kernel data
structure and bpf program will be called for each
traversed kernel object.
Bpf iterator has been implemented for task, task_file,
bpf_map, ipv6_route, netlink, tcp and udp so far.
For map elements, there are two ways to traverse all elements from
user space:
1. using BPF_MAP_GET_NEXT_KEY bpf subcommand to get elements
one by one.
2. using BPF_MAP_LOOKUP_BATCH bpf subcommand to get a batch of
elements.
Both these approaches need to copy data from kernel to user space
in order to do inspection.
This patch implements bpf iterator for map elements.
User can have a bpf program in kernel to run with each map element,
do checking, filtering, aggregation, etc. without copying data
to user space.
Patch #1 and #2 are refactoring. Patch #3 implements readonly buffer
support in verifier. Patches #4 - #7 implements map element support
for hash, percpu hash, lru hash lru percpu hash, array, percpu array
and sock local storage maps. Patches #8 - #9 are libbpf and bpftool
support. Patches #10 - #13 are selftests for implemented
map element iterators.
Yonghong Song (13):
bpf: refactor bpf_iter_reg to have separate seq_info member
bpf: refactor to provide aux info to bpf_iter_init_seq_priv_t
bpf: support readonly buffer in verifier
bpf: implement bpf iterator for map elements
bpf: implement bpf iterator for hash maps
bpf: implement bpf iterator for array maps
bpf: implement bpf iterator for sock local storage map
tools/libbpf: add support for bpf map element iterator
tools/bpftool: add bpftool support for bpf map element iterator
selftests/bpf: add test for bpf hash map iterators
selftests/bpf: add test for bpf array map iterators
selftests/bpf: add a test for bpf sk_storage_map iterator
selftests/bpf: add a test for out of bound rdonly buf access
fs/proc/proc_net.c | 2 +-
include/linux/bpf.h | 43 +-
include/linux/bpf_verifier.h | 2 +
include/linux/proc_fs.h | 3 +-
include/uapi/linux/bpf.h | 7 +
kernel/bpf/arraymap.c | 140 ++++++
kernel/bpf/bpf_iter.c | 89 +++-
kernel/bpf/btf.c | 13 +
kernel/bpf/hashtab.c | 191 ++++++++
kernel/bpf/map_iter.c | 62 ++-
kernel/bpf/task_iter.c | 18 +-
kernel/bpf/verifier.c | 74 ++-
net/core/bpf_sk_storage.c | 203 +++++++++
net/ipv4/tcp_ipv4.c | 12 +-
net/ipv4/udp.c | 12 +-
net/ipv6/route.c | 8 +-
net/netlink/af_netlink.c | 8 +-
.../bpftool/Documentation/bpftool-iter.rst | 16 +-
tools/bpf/bpftool/iter.c | 32 +-
tools/include/uapi/linux/bpf.h | 7 +
tools/lib/bpf/bpf.c | 1 +
tools/lib/bpf/bpf.h | 3 +-
tools/lib/bpf/libbpf.c | 10 +-
tools/lib/bpf/libbpf.h | 3 +-
.../selftests/bpf/prog_tests/bpf_iter.c | 422 ++++++++++++++++++
.../bpf/progs/bpf_iter_bpf_array_map.c | 38 ++
.../bpf/progs/bpf_iter_bpf_hash_map.c | 100 +++++
.../bpf/progs/bpf_iter_bpf_percpu_array_map.c | 48 ++
.../bpf/progs/bpf_iter_bpf_percpu_hash_map.c | 51 +++
.../bpf/progs/bpf_iter_bpf_sk_storage_map.c | 35 ++
.../selftests/bpf/progs/bpf_iter_test_kern5.c | 36 ++
31 files changed, 1624 insertions(+), 65 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_bpf_array_map.c
create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_bpf_hash_map.c
create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_bpf_percpu_array_map.c
create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_bpf_percpu_hash_map.c
create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_map.c
create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_test_kern5.c
--
2.24.1
