Hi all,
Thanks for the comments - I'll update and send new patches.
On Sat, Aug 5, 2023 at 10:34 AM Markus Armbruster <[email protected]> wrote:
>
> Andrew Melnychenko <[email protected]> writes:
>
> > Now, the binary objects may be retrieved by id.
> > It would require for future qmp commands that may require specific
> > eBPF blob.
> >
> > Added command "request-ebpf". This command returns
> > eBPF program encoded base64. The program taken from the
> > skeleton and essentially is an ELF object that can be
> > loaded in the future with libbpf.
> >
> > The reason to use the command to provide the eBPF object
> > instead of a separate artifact was to avoid issues related
> > to finding the eBPF itself. eBPF object is an ELF binary
> > that contains the eBPF program and eBPF map description(BTF).
> > Overall, eBPF object should contain the program and enough
> > metadata to create/load eBPF with libbpf. As the eBPF
> > maps/program should correspond to QEMU, the eBPF can't
> > be used from different QEMU build.
> >
> > The first solution was a helper that comes with QEMU
> > and loads appropriate eBPF objects. And the issue is
> > to find a proper helper if the system has several
> > different QEMUs installed and/or built from the source,
> > which helpers may not be compatible.
> >
> > Another issue is QEMU updating while there is a running
> > QEMU instance. With an updated helper, it may not be
> > possible to hotplug virtio-net device to the already
> > running QEMU. Overall, requesting the eBPF object from
> > QEMU itself solves possible failures with acceptable effort.
> >
> > Links:
> > [PATCH 3/5] qmp: Added the helper stamp check.
> > https://lore.kernel.org/all/[email protected]/
> >
> > Signed-off-by: Andrew Melnychenko <[email protected]>
> > ---
>
> [...]
>
> > diff --git a/qapi/ebpf.json b/qapi/ebpf.json
> > new file mode 100644
> > index 00000000000..40851f8c177
> > --- /dev/null
> > +++ b/qapi/ebpf.json
> > @@ -0,0 +1,57 @@
> > +# -*- Mode: Python -*-
> > +# vim: filetype=python
> > +#
> > +# This work is licensed under the terms of the GNU GPL, version 2 or later.
> > +# See the COPYING file in the top-level directory.
> > +
> > +##
> > +# = eBPF Objects
> > +##
> > +
> > +{ 'include': 'common.json' }
>
> This looks superfluous.
>
> > +
> > +##
> > +# @EbpfObject:
> > +#
> > +# Structure that holds eBPF ELF object encoded in base64.
> > +#
> > +# Since: 8.3
>
> 8.2
>
> More of the same below, not noting it again.
>
> > +#
> > +##
>
> You're not documenting member @object. Leaving a member undocumented
> should be a hard error. It isn't only because we have hundreds of
> instances to fix.
>
> Generated documentation looks like
>
> "EbpfObject" (Object)
> ---------------------
>
> Structure that holds eBPF ELF object encoded in base64.
>
>
> Members
> ~~~~~~~
>
> "object": "string"
> Not documented
>
> [...]
>
> This isn't what you want :)
>
> Better:
>
> ##
> # @EbpfObject:
> #
> # An eBPF ELF object.
> #
> # @object: the eBPF object encoded in base64
> #
> # Since: 8.2
> ##
>
> > +{ 'struct': 'EbpfObject',
> > + 'data': {'object': 'str'},
> > + 'if': 'CONFIG_EBPF' }
> > +
> > +##
> > +# @EbpfProgramID:
> > +#
> > +# The eBPF programs that can be gotten with request-ebpf.
> > +#
> > +# @rss: Receive side scaling, technology that allows steering traffic
> > +# between queues by calculation hash. Users may set up indirection table
> > +# and hash/packet types configurations. Used with virtio-net.
>
> Please format like
>
> # @rss: Receive side scaling, technology that allows steering traffic
> # between queues by calculation hash. Users may set up
> # indirection table and hash/packet types configurations. Used
> # with virtio-net.
