git.maquefel.me Git - linux.git/commit

author	Daniel Xu <dxu@dxuuu.xyz>
	Thu, 14 Dec 2023 22:49:02 +0000 (15:49 -0700)
committer	Alexei Starovoitov <ast@kernel.org>
	Fri, 15 Dec 2023 01:12:49 +0000 (17:12 -0800)
commit	8f0ec8c681755f523cf842bfe350ea40609b83a9
tree	09854f18f530083819738a3c283fe95d16952ee4	tree \| snapshot
parent	56925f389e152dcb8d093435d43b78a310539c23	commit \| diff

bpf: xfrm: Add bpf_xdp_get_xfrm_state() kfunc

This commit adds an unstable kfunc helper to access internal xfrm_state
associated with an SA. This is intended to be used for the upcoming
IPsec pcpu work to assign special pcpu SAs to a particular CPU. In other
words: for custom software RSS.

That being said, the function that this kfunc wraps is fairly generic
and used for a lot of xfrm tasks. I'm sure people will find uses
elsewhere over time.

This commit also adds a corresponding bpf_xdp_xfrm_state_release() kfunc
to release the refcnt acquired by bpf_xdp_get_xfrm_state(). The verifier
will require that all acquired xfrm_state's are released.

Co-developed-by: Antony Antony <antony.antony@secunet.com>
Signed-off-by: Antony Antony <antony.antony@secunet.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
Link: https://lore.kernel.org/r/a29699c42f5fad456b875c98dd11c6afc3ffb707.1702593901.git.dxu@dxuuu.xyz
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

include/net/xfrm.h		diff \| blob \| history
net/xfrm/Makefile		diff \| blob \| history
net/xfrm/xfrm_policy.c		diff \| blob \| history
net/xfrm/xfrm_state_bpf.c	[new file with mode: 0644]	blob