search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge tag 'for-linus' of git://github.com/openrisc/linux
[linux/fpc-iii.git] / kernel / bpf / cpumap.c
blobf1c46529929bd397b7f23230e69eddae54eb79b9
1 // SPDX-License-Identifier: GPL-2.0-only
2 /* bpf/cpumap.c
3 *
4 * Copyright (c) 2017 Jesper Dangaard Brouer, Red Hat Inc.
5 */
6
7 /* The 'cpumap' is primarily used as a backend map for XDP BPF helper
8 * call bpf_redirect_map() and XDP_REDIRECT action, like 'devmap'.
9 *
10 * Unlike devmap which redirects XDP frames out another NIC device,
11 * this map type redirects raw XDP frames to another CPU. The remote
12 * CPU will do SKB-allocation and call the normal network stack.
13 *
14 * This is a scalability and isolation mechanism, that allow
15 * separating the early driver network XDP layer, from the rest of the
16 * netstack, and assigning dedicated CPUs for this stage. This
17 * basically allows for 10G wirespeed pre-filtering via bpf.
18 */
19 #include <linux/bpf.h>
20 #include <linux/filter.h>
21 #include <linux/ptr_ring.h>
22 #include <net/xdp.h>
23
24 #include <linux/sched.h>
25 #include <linux/workqueue.h>
26 #include <linux/kthread.h>
27 #include <linux/capability.h>
28 #include <trace/events/xdp.h>
29
30 #include <linux/netdevice.h> /* netif_receive_skb_core */
31 #include <linux/etherdevice.h> /* eth_type_trans */
32
33 /* General idea: XDP packets getting XDP redirected to another CPU,
34 * will maximum be stored/queued for one driver ->poll() call. It is
35 * guaranteed that queueing the frame and the flush operation happen on
36 * same CPU. Thus, cpu_map_flush operation can deduct via this_cpu_ptr()
37 * which queue in bpf_cpu_map_entry contains packets.
38 */
39
40 #define CPU_MAP_BULK_SIZE 8 /* 8 == one cacheline on 64-bit archs */
41 struct bpf_cpu_map_entry;
42 struct bpf_cpu_map;
43
44 struct xdp_bulk_queue {
45 void *q[CPU_MAP_BULK_SIZE];
46 struct list_head flush_node;
47 struct bpf_cpu_map_entry *obj;
48 unsigned int count;
49 };
50
51 /* Struct for every remote "destination" CPU in map */
52 struct bpf_cpu_map_entry {
53 u32 cpu; /* kthread CPU and map index */
54 int map_id; /* Back reference to map */
55
56 /* XDP can run multiple RX-ring queues, need __percpu enqueue store */
57 struct xdp_bulk_queue __percpu *bulkq;
58
59 struct bpf_cpu_map *cmap;
60
61 /* Queue with potential multi-producers, and single-consumer kthread */
62 struct ptr_ring *queue;
63 struct task_struct *kthread;
64
65 struct bpf_cpumap_val value;
66 struct bpf_prog *prog;
67
68 atomic_t refcnt; /* Control when this struct can be free'ed */
69 struct rcu_head rcu;
70
71 struct work_struct kthread_stop_wq;
72 };
73
74 struct bpf_cpu_map {
75 struct bpf_map map;
76 /* Below members specific for map type */
77 struct bpf_cpu_map_entry **cpu_map;
78 };
79
80 static DEFINE_PER_CPU(struct list_head, cpu_map_flush_list);
81
82 static int bq_flush_to_queue(struct xdp_bulk_queue *bq);
83
84 static struct bpf_map *cpu_map_alloc(union bpf_attr *attr)
85 {
86 u32 value_size = attr->value_size;
87 struct bpf_cpu_map *cmap;
88 int err = -ENOMEM;
89 u64 cost;
90 int ret;
91
92 if (!bpf_capable())
93 return ERR_PTR(-EPERM);
94
95 /* check sanity of attributes */
96 if (attr->max_entries == 0 || attr->key_size != 4 ||
97 (value_size != offsetofend(struct bpf_cpumap_val, qsize) &&
98 value_size != offsetofend(struct bpf_cpumap_val, bpf_prog.fd)) ||
