Re: [PATCH bpf-next v2 1/7] netkit, bpf: Add bpf programmable net device

BPF List
 help / color / mirror / Atom feed

From: Daniel Borkmann <daniel@iogearbox.net>
To: Andrew Lunn <andrew@lunn.ch>
Cc: bpf@vger.kernel.org, netdev@vger.kernel.org,
	martin.lau@linux.dev, razor@blackwall.org, ast@kernel.org,
	andrii@kernel.org, john.fastabend@gmail.com, sdf@google.com,
	toke@kernel.org
Subject: Re: [PATCH bpf-next v2 1/7] netkit, bpf: Add bpf programmable net device
Date: Sat, 21 Oct 2023 00:38:30 +0200	[thread overview]
Message-ID: <f57df221-0790-3a93-c7e2-d85136fb07c8@iogearbox.net> (raw)
In-Reply-To: <33467f55-4bbf-4078-af21-d91c6aab82ee@lunn.ch>

On 10/21/23 12:18 AM, Andrew Lunn wrote:
>> +static void netkit_get_drvinfo(struct net_device *dev,
>> +			       struct ethtool_drvinfo *info)
>> +{
>> +	strscpy(info->driver, DRV_NAME, sizeof(info->driver));
>> +	strscpy(info->version, "n/a", sizeof(info->version));
> 
> If you don't put anything in version, the core will put in the git
> hash of the kernel. Its more useful than "n/a".

Thanks, I wasn't aware of this! Agree that this is better!

>> +	ether_setup(dev);
>> +	dev->min_mtu = ETH_MIN_MTU;
> 
> ether_setup() sets min_mtu to ETH_MIN_MTU.

Will fix.

>> +static int netkit_new_link(struct net *src_net, struct net_device *dev,
>> +			   struct nlattr *tb[], struct nlattr *data[],
>> +			   struct netlink_ext_ack *extack)
>> +{
> 
> ...
> 
>> +	err = register_netdevice(peer);
>> +	put_net(net);
>> +	if (err < 0)
>> +		goto err_register_peer;
>> +
>> +	netif_carrier_off(peer);
>> +
>> +	err = rtnl_configure_link(peer, ifmp, 0, NULL);
>> +	if (err < 0)
>> +		goto err_configure_peer;
> 
> Seeing code after calling register_netdevice() often means bugs. The
> interface is live, and in use before the function even returns. The
> kernel can try to get an IP address, mount an NFS root etc. This might
> be safe, because you have two linked interfaces here, and the other
> one is not yet registered. Maybe some comment about this would be
> good, or can the rtnl_configure_link() be done earlier?

I'll check if it's possible to reorder resp. add a comment if not.

>> +
>> +	if (mode == NETKIT_L2)
>> +		eth_hw_addr_random(dev);
>> +	if (tb[IFLA_IFNAME])
>> +		nla_strscpy(dev->name, tb[IFLA_IFNAME], IFNAMSIZ);
>> +	else
>> +		snprintf(dev->name, IFNAMSIZ, "m%%d");
>> +
>> +	err = register_netdevice(dev);
>> +	if (err < 0)
>> +		goto err_configure_peer;
> 
> We have the same here, but now we have both peers registers, the
> kernel could of configured both up in order to find its NFS root etc.
> Is it safe to have packets flowing at this point? Before the remaining
> configuration happens?

They would be dropped in xmit if the peer is linked yet.

>> +	netif_carrier_off(dev);
>> +
>> +	nk = netdev_priv(dev);
>> +	nk->primary = true;
>> +	nk->policy = default_prim;
>> +	nk->mode = mode;
>> +	if (nk->mode == NETKIT_L2)
>> +		dev_change_flags(dev, dev->flags & ~IFF_NOARP, NULL);
>> +	bpf_mprog_bundle_init(&nk->bundle);
>> +	RCU_INIT_POINTER(nk->active, NULL);
>> +	rcu_assign_pointer(nk->peer, peer);
>> +
>> +	nk = netdev_priv(peer);
>> +	nk->primary = false;
>> +	nk->policy = default_peer;
>> +	nk->mode = mode;
>> +	if (nk->mode == NETKIT_L2)
>> +		dev_change_flags(peer, peer->flags & ~IFF_NOARP, NULL);
>> +	bpf_mprog_bundle_init(&nk->bundle);
>> +	RCU_INIT_POINTER(nk->active, NULL);
>> +	rcu_assign_pointer(nk->peer, dev);
>> +	return 0;
>> +err_configure_peer:
>> +	unregister_netdevice(peer);
>> +	return err;
>> +err_register_peer:
>> +	free_netdev(peer);
>> +	return err;
>> +}

Thanks,
Daniel

next prev parent reply	other threads:[~2023-10-20 22:38 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-10-19 20:49 [PATCH bpf-next v2 0/7] Add bpf programmable net device Daniel Borkmann
2023-10-19 20:49 ` [PATCH bpf-next v2 1/7] netkit, bpf: " Daniel Borkmann
2023-10-20 22:18   ` Andrew Lunn
2023-10-20 22:38     ` Daniel Borkmann [this message]
2023-10-21  1:43     ` Jakub Kicinski
2023-10-21  1:41   ` Jakub Kicinski
2023-10-19 20:49 ` [PATCH bpf-next v2 2/7] tools: Sync if_link uapi header Daniel Borkmann
2023-10-19 20:49 ` [PATCH bpf-next v2 3/7] libbpf: Add link-based API for netkit Daniel Borkmann
2023-10-19 20:49 ` [PATCH bpf-next v2 4/7] bpftool: Implement link show support " Daniel Borkmann
2023-10-23 14:26   ` Toke Høiland-Jørgensen
2023-10-23 14:46     ` Daniel Borkmann
2023-10-19 20:49 ` [PATCH bpf-next v2 5/7] bpftool: Extend net dump with netkit progs Daniel Borkmann
2023-10-19 20:49 ` [PATCH bpf-next v2 6/7] selftests/bpf: Add netlink helper library Daniel Borkmann
2023-10-19 20:49 ` [PATCH bpf-next v2 7/7] selftests/bpf: Add selftests for netkit Daniel Borkmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f57df221-0790-3a93-c7e2-d85136fb07c8@iogearbox.net \
    --to=daniel@iogearbox.net \
    --cc=andrew@lunn.ch \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=john.fastabend@gmail.com \
    --cc=martin.lau@linux.dev \
    --cc=netdev@vger.kernel.org \
    --cc=razor@blackwall.org \
    --cc=sdf@google.com \
    --cc=toke@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox