On Sat, Oct 09, 2021 at 12:20:27AM +0200, Toke Høiland-Jørgensen wrote:
> So if we can't fix the verifier, maybe we could come up with a more
> general helper for packet parsing? Something like:
>
> bpf_for_each_pkt_chunk(ctx, offset, callback_fn, callback_arg)
> {
> ptr = ctx->data + offset;
> while (ptr < ctx->data_end) {
> offset = callback_fn(ptr, ctx->data_end, callback_arg);
> if (offset == 0)
> return 0;
> ptr += offset;
> }
>
> // out of bounds before callback was done
> return -EINVAL;
> }
>
> This would work for parsing any kind of packet header or TLV-style data
> without having to teach the kernel about each header type. It'll have
> quite a bit of overhead if all the callbacks happen via indirect calls,
> but maybe the verifier can inline the calls (or at least turn them into
> direct CALL instructions)?
Direct call different callback_fn? bpf_for_each_pkt_chunk() is a kernel
function. It would be nice if the verifier could do that.
This for_each helper had been considered also. Other than the need
to callback in a loop, the thought was to extend the existing
bpf_load_hdr_opt() because our initial feedback is the same
header handling logic cannot be used in xdp which is confusing.
I don't mind to go with the for_each helper. However, with another
thought, if it needs to call a function in the loop anyway, I think
it could also be done in bpf by putting a global function in a loop.
Need to try and double check.