99 attr->map_flags & ~BPF_F_NUMA_NODE)
100 return ERR_PTR(-EINVAL);
101
102 cmap = kzalloc(sizeof(*cmap), GFP_USER);
103 if (!cmap)
104 return ERR_PTR(-ENOMEM);
105
106 bpf_map_init_from_attr(&cmap->map, attr);
107
108 /* Pre-limit array size based on NR_CPUS, not final CPU check */
109 if (cmap->map.max_entries > NR_CPUS) {
110 err = -E2BIG;
111 goto free_cmap;
112 }
113
114 /* make sure page count doesn't overflow */
115 cost = (u64) cmap->map.max_entries * sizeof(struct bpf_cpu_map_entry *);
116
117 /* Notice returns -EPERM on if map size is larger than memlock limit */
118 ret = bpf_map_charge_init(&cmap->map.memory, cost);
119 if (ret) {
120 err = ret;
121 goto free_cmap;
122 }
123
124 /* Alloc array for possible remote "destination" CPUs */
125 cmap->cpu_map = bpf_map_area_alloc(cmap->map.max_entries *
126 sizeof(struct bpf_cpu_map_entry *),
127 cmap->map.numa_node);
128 if (!cmap->cpu_map)
129 goto free_charge;
130
131 return &cmap->map;
132 free_charge:
133 bpf_map_charge_finish(&cmap->map.memory);
134 free_cmap:
135 kfree(cmap);
136 return ERR_PTR(err);
137 }
138
139 static void get_cpu_map_entry(struct bpf_cpu_map_entry *rcpu)
140 {
141 atomic_inc(&rcpu->refcnt);
142 }
143
144 /* called from workqueue, to workaround syscall using preempt_disable */
145 static void cpu_map_kthread_stop(struct work_struct *work)
146 {
147 struct bpf_cpu_map_entry *rcpu;
148
149 rcpu = container_of(work, struct bpf_cpu_map_entry, kthread_stop_wq);
150
151 /* Wait for flush in __cpu_map_entry_free(), via full RCU barrier,
152 * as it waits until all in-flight call_rcu() callbacks complete.
153 */
154 rcu_barrier();
155
156 /* kthread_stop will wake_up_process and wait for it to complete */
157 kthread_stop(rcpu->kthread);
158 }
159
160 static struct sk_buff *cpu_map_build_skb(struct bpf_cpu_map_entry *rcpu,
161 struct xdp_frame *xdpf,
162 struct sk_buff *skb)
163 {
164 unsigned int hard_start_headroom;
165 unsigned int frame_size;
166 void *pkt_data_start;
167
168 /* Part of headroom was reserved to xdpf */
169 hard_start_headroom = sizeof(struct xdp_frame) + xdpf->headroom;
170
171 /* Memory size backing xdp_frame data already have reserved
172 * room for build_skb to place skb_shared_info in tailroom.
173 */
174 frame_size = xdpf->frame_sz;
175
176 pkt_data_start = xdpf->data - hard_start_headroom;
177 skb = build_skb_around(skb, pkt_data_start, frame_size);
178 if (unlikely(!skb))
179 return NULL;
180
181 skb_reserve(skb, hard_start_headroom);
182 __skb_put(skb, xdpf->len);
183 if (xdpf->metasize)
184 skb_metadata_set(skb, xdpf->metasize);
185
186 /* Essential SKB info: protocol and skb->dev */
187 skb->protocol = eth_type_trans(skb, xdpf->dev_rx);
188
189 /* Optional SKB info, currently missing:
190 * - HW checksum info (skb->ip_summed)
191 * - HW RX hash (skb_set_hash)
192 * - RX ring dev queue index (skb_record_rx_queue)
193 */
194
195 /* Until page_pool get SKB return path, release DMA here */
196 xdp_release_frame(xdpf);
197
198 /* Allow SKB to reuse area used by xdp_frame */
199 xdp_scrub_frame(xdpf);
200
201 return skb;
202 }
203
204 static void __cpu_map_ring_cleanup(struct ptr_ring *ring)
205 {
206 /* The tear-down procedure should have made sure that queue is
207 * empty. See __cpu_map_entry_replace() and work-queue
208 * invoked cpu_map_kthread_stop(). Catch any broken behaviour
209 * gracefully and warn once.
