Attaching XDP program into wireguard interface
Jason A. Donenfeld
Jason at zx2c4.com
Sat Apr 25 00:02:40 CEST 2020
On Fri, Apr 24, 2020 at 3:59 PM Toke Høiland-Jørgensen <toke at toke.dk> wrote:
>
> "Jason A. Donenfeld" <Jason at zx2c4.com> writes:
>
> > Oh. Set XDP_FLAGS_SKB_MODE.
>
> Yeah, you'd definitely need to run this in skb/generic XDP mode.
>
> -Toke
It looks like the code in question is likely:
bpf_op = bpf_chk = ops->ndo_bpf;
if (!bpf_op && (flags & (XDP_FLAGS_DRV_MODE | XDP_FLAGS_HW_MODE))) {
NL_SET_ERR_MSG(extack, "underlying driver does not
support XDP in native mode");
return -EOPNOTSUPP;
}
if (!bpf_op || (flags & XDP_FLAGS_SKB_MODE))
bpf_op = generic_xdp_install;
if (bpf_op == bpf_chk)
bpf_chk = generic_xdp_install;
It looks like bpf_op == generic_xdp_install is the case when neither
XDP_FLAGS_DRV_MODE or XDP_FLAGS_HW_MODE is set. Setting
XDP_FLAGS_SKB_MODE explicitly will force it on all drivers, but not
specifying it will fallback to it if the driver doesn't have hardware
support, which is WireGuard's case, unless either XDP_FLAGS_DRV_MODE
or XDP_FLAGS_HW_MODE are set.
More information about the WireGuard
mailing list