From: "Toke Høiland-Jørgensen" <toke@redhat.com>
To: Daniel Borkmann <daniel@iogearbox.net>,
Luigi Rizzo <lrizzo@google.com>,
netdev@vger.kernel.org
Cc: Jesper Dangaard Brouer <hawk@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
sameehj@amazon.com
Subject: Re: [PATCH] net-xdp: netdev attribute to control xdpgeneric skb linearization
Date: Thu, 23 Jan 2020 17:14:29 +0100 [thread overview]
Message-ID: <87blqui1zu.fsf@toke.dk> (raw)
In-Reply-To: <953c8fee-91f0-85e7-6c7b-b9a2f8df5aa6@iogearbox.net>
Daniel Borkmann <daniel@iogearbox.net> writes:
> On 1/23/20 10:53 AM, Toke Høiland-Jørgensen wrote:
>> Luigi Rizzo <lrizzo@google.com> writes:
>>
>>> Add a netdevice flag to control skb linearization in generic xdp mode.
>>> Among the various mechanism to control the flag, the sysfs
>>> interface seems sufficiently simple and self-contained.
>>> The attribute can be modified through
>>> /sys/class/net/<DEVICE>/xdp_linearize
>>> The default is 1 (on)
>
> Needs documentation in Documentation/ABI/testing/sysfs-class-net.
>
>> Erm, won't turning off linearization break the XDP program's ability to
>> do direct packet access?
>
> Yes, in the worst case you only have eth header pulled into linear
> section. :/
In which case an eBPF program could read/write out of bounds since the
verifier only verifies checks against xdp->data_end. Right?
> In tc/BPF for direct packet access we have bpf_skb_pull_data() helper
> which can pull in up to X bytes into linear section on demand. I guess
> something like this could be done for XDP context as well, e.g.
> generic XDP would pull when non-linear and native XDP would have
> nothing todo (though in this case you end up writing the prog
> specifically for generic XDP with slowdown when you'd load it on
> native XDP where it's linear anyway, but that could/should be
> documented if so).
Yeah, I really don't think this is a good idea; there are enough gotchas
with the difference between generic and native XDP as it is... :/
-Toke
next prev parent reply other threads:[~2020-01-23 16:14 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-22 20:32 [PATCH] net-xdp: netdev attribute to control xdpgeneric skb linearization Luigi Rizzo
2020-01-23 9:53 ` Toke Høiland-Jørgensen
2020-01-23 15:48 ` Daniel Borkmann
2020-01-23 16:14 ` Toke Høiland-Jørgensen [this message]
2020-01-23 17:30 ` Luigi Rizzo
2020-01-23 18:01 ` Toke Høiland-Jørgensen
2020-01-23 18:06 ` Luigi Rizzo
2020-01-23 21:36 ` Daniel Borkmann
2020-01-24 9:57 ` Toke Høiland-Jørgensen
2020-01-24 14:31 ` Luigi Rizzo
2020-01-24 15:30 ` Toke Høiland-Jørgensen
2020-01-24 17:15 ` Luigi Rizzo
2020-01-24 21:27 ` Toke Høiland-Jørgensen
2020-02-05 15:36 ` Luigi Rizzo
[not found] ` <CA+hQ2+hnqifXzyHjjc5TXJmJz_EVCbuF6vGchKjaWccfK2ZA4g@mail.gmail.com>
2020-02-05 15:55 ` Toke Høiland-Jørgensen
2020-01-23 17:25 ` Luigi Rizzo
2020-01-23 18:00 ` Toke Høiland-Jørgensen
2020-01-23 18:11 ` Luigi Rizzo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87blqui1zu.fsf@toke.dk \
--to=toke@redhat.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=hawk@kernel.org \
--cc=lrizzo@google.com \
--cc=netdev@vger.kernel.org \
--cc=sameehj@amazon.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.