210 */
211 struct xdp_frame *xdpf;
212
213 while ((xdpf = ptr_ring_consume(ring)))
214 if (WARN_ON_ONCE(xdpf))
215 xdp_return_frame(xdpf);
216 }
217
218 static void put_cpu_map_entry(struct bpf_cpu_map_entry *rcpu)
219 {
220 if (atomic_dec_and_test(&rcpu->refcnt)) {
221 if (rcpu->prog)
222 bpf_prog_put(rcpu->prog);
223 /* The queue should be empty at this point */
224 __cpu_map_ring_cleanup(rcpu->queue);
225 ptr_ring_cleanup(rcpu->queue, NULL);
226 kfree(rcpu->queue);
227 kfree(rcpu);
228 }
229 }
230
231 static int cpu_map_bpf_prog_run_xdp(struct bpf_cpu_map_entry *rcpu,
232 void **frames, int n,
233 struct xdp_cpumap_stats *stats)
234 {
235 struct xdp_rxq_info rxq;
236 struct xdp_buff xdp;
237 int i, nframes = 0;
238
239 if (!rcpu->prog)
240 return n;
241
242 rcu_read_lock_bh();
243
244 xdp_set_return_frame_no_direct();
245 xdp.rxq = &rxq;
246
247 for (i = 0; i < n; i++) {
248 struct xdp_frame *xdpf = frames[i];
249 u32 act;
250 int err;
251
252 rxq.dev = xdpf->dev_rx;
253 rxq.mem = xdpf->mem;
254 /* TODO: report queue_index to xdp_rxq_info */
255
256 xdp_convert_frame_to_buff(xdpf, &xdp);
257
258 act = bpf_prog_run_xdp(rcpu->prog, &xdp);
259 switch (act) {
260 case XDP_PASS:
261 err = xdp_update_frame_from_buff(&xdp, xdpf);
262 if (err < 0) {
263 xdp_return_frame(xdpf);
264 stats->drop++;
265 } else {
266 frames[nframes++] = xdpf;
267 stats->pass++;
268 }
269 break;
270 case XDP_REDIRECT:
271 err = xdp_do_redirect(xdpf->dev_rx, &xdp,
272 rcpu->prog);
273 if (unlikely(err)) {
274 xdp_return_frame(xdpf);
275 stats->drop++;
276 } else {
277 stats->redirect++;
278 }
279 break;
280 default:
281 bpf_warn_invalid_xdp_action(act);
282 /* fallthrough */
283 case XDP_DROP:
284 xdp_return_frame(xdpf);
285 stats->drop++;
286 break;
287 }
288 }
289
290 if (stats->redirect)
291 xdp_do_flush_map();
292
293 xdp_clear_return_frame_no_direct();
294
295 rcu_read_unlock_bh(); /* resched point, may call do_softirq() */
296
297 return nframes;
298 }
299
300 #define CPUMAP_BATCH 8
301
302 static int cpu_map_kthread_run(void *data)
303 {
304 struct bpf_cpu_map_entry *rcpu = data;
305
306 set_current_state(TASK_INTERRUPTIBLE);
307
308 /* When kthread gives stop order, then rcpu have been disconnected
309 * from map, thus no new packets can enter. Remaining in-flight
310 * per CPU stored packets are flushed to this queue. Wait honoring
311 * kthread_stop signal until queue is empty.
312 */
313 while (!kthread_should_stop() || !__ptr_ring_empty(rcpu->queue)) {
314 struct xdp_cpumap_stats stats = {}; /* zero stats */
315 gfp_t gfp = __GFP_ZERO | GFP_ATOMIC;
316 unsigned int drops = 0, sched = 0;
317 void *frames[CPUMAP_BATCH];
318 void *skbs[CPUMAP_BATCH];
319 int i, n, m, nframes;
320
321 /* Release CPU reschedule checks */
322 if (__ptr_ring_empty(rcpu->queue)) {
323 set_current_state(TASK_INTERRUPTIBLE);
324 /* Recheck to avoid lost wake-up */
325 if (__ptr_ring_empty(rcpu->queue)) {
326 schedule();
327 sched = 1;
328 } else {
329 __set_current_state(TASK_RUNNING);
330 }
331 } else {
332 sched = cond_resched();
333 }
334
335 /*
336 * The bpf_cpu_map_entry is single consumer, with this
337 * kthread CPU pinned. Lockless access to ptr_ring
338 * consume side valid as no-resize allowed of queue.
