Yonghong Song wrote: > > > On 11/20/22 6:10 PM, John Fastabend wrote: > > Yonghong Song wrote: > >> Currenty, a non-tracing bpf program typically has a single 'context' argument > >> with predefined uapi struct type. Following these uapi struct, user is able > >> to access other fields defined in uapi header. Inside the kernel, the > >> user-seen 'context' argument is replaced with 'kernel context' (or 'kctx' > >> in short) which can access more information than what uapi header provides. > >> To access other info not in uapi header, people typically do two things: > >> (1). extend uapi to access more fields rooted from 'context'. > >> (2). use bpf_probe_read_kernl() helper to read particular field based on > >> kctx. [...] > > From myside this allows us to pull in the dev info and from that get > > netns so fixes a gap we had to split into a kprobe + xdp. > > > > If we can get a pointer to the recv queue then with a few reads we > > get the hash, vlan, etc. (see timestapm thread) > > Thanks, John. Glad to see it is useful. > > > > > And then last bit is if we can get a ptr to the net ns list, plus > > Unfortunately, currently vmlinux btf does not have non-percpu global > variables, so net_namespace_list is not available to bpf programs. > But I think we could do the following with a little bit user space > initial involvement as a workaround. What would you think of another kfunc, bpf_get_global_var() to fetch the global reference and cast it with a type? I think even if you had it in BTF you would still need some sort of helper otherwise how would you know what scope of the var should be and get it correct in type checker as a TRUSTED arg? I think for my use case UNTRUSTED is find, seeing we do it with probe_reads already, but getting a TRUSTED arg seems nicer given it can be known correct from kernel side. I was thinking something like, struct net *head = bpf_get_global_var(net_namespace_list, bpf_core_type_id_kernel(struct *net)); > > In bpf program, we could have global variable > __u64 net_namespace_list; > and user space can lookup /proc/kallsyms for net_namespace_list > and assign it to bpf program 'net_namespace_list' before prog load. > > After that, you could implement an in-bpf-prog iterator with bounded > loop to ensure eventual ending. You can use > struct list_head *lh = bpf_rdonly_cast(net_namespace_list, > struct_list_head_btf_id) > cast to struct list_head pointer. From there you can tracing down > the list with needed bpf_rdonly_cast() for casting to element type. > > > the rcu patch we can build the net ns iterator directly in BPF > > I just posted rcu patch > https://lore.kernel.org/bpf/20221121170515.1193967-1-yhs@xxxxxx/ > Please help take a look whether it can serve your need. Will look.
