projects
/
flowspec-xdp
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
0a516f6
)
Support a wrapper XDP prog which can call the defined xdp_drop meth
author
Matt Corallo
<git@bluematt.me>
Tue, 11 May 2021 21:00:12 +0000
(21:00 +0000)
committer
Matt Corallo
<git@bluematt.me>
Tue, 11 May 2021 21:08:29 +0000
(21:08 +0000)
install.sh
patch
|
blob
|
history
xdp.c
patch
|
blob
|
history
diff --git
a/install.sh
b/install.sh
index 66ea534e0e9c41e64b87f00df40f7e0fc77ad691..d77a8b0a66a5dd941fa78fdb39e14488da44e2cd 100755
(executable)
--- a/
install.sh
+++ b/
install.sh
@@
-1,11
+1,28
@@
#!/bin/bash
set -e
#!/bin/bash
set -e
+CLANG_ARGS=""
+XDP_SECTION="xdp_drop"
+if [ "$2" != "" ]; then
+ CLANG_ARGS="-DHAVE_WRAPPER"
+ XDP_SECTION="$3"
+ if [ ! -f "$2" -o "$3" = "" ]; then
+ echo "To use a wrapper C file, call as $0 interface path/to/wrapper.c xdp_section wrapper-clang-args"
+ exit 1
+ fi
+fi
+
RULES="$(birdc show route table flowspec4 primary all)
$(birdc show route table flowspec6 primary all)"
echo "$RULES" | ./genrules.py --8021q=drop-vlan --v6frag=ignore-parse-if-rule --ihl=parse-options
RULES="$(birdc show route table flowspec4 primary all)
$(birdc show route table flowspec6 primary all)"
echo "$RULES" | ./genrules.py --8021q=drop-vlan --v6frag=ignore-parse-if-rule --ihl=parse-options
-clang -g -std=c99 -pedantic -Wall -Wextra -Wno-pointer-arith -Wno-unused-variable -O3 -emit-llvm -c xdp.c -o - | llc -O3 -march=bpf -filetype=obj -o xdp
+clang $CLANG_ARGS -g -std=c99 -pedantic -Wall -Wextra -Wno-pointer-arith -Wno-unused-variable -O3 -emit-llvm -c xdp.c -o xdp.bc
+if [ "$2" != "" ]; then
+ clang $4 -g -std=c99 -pedantic -Wall -Wextra -Wno-pointer-arith -Wno-unused-variable -O3 -emit-llvm -c "$2" -o wrapper.bc
+ llvm-link xdp.bc wrapper.bc | llc -O3 -march=bpf -filetype=obj -o xdp
+else
+ cat xdp.bc | llc -O3 -march=bpf -filetype=obj -o xdp
+fi
echo "Before unload drop count was:"
./dropcount.sh || echo "Not loaded"
echo "Before unload drop count was:"
./dropcount.sh || echo "Not loaded"
@@
-13,9
+30,9
@@
echo "Before unload drop count was:"
ip link set "$1" xdp off
ip link set "$1" xdpgeneric off
# Note that sometimes the automated fallback does not work properly so we have to || generic here
ip link set "$1" xdp off
ip link set "$1" xdpgeneric off
# Note that sometimes the automated fallback does not work properly so we have to || generic here
-ip link set "$1" xdpoffload obj xdp sec
xdp_drop
|| (
- echo "Failed to install in NIC, testing in driver..." && ip link set "$1" xdpdrv obj xdp sec
xdp_drop
|| (
- echo "Failed to install in driver, using generic..." && ip link set "$1" xdpgeneric obj xdp sec
xdp_drop
+ip link set "$1" xdpoffload obj xdp sec
$XDP_SECTION
|| (
+ echo "Failed to install in NIC, testing in driver..." && ip link set "$1" xdpdrv obj xdp sec
$XDP_SECTION
|| (
+ echo "Failed to install in driver, using generic..." && ip link set "$1" xdpgeneric obj xdp sec
$XDP_SECTION
)
)
echo "$RULES" | grep "^flow. {" > installed-rules.txt
)
)
echo "$RULES" | grep "^flow. {" > installed-rules.txt
diff --git
a/xdp.c
b/xdp.c
index fc8f2c3bff94b7d24954ccc34dc3fc598a41b148..b473ace29b3ed0c1ccbefa8ee1461945e059dad2 100644
(file)
--- a/
xdp.c
+++ b/
xdp.c
@@
-186,8
+186,10
@@
struct {
} rate_map SEC(".maps");
#endif
} rate_map SEC(".maps");
#endif
+#ifndef HAVE_WRAPPER // Set this to call xdp_drop externally
SEC("xdp_drop")
#endif
SEC("xdp_drop")
#endif
+#endif
int xdp_drop_prog(struct xdp_md *ctx)
{
const void *const data_end = (void *)(size_t)ctx->data_end;
int xdp_drop_prog(struct xdp_md *ctx)
{
const void *const data_end = (void *)(size_t)ctx->data_end;