339 */
340 n = __ptr_ring_consume_batched(rcpu->queue, frames,
341 CPUMAP_BATCH);
342 for (i = 0; i < n; i++) {
343 void *f = frames[i];
344 struct page *page = virt_to_page(f);
345
346 /* Bring struct page memory area to curr CPU. Read by
347 * build_skb_around via page_is_pfmemalloc(), and when
348 * freed written by page_frag_free call.
349 */
350 prefetchw(page);
351 }
352
353 /* Support running another XDP prog on this CPU */
354 nframes = cpu_map_bpf_prog_run_xdp(rcpu, frames, n, &stats);
355 if (nframes) {
356 m = kmem_cache_alloc_bulk(skbuff_head_cache, gfp, nframes, skbs);
357 if (unlikely(m == 0)) {
358 for (i = 0; i < nframes; i++)
359 skbs[i] = NULL; /* effect: xdp_return_frame */
360 drops += nframes;
361 }
362 }
363
364 local_bh_disable();
365 for (i = 0; i < nframes; i++) {
366 struct xdp_frame *xdpf = frames[i];
367 struct sk_buff *skb = skbs[i];
368 int ret;
369
370 skb = cpu_map_build_skb(rcpu, xdpf, skb);
371 if (!skb) {
372 xdp_return_frame(xdpf);
373 continue;
374 }
375
376 /* Inject into network stack */
377 ret = netif_receive_skb_core(skb);
378 if (ret == NET_RX_DROP)
379 drops++;
380 }
381 /* Feedback loop via tracepoint */
382 trace_xdp_cpumap_kthread(rcpu->map_id, n, drops, sched, &stats);
383
384 local_bh_enable(); /* resched point, may call do_softirq() */
385 }
386 __set_current_state(TASK_RUNNING);
387
388 put_cpu_map_entry(rcpu);
389 return 0;
390 }
391
392 bool cpu_map_prog_allowed(struct bpf_map *map)
393 {
394 return map->map_type == BPF_MAP_TYPE_CPUMAP &&
395 map->value_size != offsetofend(struct bpf_cpumap_val, qsize);
396 }
397
398 static int __cpu_map_load_bpf_program(struct bpf_cpu_map_entry *rcpu, int fd)
399 {
400 struct bpf_prog *prog;
401
402 prog = bpf_prog_get_type(fd, BPF_PROG_TYPE_XDP);
403 if (IS_ERR(prog))
404 return PTR_ERR(prog);
405
406 if (prog->expected_attach_type != BPF_XDP_CPUMAP) {
407 bpf_prog_put(prog);
408 return -EINVAL;
409 }
410
411 rcpu->value.bpf_prog.id = prog->aux->id;
412 rcpu->prog = prog;
413
414 return 0;
415 }
416
417 static struct bpf_cpu_map_entry *
418 __cpu_map_entry_alloc(struct bpf_cpumap_val *value, u32 cpu, int map_id)
419 {
420 int numa, err, i, fd = value->bpf_prog.fd;
421 gfp_t gfp = GFP_KERNEL | __GFP_NOWARN;
422 struct bpf_cpu_map_entry *rcpu;
423 struct xdp_bulk_queue *bq;
424
425 /* Have map->numa_node, but choose node of redirect target CPU */
426 numa = cpu_to_node(cpu);
427
428 rcpu = kzalloc_node(sizeof(*rcpu), gfp, numa);
429 if (!rcpu)
430 return NULL;
431
432 /* Alloc percpu bulkq */
433 rcpu->bulkq = __alloc_percpu_gfp(sizeof(*rcpu->bulkq),
434 sizeof(void *), gfp);
435 if (!rcpu->bulkq)
436 goto free_rcu;
437
438 for_each_possible_cpu(i) {
439 bq = per_cpu_ptr(rcpu->bulkq, i);
