1. 06 Apr, 2015 1 commit
    • Alexei Starovoitov's avatar
      tc: bpf: add checksum helpers · 91bc4822
      Alexei Starovoitov authored
      Commit 608cd71a ("tc: bpf: generalize pedit action") has added the
      possibility to mangle packet data to BPF programs in the tc pipeline.
      This patch adds two helpers bpf_l3_csum_replace() and bpf_l4_csum_replace()
      for fixing up the protocol checksums after the packet mangling.
      It also adds 'flags' argument to bpf_skb_store_bytes() helper to avoid
      unnecessary checksum recomputations when BPF programs adjusting l3/l4
      checksums and documents all three helpers in uapi header.
      Moreover, a sample program is added to show how BPF programs can make use
      of the mangle and csum helpers.
      Signed-off-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Acked-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  2. 17 Mar, 2015 1 commit
  3. 16 Mar, 2015 1 commit
  4. 01 Mar, 2015 2 commits
  5. 24 Feb, 2015 7 commits
  6. 17 Feb, 2015 1 commit
  7. 09 Feb, 2015 4 commits
  8. 04 Feb, 2015 1 commit
  9. 27 Jan, 2015 1 commit
  10. 23 Dec, 2014 1 commit
  11. 22 Dec, 2014 1 commit
  12. 06 Dec, 2014 4 commits
    • Alexei Starovoitov's avatar
      samples: bpf: large eBPF program in C · fbe33108
      Alexei Starovoitov authored
      sockex2_kern.c is purposefully large eBPF program in C.
      llvm compiles ~200 lines of C code into ~300 eBPF instructions.
      It's similar to __skb_flow_dissect() to demonstrate that complex packet parsing
      can be done by eBPF.
      Then it uses (struct flow_keys)->dst IP address (or hash of ipv6 dst) to keep
      stats of number of packets per IP.
      User space loads eBPF program, attaches it to loopback interface and prints
      dest_ip->#packets stats every second.
      $sudo samples/bpf/sockex2
      ip count 19
      ip count 178115
      ip count 369437
      ip count 559841
      ip count 750539
      Signed-off-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Alexei Starovoitov's avatar
      samples: bpf: trivial eBPF program in C · a8085782
      Alexei Starovoitov authored
      this example does the same task as previous socket example
      in assembler, but this one does it in C.
      eBPF program in kernel does:
          /* assume that packet is IPv4, load one byte of IP->proto */
          int index = load_byte(skb, ETH_HLEN + offsetof(struct iphdr, protocol));
          long *value;
          value = bpf_map_lookup_elem(&my_map, &index);
          if (value)
              __sync_fetch_and_add(value, 1);
      Corresponding user space reads map[tcp], map[udp], map[icmp]
      and prints protocol stats every second
      Signed-off-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Alexei Starovoitov's avatar
      samples: bpf: elf_bpf file loader · 249b812d
      Alexei Starovoitov authored
      simple .o parser and loader using BPF syscall.
      .o is a standard ELF generated by LLVM backend
      It parses elf file compiled by llvm .c->.o
      - parses 'maps' section and creates maps via BPF syscall
      - parses 'license' section and passes it to syscall
      - parses elf relocations for BPF maps and adjusts BPF_LD_IMM64 insns
        by storing map_fd into insn->imm and marking such insns as BPF_PSEUDO_MAP_FD
      - loads eBPF programs via BPF syscall
      One ELF file can contain multiple BPF programs.
      int load_bpf_file(char *path);
      populates prog_fd[] and map_fd[] with FDs received from bpf syscall
      bpf_helpers.h - helper functions available to eBPF programs written in C
      Signed-off-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Alexei Starovoitov's avatar
      samples: bpf: example of stateful socket filtering · 03f4723e
      Alexei Starovoitov authored
      this socket filter example does:
      - creates arraymap in kernel with key 4 bytes and value 8 bytes
      - loads eBPF program which assumes that packet is IPv4 and loads one byte of
        IP->proto from the packet and uses it as a key in a map
        r0 = skb->data[ETH_HLEN + offsetof(struct iphdr, protocol)];
        *(u32*)(fp - 4) = r0;
        value = bpf_map_lookup_elem(map_fd, fp - 4);
        if (value)
             (*(u64*)value) += 1;
      - attaches this program to raw socket
      - every second user space reads map[IPPROTO_TCP], map[IPPROTO_UDP], map[IPPROTO_ICMP]
        to see how many packets of given protocol were seen on loopback interface
      $sudo samples/bpf/sock_example
      TCP 0 UDP 0 ICMP 0 packets
      TCP 187600 UDP 0 ICMP 4 packets
      TCP 376504 UDP 0 ICMP 8 packets
      TCP 563116 UDP 0 ICMP 12 packets
      TCP 753144 UDP 0 ICMP 16 packets
      Signed-off-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  13. 18 Nov, 2014 2 commits
  14. 30 Oct, 2014 1 commit
  15. 22 Oct, 2014 1 commit
  16. 02 Oct, 2014 1 commit
  17. 26 Sep, 2014 2 commits
    • Alexei Starovoitov's avatar
      bpf: mini eBPF library, test stubs and verifier testsuite · 3c731eba
      Alexei Starovoitov authored
      the library includes a trivial set of BPF syscall wrappers:
      int bpf_create_map(int key_size, int value_size, int max_entries);
      int bpf_update_elem(int fd, void *key, void *value);
      int bpf_lookup_elem(int fd, void *key, void *value);
      int bpf_delete_elem(int fd, void *key);
      int bpf_get_next_key(int fd, void *key, void *next_key);
      int bpf_prog_load(enum bpf_prog_type prog_type,
      		  const struct sock_filter_int *insns, int insn_len,
      		  const char *license);
      bpf_prog_load() stores verifier log into global bpf_log_buf[] array
      and BPF_*() macros to build instructions
      test stubs configure eBPF infra with 'unspec' map and program types.
