From: Jakub Sitnicki <jakub@cloudflare.com>
To: John Fastabend <john.fastabend@gmail.com>
Cc: Liu Jian <liujian56@huawei.com>,
ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org,
martin.lau@linux.dev, song@kernel.org, yonghong.song@linux.dev,
kpsingh@kernel.org, sdf@google.com, haoluo@google.com,
jolsa@kernel.org, davem@davemloft.net, edumazet@google.com,
kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org,
netdev@vger.kernel.org, bpf@vger.kernel.org
Subject: Re: [PATCH bpf-next v3 1/7] bpf, sockmap: add BPF_F_PERMANENT flag for skmsg redirect
Date: Mon, 28 Aug 2023 10:13:29 +0200 [thread overview]
Message-ID: <87a5uba7n4.fsf@cloudflare.com> (raw)
In-Reply-To: <64e95611f1b33_1d0032088c@john.notmuch>
On Fri, Aug 25, 2023 at 06:32 PM -07, John Fastabend wrote:
> Jakub Sitnicki wrote:
[...]
>> But as I wrote earlier, I don't think it's a good idea to ignore the
>> flag. We can detect this conflict at the time the bpf_msg_sk_redirect_*
>> helper is called and return an error.
>>
>> Naturally that means that that bpf_msg_{cork,apply}_bytes helpers need
>> to be adjusted to return an error if BPF_F_PERMANENT has been set.
>
> So far we've not really done much to protect a user from doing
> rather silly things. The following will all do something without
> errors,
>
> bpf_msg_apply_bytes()
> bpf_msg_apply_bytes() <- reset apply bytes
>
> bpf_msg_cork_bytes()
> bpf_msg_cork_bytes() <- resets cork byte
>
> also,
>
> bpf_msg_redirect(..., BPF_F_INGRESS);
> bpf_msg_redirect(..., 0); <- resets sk_redir and flags
>
> maybe there is some valid reason to even do above if further parsing
> identifies some reason to redirect to a alert socket or something.
>
> My original thinking was in the interest of not having a bunch of
> extra checks for performance reasons we shouldn't add guard rails
> unless something really unexpected might happen like a kernel
> panic or what not.
>
> This does feel a bit different though because before we
> didn't have calls that could impact other calls. My best idea
> is to just create a precedence and follow it. I would propose,
>
> 'If BPF_F_PERMANENT is set apply_bytes and cork_bytes are
> ignored.'
>
> The other direction (what is above?) has a bit of an inconsistency
> where these two flows are different?
>
> bpf_apply_bytes()
> bpf_msg_redirect(..., BPF_F_PERMANENT)
>
> and
>
> bpf_msg_redirect(..., BPF_F_PERMANENT)
> bpf_apply_bytes()
>
> It would be best if order of operations doesn't change the
> outcome because that starts to get really hard to reason about.
>
> This avoids having to add checks all over the place and then
> if users want we could give some mechanisms to read apply
> and cork bytes so people could write macros over those if
> they really want the hard error.
>
> WDYT?
These semantics sound sane to me. Easy to explain:
BPF_F_PERMANENT takes precedence over apply/cork_bytes.
Good point about order of operations.
next prev parent reply other threads:[~2023-08-28 8:33 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-24 14:39 [PATCH bpf-next v3 0/7] add BPF_F_PERMANENT flag for sockmap skmsg redirect Liu Jian
2023-08-24 14:39 ` [PATCH bpf-next v3 1/7] bpf, sockmap: add BPF_F_PERMANENT flag for " Liu Jian
2023-08-25 13:04 ` Jakub Sitnicki
2023-08-26 1:32 ` John Fastabend
2023-08-26 11:54 ` liujian (CE)
2023-08-28 8:13 ` Jakub Sitnicki [this message]
2023-08-26 11:53 ` liujian (CE)
2023-08-24 14:39 ` [PATCH bpf-next v3 2/7] selftests/bpf: Add txmsg permanently test for sockmap Liu Jian
2023-08-24 14:39 ` [PATCH bpf-next v3 3/7] selftests/bpf: Add txmsg redir " Liu Jian
2023-08-24 14:39 ` [PATCH bpf-next v3 4/7] selftests/bpf: add skmsg verdict tests Liu Jian
2023-08-24 14:39 ` [PATCH bpf-next v3 5/7] selftests/bpf: add two skmsg verdict tests for BPF_F_PERMANENT flag Liu Jian
2023-08-24 14:39 ` [PATCH bpf-next v3 6/7] selftests/bpf: add tests for verdict skmsg to itself Liu Jian
2023-08-24 14:39 ` [PATCH bpf-next v3 7/7] selftests/bpf: add tests for verdict skmsg to closed socket Liu Jian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a5uba7n4.fsf@cloudflare.com \
--to=jakub@cloudflare.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=haoluo@google.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=kuba@kernel.org \
--cc=liujian56@huawei.com \
--cc=martin.lau@linux.dev \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sdf@google.com \
--cc=song@kernel.org \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.