440 bq->obj = rcpu;
441 }
442
443 /* Alloc queue */
444 rcpu->queue = kzalloc_node(sizeof(*rcpu->queue), gfp, numa);
445 if (!rcpu->queue)
446 goto free_bulkq;
447
448 err = ptr_ring_init(rcpu->queue, value->qsize, gfp);
449 if (err)
450 goto free_queue;
451
452 rcpu->cpu = cpu;
453 rcpu->map_id = map_id;
454 rcpu->value.qsize = value->qsize;
455
456 if (fd > 0 && __cpu_map_load_bpf_program(rcpu, fd))
457 goto free_ptr_ring;
458
459 /* Setup kthread */
460 rcpu->kthread = kthread_create_on_node(cpu_map_kthread_run, rcpu, numa,
461 "cpumap/%d/map:%d", cpu, map_id);
462 if (IS_ERR(rcpu->kthread))
463 goto free_prog;
464
465 get_cpu_map_entry(rcpu); /* 1-refcnt for being in cmap->cpu_map[] */
466 get_cpu_map_entry(rcpu); /* 1-refcnt for kthread */
467
468 /* Make sure kthread runs on a single CPU */
469 kthread_bind(rcpu->kthread, cpu);
470 wake_up_process(rcpu->kthread);
471
472 return rcpu;
473
474 free_prog:
475 if (rcpu->prog)
476 bpf_prog_put(rcpu->prog);
477 free_ptr_ring:
478 ptr_ring_cleanup(rcpu->queue, NULL);
479 free_queue:
480 kfree(rcpu->queue);
481 free_bulkq:
482 free_percpu(rcpu->bulkq);
483 free_rcu:
484 kfree(rcpu);
485 return NULL;
486 }
487
488 static void __cpu_map_entry_free(struct rcu_head *rcu)
489 {
490 struct bpf_cpu_map_entry *rcpu;
491
492 /* This cpu_map_entry have been disconnected from map and one
493 * RCU grace-period have elapsed. Thus, XDP cannot queue any
494 * new packets and cannot change/set flush_needed that can
495 * find this entry.
496 */
497 rcpu = container_of(rcu, struct bpf_cpu_map_entry, rcu);
498
499 free_percpu(rcpu->bulkq);
500 /* Cannot kthread_stop() here, last put free rcpu resources */
501 put_cpu_map_entry(rcpu);
502 }
503
504 /* After xchg pointer to bpf_cpu_map_entry, use the call_rcu() to
505 * ensure any driver rcu critical sections have completed, but this
506 * does not guarantee a flush has happened yet. Because driver side
507 * rcu_read_lock/unlock only protects the running XDP program. The
508 * atomic xchg and NULL-ptr check in __cpu_map_flush() makes sure a
509 * pending flush op doesn't fail.
510 *
511 * The bpf_cpu_map_entry is still used by the kthread, and there can
512 * still be pending packets (in queue and percpu bulkq). A refcnt
513 * makes sure to last user (kthread_stop vs. call_rcu) free memory
514 * resources.
515 *
516 * The rcu callback __cpu_map_entry_free flush remaining packets in
517 * percpu bulkq to queue. Due to caller map_delete_elem() disable
518 * preemption, cannot call kthread_stop() to make sure queue is empty.
519 * Instead a work_queue is started for stopping kthread,
520 * cpu_map_kthread_stop, which waits for an RCU grace period before
521 * stopping kthread, emptying the queue.