      These are fake types used by user space testsuite only.
      verifier tests valid and invalid programs and expects predefined
      error log messages from kernel.
      40 tests so far.
      $ sudo ./test_verifier
       #0 add+sub+mul OK
       #1 unreachable OK
       #2 unreachable2 OK
       #3 out of range jump OK
       #4 out of range jump2 OK
       #5 test1 ld_imm64 OK
      Signed-off-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Michael Ellerman's avatar
      kprobes: update jprobe_example.c for do_fork() change · e8ac6ea8
      Michael Ellerman authored
      In commit e80d6661 "flagday: kill pt_regs argument of do_fork()", the
      arguments to do_fork() changed.
      The example code in jprobe_example.c was not updated to match, so the
      arguments inside the jprobe handler do not match reality.
      Fix it by updating the arguments to match do_fork(). While we're at it
      use pr_info() for brevity, and print stack_start as well for interest.
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Acked-by: default avatarMasami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
      Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
  18. 01 Jul, 2014 1 commit
  19. 21 Jun, 2014 1 commit
    • Steven Rostedt's avatar
      tracing: Add __field_struct macro for TRACE_EVENT() · 4d4c9cc8
      Steven Rostedt authored
      Currently the __field() macro in TRACE_EVENT is only good for primitive
      values, such as integers and pointers, but it fails on complex data types
      such as structures or unions. This is because the __field() macro
      determines if the variable is signed or not with the test of:
        (((type)(-1)) < (type)1)
      Unfortunately, that fails when type is a structure.
      Since trace events should support structures as fields a new macro
      is created for such a case called __field_struct() which acts exactly
      the same as __field() does but it does not do the signed type check
      and just uses a constant false for that answer.
      Cc: Tony Luck <tony.luck@gmail.com>
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
  20. 14 May, 2014 1 commit
  21. 03 Apr, 2014 1 commit
    • Markos Chandras's avatar
      samples/seccomp/Makefile: do not build tests if cross-compiling for MIPS · e9107f88
      Markos Chandras authored
      The Makefile is designed to use the host toolchain so it may be unsafe
      to build the tests if the kernel has been configured and built for
      another architecture.  This fixes a build problem when the kernel has
      been configured and built for the MIPS architecture but the host is not
      MIPS (cross-compiled).  The MIPS syscalls are only defined if one of the
      following is true:
       1) _MIPS_SIM == _MIPS_SIM_ABI64
       2) _MIPS_SIM == _MIPS_SIM_ABI32
       3) _MIPS_SIM == _MIPS_SIM_NABI32
      Of course, none of these make sense on a non-MIPS toolchain and the
      following build problem occurs when building on a non-MIPS host.
        linux/usr/include/linux/kexec.h:50: userspace cannot reference function or variable defined in the kernel
        samples/seccomp/bpf-direct.c: In function `emulator':
        samples/seccomp/bpf-direct.c:76:17: error: `__NR_write' undeclared (first use in this function)
      Signed-off-by: default avatarMarkos Chandras <markos.chandras@imgtec.com>
      Reported-by: default avatarPaul Gortmaker <paul.gortmaker@windriver.com>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
  22. 03 Dec, 2013 1 commit
  23. 15 Nov, 2013 1 commit
    • Stefani Seibold's avatar
      kfifo API type safety · 498d319b
      Stefani Seibold authored
      This patch enhances the type safety for the kfifo API.  It is now safe
      to put const data into a non const FIFO and the API will now generate a
      compiler warning when reading from the fifo where the destination
      address is pointing to a const variable.
      As a side effect the kfifo_put() does now expect the value of an element
      instead a pointer to the element.  This was suggested Russell King.  It
      make the handling of the kfifo_put easier since there is no need to
      create a helper variable for getting the address of a pointer or to pass
      integers of different sizes.
      IMHO the API break is okay, since there are currently only six users of
      The code is also cleaner by kicking out the "if (0)" expressions.
      [akpm@linux-foundation.org: coding-style fixes]
      Signed-off-by: default avatarStefani Seibold <stefani@seibold.net>
      Cc: Russell King <rmk@arm.linux.org.uk>
      Cc: Hauke Mehrtens <hauke@hauke-m.de>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
  24. 04 Sep, 2013 1 commit
    • David Herrmann's avatar
      HID: uhid: improve uhid example client · f5e4e7fd
      David Herrmann authored
      This extends the uhid example client. It properly documents the built-in
      report-descriptor an adds explicit report-numbers.
      Furthermore, LED output reports are added to utilize the new UHID output
      reports of the kernel. Support for 3 basic LEDs is added and a small
      report-parser to print debug messages if output reports were received.
      To test this, simply write the EV_LED+LED_CAPSL+1 event to the evdev
      device-node of the uhid-device and the kernel will forward it to your uhid
      Signed-off-by: default avatarDavid Herrmann <dh.herrmann@gmail.com>
      Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
  25. 30 Aug, 2013 1 commit