From: Florian Westphal <fw@strlen.de>
To: Thomas Graf <tgraf@suug.ch>
Cc: Florian Westphal <fw@strlen.de>, netdev@vger.kernel.org
Subject: Re: [flamebait] xdp, well meaning but pointless
Date: Thu, 1 Dec 2016 17:06:04 +0100 [thread overview]
Message-ID: <20161201160604.GD17239@breakpoint.cc> (raw)
In-Reply-To: <20161201145834.GA569@pox.localdomain>
Thomas Graf <tgraf@suug.ch> wrote:
> On 12/01/16 at 10:11am, Florian Westphal wrote:
> > Aside from this, XDP, like DPDK, is a kernel bypass.
> > You might say 'Its just stack bypass, not a kernel bypass!'.
> > But what does that mean exactly? That packets can still be passed
> > onward to normal stack?
> > Bypass solutions like netmap can also inject packets back to
> > kernel stack again.
>
> I have a fundamental issue with the approach of exporting packets into
> user space and reinjecting them: Once the packet leaves the kernel,
> any security guarantees are off. I have no control over what is
> running in user space and whether whatever listener up there has been
> compromised or not. To me, that's a no go, in particular for servers
> hosting multi tenant workloads. This is one of the main reasons why
> XDP, in particular in combination with BPF, is very interesting to me.
Funny, I see it exactly the other way around :)
To me packet coming from this "userspace injection" is no different than
a tun/tap, or any other packet coming from network.
I see no change or increase in attack surface.
next prev parent reply other threads:[~2016-12-01 16:09 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-01 9:11 [flamebait] xdp, well meaning but pointless Florian Westphal
2016-12-01 13:42 ` Hannes Frederic Sowa
2016-12-01 14:58 ` Thomas Graf
2016-12-01 15:52 ` Hannes Frederic Sowa
2016-12-01 16:28 ` Thomas Graf
2016-12-01 20:44 ` Hannes Frederic Sowa
2016-12-01 21:12 ` Tom Herbert
2016-12-01 21:27 ` Hannes Frederic Sowa
2016-12-01 21:51 ` Tom Herbert
2016-12-02 10:24 ` Jesper Dangaard Brouer
2016-12-02 11:54 ` Hannes Frederic Sowa
2016-12-02 16:59 ` Tom Herbert
2016-12-02 18:12 ` Hannes Frederic Sowa
2016-12-02 19:56 ` Stephen Hemminger
2016-12-02 20:19 ` Tom Herbert
2016-12-02 18:39 ` bpf bounded loops. Was: [flamebait] xdp Alexei Starovoitov
2016-12-02 19:25 ` Hannes Frederic Sowa
2016-12-02 19:42 ` John Fastabend
2016-12-02 19:50 ` Hannes Frederic Sowa
2016-12-03 0:20 ` Alexei Starovoitov
2016-12-03 9:11 ` Sargun Dhillon
2016-12-02 19:42 ` Hannes Frederic Sowa
2016-12-02 23:34 ` Alexei Starovoitov
2016-12-04 16:05 ` [flamebait] xdp Was: " Hannes Frederic Sowa
2016-12-06 3:05 ` Alexei Starovoitov
2016-12-06 5:08 ` Tom Herbert
2016-12-06 6:04 ` Alexei Starovoitov
2016-12-05 16:40 ` Edward Cree
2016-12-05 16:50 ` Hannes Frederic Sowa
2016-12-05 16:54 ` Edward Cree
2016-12-06 11:35 ` Hannes Frederic Sowa
2016-12-01 16:06 ` Florian Westphal [this message]
2016-12-01 16:19 ` [flamebait] xdp, well meaning but pointless David Miller
2016-12-01 16:51 ` Florian Westphal
2016-12-01 17:20 ` Hannes Frederic Sowa
[not found] ` <CALx6S35R_ZStV=DbD-7Gf_y5xXqQq113_6m5p-p0GQfv46v0Ow@mail.gmail.com>
2016-12-01 18:02 ` Tom Herbert
2016-12-02 17:22 ` Jesper Dangaard Brouer
2016-12-03 16:19 ` Willem de Bruijn
2016-12-03 19:48 ` John Fastabend
2016-12-05 11:04 ` Jesper Dangaard Brouer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161201160604.GD17239@breakpoint.cc \
--to=fw@strlen.de \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.