522 */
523 static void __cpu_map_entry_replace(struct bpf_cpu_map *cmap,
524 u32 key_cpu, struct bpf_cpu_map_entry *rcpu)
525 {
526 struct bpf_cpu_map_entry *old_rcpu;
527
528 old_rcpu = xchg(&cmap->cpu_map[key_cpu], rcpu);
529 if (old_rcpu) {
530 call_rcu(&old_rcpu->rcu, __cpu_map_entry_free);
531 INIT_WORK(&old_rcpu->kthread_stop_wq, cpu_map_kthread_stop);
532 schedule_work(&old_rcpu->kthread_stop_wq);
533 }
534 }
535
536 static int cpu_map_delete_elem(struct bpf_map *map, void *key)
537 {
538 struct bpf_cpu_map *cmap = container_of(map, struct bpf_cpu_map, map);
539 u32 key_cpu = *(u32 *)key;
540
541 if (key_cpu >= map->max_entries)
542 return -EINVAL;
543
544 /* notice caller map_delete_elem() use preempt_disable() */
545 __cpu_map_entry_replace(cmap, key_cpu, NULL);
546 return 0;
547 }
548
549 static int cpu_map_update_elem(struct bpf_map *map, void *key, void *value,
550 u64 map_flags)
551 {
552 struct bpf_cpu_map *cmap = container_of(map, struct bpf_cpu_map, map);
553 struct bpf_cpumap_val cpumap_value = {};
554 struct bpf_cpu_map_entry *rcpu;
555 /* Array index key correspond to CPU number */
556 u32 key_cpu = *(u32 *)key;
557
558 memcpy(&cpumap_value, value, map->value_size);
559
560 if (unlikely(map_flags > BPF_EXIST))
561 return -EINVAL;
562 if (unlikely(key_cpu >= cmap->map.max_entries))
563 return -E2BIG;
564 if (unlikely(map_flags == BPF_NOEXIST))
565 return -EEXIST;
566 if (unlikely(cpumap_value.qsize > 16384)) /* sanity limit on qsize */
567 return -EOVERFLOW;
568
569 /* Make sure CPU is a valid possible cpu */
570 if (key_cpu >= nr_cpumask_bits || !cpu_possible(key_cpu))
571 return -ENODEV;
572
573 if (cpumap_value.qsize == 0) {
574 rcpu = NULL; /* Same as deleting */
575 } else {
576 /* Updating qsize cause re-allocation of bpf_cpu_map_entry */
577 rcpu = __cpu_map_entry_alloc(&cpumap_value, key_cpu, map->id);
578 if (!rcpu)
579 return -ENOMEM;
580 rcpu->cmap = cmap;
581 }
582 rcu_read_lock();
583 __cpu_map_entry_replace(cmap, key_cpu, rcpu);
584 rcu_read_unlock();
585 return 0;
586 }
587
588 static void cpu_map_free(struct bpf_map *map)
589 {
590 struct bpf_cpu_map *cmap = container_of(map, struct bpf_cpu_map, map);
591 u32 i;
592
593 /* At this point bpf_prog->aux->refcnt == 0 and this map->refcnt == 0,
594 * so the bpf programs (can be more than one that used this map) were
595 * disconnected from events. Wait for outstanding critical sections in
596 * these programs to complete. The rcu critical section only guarantees
597 * no further "XDP/bpf-side" reads against bpf_cpu_map->cpu_map.
598 * It does __not__ ensure pending flush operations (if any) are
599 * complete.
600 */
601
602 bpf_clear_redirect_map(map);
603 synchronize_rcu();
604
605 /* For cpu_map the remote CPUs can still be using the entries
606 * (struct bpf_cpu_map_entry).
607 */
608 for (i = 0; i < cmap->map.max_entries; i++) {
609 struct bpf_cpu_map_entry *rcpu;
610
611 rcpu = READ_ONCE(cmap->cpu_map[i]);
612 if (!rcpu)
613 continue;
614
615 /* bq flush and cleanup happens after RCU grace-period */
616 __cpu_map_entry_replace(cmap, i, NULL); /* call_rcu */
617 }
618 bpf_map_area_free(cmap->cpu_map);
619 kfree(cmap);
620 }
621
622 struct bpf_cpu_map_entry *__cpu_map_lookup_elem(struct bpf_map *map, u32 key)
623 {
624 struct bpf_cpu_map *cmap = container_of(map, struct bpf_cpu_map, map);
625 struct bpf_cpu_map_entry *rcpu;
626
627 if (key >= map->max_entries)
628 return NULL;
629
630 rcpu = READ_ONCE(cmap->cpu_map[key]);
631 return rcpu;
632 }
633
634 static void *cpu_map_lookup_elem(struct bpf_map *map, void *key)
635 {
636 struct bpf_cpu_map_entry *rcpu =
637 __cpu_map_lookup_elem(map, *(u32 *)key);
638
639 return rcpu ? &rcpu->value : NULL;
