Re: [PATCH net-next v5 2/3] bpf: Add new cgroup attach type to enable sock modifications

On 11/29/16 10:41 PM, Alexei Starovoitov wrote: > I don't see a complexity. It was straightforward for skb bitfields, > but if there is some unforeseen issue, it's better to tackle it now > otherwise the feature may never come and this 'infra for sockets' will > stay as 'infra for vrf only' and I'm

Re: [PATCH net-next v5 2/3] bpf: Add new cgroup attach type to enable sock modifications

On Tue, Nov 29, 2016 at 06:07:18PM -0700, David Ahern wrote: > On 11/29/16 5:59 PM, Alexei Starovoitov wrote: > > On Tue, Nov 29, 2016 at 05:43:08PM -0700, David Ahern wrote: > >> On 11/29/16 1:01 PM, Alexei Starovoitov wrote: > >>> Could you also expose sk_protcol and sk_type as read only fields?

Re: [PATCH net-next v5 2/3] bpf: Add new cgroup attach type to enable sock modifications

On 11/29/16 5:59 PM, Alexei Starovoitov wrote: > On Tue, Nov 29, 2016 at 05:43:08PM -0700, David Ahern wrote: >> On 11/29/16 1:01 PM, Alexei Starovoitov wrote: >>> Could you also expose sk_protcol and sk_type as read only fields? >> >> Those are bitfields in struct sock, so can't use offsetof or si

Re: [PATCH net-next v5 2/3] bpf: Add new cgroup attach type to enable sock modifications

On Tue, Nov 29, 2016 at 05:43:08PM -0700, David Ahern wrote: > On 11/29/16 1:01 PM, Alexei Starovoitov wrote: > > Could you also expose sk_protcol and sk_type as read only fields? > > Those are bitfields in struct sock, so can't use offsetof or sizeof. Any > existing use cases that try to load a

Re: [PATCH net-next v5 2/3] bpf: Add new cgroup attach type to enable sock modifications

On 11/29/16 1:01 PM, Alexei Starovoitov wrote: > Could you also expose sk_protcol and sk_type as read only fields? Those are bitfields in struct sock, so can't use offsetof or sizeof. Any existing use cases that try to load a bitfield in a bpf that I can look at?

Re: [PATCH net-next v5 2/3] bpf: Add new cgroup attach type to enable sock modifications

On 11/29/16 1:01 PM, Alexei Starovoitov wrote: > Could you also expose sk_protcol and sk_type as read only fields? > They have user space visible values already and will make this new > BPF_PROG_TYPE_CGROUP_SOCK program type much more useful beyond vrf > use case. Like we'll be able to write a tiny

Re: [PATCH net-next v5 2/3] bpf: Add new cgroup attach type to enable sock modifications

On Tue, Nov 29, 2016 at 07:53:32AM -0800, David Ahern wrote: > Add new cgroup based program type, BPF_PROG_TYPE_CGROUP_SOCK. Similar to > BPF_PROG_TYPE_CGROUP_SKB programs can be attached to a cgroup and run > any time a process in the cgroup opens an AF_INET or AF_INET6 socket. > Currently only sk

[PATCH net-next v5 2/3] bpf: Add new cgroup attach type to enable sock modifications

Add new cgroup based program type, BPF_PROG_TYPE_CGROUP_SOCK. Similar to BPF_PROG_TYPE_CGROUP_SKB programs can be attached to a cgroup and run any time a process in the cgroup opens an AF_INET or AF_INET6 socket. Currently only sk_bound_dev_if is exported to userspace for modification by a bpf prog