diff options
author | Eyal Birger <eyal.birger@gmail.com> | 2022-12-03 09:46:57 +0100 |
---|---|---|
committer | Martin KaFai Lau <martin.lau@kernel.org> | 2022-12-06 06:58:27 +0100 |
commit | 94151f5aa9667c562281abeaaa5e89b9d5c17729 (patch) | |
tree | 5bffd7339951e44a3969285a64e17678b4f4acf6 /net/xfrm/Makefile | |
parent | xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c (diff) | |
download | linux-94151f5aa9667c562281abeaaa5e89b9d5c17729.tar.xz linux-94151f5aa9667c562281abeaaa5e89b9d5c17729.zip |
xfrm: interface: Add unstable helpers for setting/getting XFRM metadata from TC-BPF
This change adds xfrm metadata helpers using the unstable kfunc call
interface for the TC-BPF hooks. This allows steering traffic towards
different IPsec connections based on logic implemented in bpf programs.
This object is built based on the availability of BTF debug info.
When setting the xfrm metadata, percpu metadata dsts are used in order
to avoid allocating a metadata dst per packet.
In order to guarantee safe module unload, the percpu dsts are allocated
on first use and never freed. The percpu pointer is stored in
net/core/filter.c so that it can be reused on module reload.
The metadata percpu dsts take ownership of the original skb dsts so
that they may be used as part of the xfrm transmission logic - e.g.
for MTU calculations.
Signed-off-by: Eyal Birger <eyal.birger@gmail.com>
Link: https://lore.kernel.org/r/20221203084659.1837829-3-eyal.birger@gmail.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Diffstat (limited to 'net/xfrm/Makefile')
-rw-r--r-- | net/xfrm/Makefile | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/net/xfrm/Makefile b/net/xfrm/Makefile index 08a2870fdd36..cd47f88921f5 100644 --- a/net/xfrm/Makefile +++ b/net/xfrm/Makefile @@ -5,6 +5,12 @@ xfrm_interface-$(CONFIG_XFRM_INTERFACE) += xfrm_interface_core.o +ifeq ($(CONFIG_XFRM_INTERFACE),m) +xfrm_interface-$(CONFIG_DEBUG_INFO_BTF_MODULES) += xfrm_interface_bpf.o +else ifeq ($(CONFIG_XFRM_INTERFACE),y) +xfrm_interface-$(CONFIG_DEBUG_INFO_BTF) += xfrm_interface_bpf.o +endif + obj-$(CONFIG_XFRM) := xfrm_policy.o xfrm_state.o xfrm_hash.o \ xfrm_input.o xfrm_output.o \ xfrm_sysctl.o xfrm_replay.o xfrm_device.o |