640 }
641
642 static int cpu_map_get_next_key(struct bpf_map *map, void *key, void *next_key)
643 {
644 struct bpf_cpu_map *cmap = container_of(map, struct bpf_cpu_map, map);
645 u32 index = key ? *(u32 *)key : U32_MAX;
646 u32 *next = next_key;
647
648 if (index >= cmap->map.max_entries) {
649 *next = 0;
650 return 0;
651 }
652
653 if (index == cmap->map.max_entries - 1)
654 return -ENOENT;
655 *next = index + 1;
656 return 0;
657 }
658
659 static int cpu_map_btf_id;
660 const struct bpf_map_ops cpu_map_ops = {
661 .map_alloc = cpu_map_alloc,
662 .map_free = cpu_map_free,
663 .map_delete_elem = cpu_map_delete_elem,
664 .map_update_elem = cpu_map_update_elem,
665 .map_lookup_elem = cpu_map_lookup_elem,
666 .map_get_next_key = cpu_map_get_next_key,
667 .map_check_btf = map_check_no_btf,
668 .map_btf_name = "bpf_cpu_map",
669 .map_btf_id = &cpu_map_btf_id,
670 };
671
672 static int bq_flush_to_queue(struct xdp_bulk_queue *bq)
673 {
674 struct bpf_cpu_map_entry *rcpu = bq->obj;
675 unsigned int processed = 0, drops = 0;
676 const int to_cpu = rcpu->cpu;
677 struct ptr_ring *q;
678 int i;
679
680 if (unlikely(!bq->count))
681 return 0;
682
683 q = rcpu->queue;
684 spin_lock(&q->producer_lock);
685
686 for (i = 0; i < bq->count; i++) {
687 struct xdp_frame *xdpf = bq->q[i];
688 int err;
689
690 err = __ptr_ring_produce(q, xdpf);
691 if (err) {
692 drops++;
693 xdp_return_frame_rx_napi(xdpf);
694 }
695 processed++;
696 }
697 bq->count = 0;
698 spin_unlock(&q->producer_lock);
699
700 __list_del_clearprev(&bq->flush_node);
701
702 /* Feedback loop via tracepoints */
703 trace_xdp_cpumap_enqueue(rcpu->map_id, processed, drops, to_cpu);
704 return 0;
705 }
706
707 /* Runs under RCU-read-side, plus in softirq under NAPI protection.
708 * Thus, safe percpu variable access.
709 */
710 static int bq_enqueue(struct bpf_cpu_map_entry *rcpu, struct xdp_frame *xdpf)
711 {
712 struct list_head *flush_list = this_cpu_ptr(&cpu_map_flush_list);
713 struct xdp_bulk_queue *bq = this_cpu_ptr(rcpu->bulkq);
714
715 if (unlikely(bq->count == CPU_MAP_BULK_SIZE))
716 bq_flush_to_queue(bq);
717
718 /* Notice, xdp_buff/page MUST be queued here, long enough for
719 * driver to code invoking us to finished, due to driver
720 * (e.g. ixgbe) recycle tricks based on page-refcnt.
721 *
722 * Thus, incoming xdp_frame is always queued here (else we race
723 * with another CPU on page-refcnt and remaining driver code).
724 * Queue time is very short, as driver will invoke flush
725 * operation, when completing napi->poll call.
726 */
727 bq->q[bq->count++] = xdpf;
728
729 if (!bq->flush_node.prev)
730 list_add(&bq->flush_node, flush_list);
731
732 return 0;
733 }
734
735 int cpu_map_enqueue(struct bpf_cpu_map_entry *rcpu, struct xdp_buff *xdp,
736 struct net_device *dev_rx)
737 {
738 struct xdp_frame *xdpf;
739
740 xdpf = xdp_convert_buff_to_frame(xdp);
741 if (unlikely(!xdpf))
742 return -EOVERFLOW;
743
744 /* Info needed when constructing SKB on remote CPU */
745 xdpf->dev_rx = dev_rx;
746
747 bq_enqueue(rcpu, xdpf);
748 return 0;
749 }
750
751 void __cpu_map_flush(void)
752 {
753 struct list_head *flush_list = this_cpu_ptr(&cpu_map_flush_list);
754 struct xdp_bulk_queue *bq, *tmp;
755
756 list_for_each_entry_safe(bq, tmp, flush_list, flush_node) {
757 bq_flush_to_queue(bq);
758
759 /* If already running, costs spin_lock_irqsave + smb_mb */
760 wake_up_process(bq->obj->kthread);
761 }
762 }
763
764 static int __init cpu_map_init(void)
765 {
766 int cpu;
767
768 for_each_possible_cpu(cpu)
769 INIT_LIST_HEAD(&per_cpu(cpu_map_flush_list, cpu));
770 return 0;
771 }
772
773 subsys_initcall(cpu_map_init);
Linux with added FPC-III support