>
> to blend in with recent commit a937b6aa739 (qapi: Reformat doc comments
> to conform to current conventions).
Thank you, I'll check it!
>
> > +#
> > +# Since: 8.3
> > +##
> > +{ 'enum': 'EbpfProgramID',
> > + 'if': 'CONFIG_EBPF',
> > + 'data': [ { 'name': 'rss' } ] }
> > +
> > +##
> > +# @request-ebpf:
> > +#
> > +# Returns eBPF object that can be loaded with libbpf.
> > +# Management applications (g.e. libvirt) may load it and pass file
> > +# descriptors to QEMU. Which allows running QEMU without BPF capabilities.
> > +# It's crucial that eBPF program/map is compatible with QEMU, so it's
> > +# provided through QMP.
> > +#
> > +# Returns: RSS eBPF object encoded in base64.
>
> What does "RSS" mean?
RSS - Receive-side Scaling.
>
> > +#
> > +# Since: 8.3
> > +#
> > +##
>
> You're not documenting argument @id.
>
> Generated documentation looks like
>
> "request-ebpf" (Command)
> ------------------------
>
> Returns eBPF object that can be loaded with libbpf. Management
> applications (g.e. libvirt) may load it and pass file descriptors to
> QEMU. Which allows running QEMU without BPF capabilities. It's crucial
> that eBPF program/map is compatible with QEMU, so it's provided
> through QMP.
>
>
> Arguments
> ~~~~~~~~~
>
> "id": "EbpfProgramID"
> Not documented
>
>
> Returns
> ~~~~~~~
>
> RSS eBPF object encoded in base64.
> [...]
>
> Here's my try:
>
> ##
> # @request-ebpf:
> #
> # Retrieve an eBPF object that can be loaded with libbpf. Management
> # applications (g.e. libvirt) may load it and pass file descriptors to
> # QEMU, so they can run running QEMU without BPF capabilities.
> #
> # @id: The ID of the program to return.
> #
> # Returns: RSS eBPF object encoded in base64.
> #
> # Since: 8.3
> ##
>
> I omitted the "It's crucial" part, because I feel rationale doesn't
> belong here. The commit message still has us covered.
>
> > +{ 'command': 'request-ebpf',
> > + 'data': { 'id': 'EbpfProgramID' },
> > + 'returns': 'EbpfObject',
> > + 'if': 'CONFIG_EBPF' }
>
> Terminology: you use "eBPF program" and "eBPF object". What's the
> difference? If there's none, use only one term, please. To me,
> "program" feels more clear.
The eBPF object/blob is an ELF containing eBPF program and eBPF map
descriptions.
I've tried to cover it in the commit letter - I think adding an
explanation in the .json file is a good idea.
The "request-ebpf" should return an ELF object, so libbpf could open
and load it.
>
> > diff --git a/qapi/meson.build b/qapi/meson.build
> > index 60a668b3432..90047dae1c8 100644
> > --- a/qapi/meson.build
> > +++ b/qapi/meson.build
> > @@ -33,6 +33,7 @@ qapi_all_modules = [
> > 'crypto',
> > 'cxl',
> > 'dump',
> > + 'ebpf',
> > 'error',
> > 'introspect',
> > 'job',
> > diff --git a/qapi/qapi-schema.json b/qapi/qapi-schema.json
> > index 6594afba312..2c82a49baec 100644
> > --- a/qapi/qapi-schema.json
> > +++ b/qapi/qapi-schema.json
> > @@ -53,6 +53,7 @@
> > { 'include': 'char.json' }
> > { 'include': 'dump.json' }
> > { 'include': 'net.json' }
> > +{ 'include': 'ebpf.json' }
> > { 'include': 'rdma.json' }
> > { 'include': 'rocker.json' }
> > { 'include': 'tpm.json' }
>
