Alexei Starovoitov wrote: > On 11/21/22 5:48 PM, John Fastabend wrote: > > Yonghong Song wrote: > >> > >> > >> On 11/20/22 6:10 PM, John Fastabend wrote: > >>> Yonghong Song wrote: > >>>> Currenty, a non-tracing bpf program typically has a single 'context' argument > >>>> with predefined uapi struct type. Following these uapi struct, user is able > >>>> to access other fields defined in uapi header. Inside the kernel, the > >>>> user-seen 'context' argument is replaced with 'kernel context' (or 'kctx' > >>>> in short) which can access more information than what uapi header provides. > >>>> To access other info not in uapi header, people typically do two things: > >>>> (1). extend uapi to access more fields rooted from 'context'. > >>>> (2). use bpf_probe_read_kernl() helper to read particular field based on > >>>> kctx. > > > > [...] > > > >>> From myside this allows us to pull in the dev info and from that get > >>> netns so fixes a gap we had to split into a kprobe + xdp. > >>> > >>> If we can get a pointer to the recv queue then with a few reads we > >>> get the hash, vlan, etc. (see timestapm thread) > >> > >> Thanks, John. Glad to see it is useful. > >> > >>> > >>> And then last bit is if we can get a ptr to the net ns list, plus > >> > >> Unfortunately, currently vmlinux btf does not have non-percpu global > >> variables, so net_namespace_list is not available to bpf programs. > >> But I think we could do the following with a little bit user space > >> initial involvement as a workaround. > > > > What would you think of another kfunc, bpf_get_global_var() to fetch > > the global reference and cast it with a type? I think even if you > > had it in BTF you would still need some sort of helper otherwise > > how would you know what scope of the var should be and get it > > correct in type checker as a TRUSTED arg? I think for my use case > > UNTRUSTED is find, seeing we do it with probe_reads already, but > > getting a TRUSTED arg seems nicer given it can be known correct > > from kernel side. > > > > I was thinking something like, > > > > struct net *head = bpf_get_global_var(net_namespace_list, > > bpf_core_type_id_kernel(struct *net)); > > We cannot do this as ptr_trusted, since it's an unknown cast. I think you _could_ do it if the kfunc new to check the case type and knew that net_namespace_list should return that specific global. The verifier would special code that var and type. > The verifier cannot trust bpf prog to do the right thing. > But we can enable this buy adding export_symbol_gpl global vars to BTF. > Then they will be trusted and their types correct. > Pretty much like per-cpu variables. > Yep this is the more generic way and sounds better to me. Anyone working on adding the global var to BTF now? Thanks, John
