Re: A couple eBPF and cls_act questions


Daniel Borkmann
 

On 08/08/2018 10:48 PM, Dan Siemon wrote:
On Wed, 2018-08-08 at 21:43 +0200, Daniel Borkmann wrote:
Is there a way to hook post qdisc? I looked a bit at XDP, but it
seems
that is only Rx now?
There's a tracepoint right before netdev_start_xmit() which is called
trace_net_dev_start_xmit(). So you could combine sch_clsact egress
with
cls_bpf and a BPF prog on the tracepoint right before handing the skb
to the driver, they could share a map for example for the tuple to
counters
mapping, so you would still be able to do the major work in cls_bpf
outside the qdisc lock.
Thanks. I don't know much about tracepoints but will look into this. I
gather these are capable of the same rates as the tc hooks?
Depends on what rates you are targeting, you might want to check BPF
raw tracepoints to reduce overhead given this would be in hot path.
From f6ef56589374 ("Merge branch 'bpf-raw-tracepoints'") that tested
samples/bpf/test_overhead performance on 1 CPU, it says:

tracepoint base kprobe+bpf tracepoint+bpf raw_tracepoint+bpf
task_rename 1.1M 769K 947K 1.0M
urandom_read 789K 697K 750K 755K

Where would the context extracted from the packet in the BPF prog (eg
5-tuple) be stashed so the tracepoint program can get at it without
parsing the headers again?
Probably makes sense to flatten part of the key and map it into
skb->mark, or store it into skb->cb[], or store an offset there
that points into the packet.

Ideally this context is extracted once the ingress port and flows with
the SKB through to the egress port so we don't need to parse the
headers more than once.

Is the XDP on Tx idea something worth even talking about or is the
tracepoint basically equivalent?

Similarly, does it make any sense to add a post-qdisc tc hook where a
clsact could be attached? In this model, the same program could count
pre or post qdisc just based on where it was attached.
I think it might be useful, a sch_clsact subhook would avoid having to
unclone or linearize the skb. There's also an option to place cls_bpf
in direct-action mode into sch_fq_codel which would come after your htb
(see fq_codel_classify()), but I presumed you also want the hook after
that.

Join iovisor-dev@lists.iovisor.org to automatically receive all group messages.