From: Florian Westphal <fw@strlen.de>
To: Thomas Graf <tgraf@suug.ch>
Cc: Florian Westphal <fw@strlen.de>, netdev@vger.kernel.org
Subject: Re: [flamebait] xdp, well meaning but pointless
Date: Thu, 1 Dec 2016 17:06:04 +0100 [thread overview]
Message-ID: <20161201160604.GD17239@breakpoint.cc> (raw)
In-Reply-To: <20161201145834.GA569@pox.localdomain>
Thomas Graf <tgraf@suug.ch> wrote:
> On 12/01/16 at 10:11am, Florian Westphal wrote:
> > Aside from this, XDP, like DPDK, is a kernel bypass.
> > You might say 'Its just stack bypass, not a kernel bypass!'.
> > But what does that mean exactly? That packets can still be passed
> > onward to normal stack?
> > Bypass solutions like netmap can also inject packets back to
> > kernel stack again.
>
> I have a fundamental issue with the approach of exporting packets into
> user space and reinjecting them: Once the packet leaves the kernel,
> any security guarantees are off. I have no control over what is
> running in user space and whether whatever listener up there has been
> compromised or not. To me, that's a no go, in particular for servers
> hosting multi tenant workloads. This is one of the main reasons why
> XDP, in particular in combination with BPF, is very interesting to me.
Funny, I see it exactly the other way around :)
To me packet coming from this "userspace injection" is no different than
a tun/tap, or any other packet coming from network.
I see no change or increase in attack surface.
next prev parent reply other threads:[~2016-12-01 16:09 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-01 9:11 [flamebait] xdp, well meaning but pointless Florian Westphal
2016-12-01 13:42 ` Hannes Frederic Sowa
2016-12-01 14:58 ` Thomas Graf
2016-12-01 15:52 ` Hannes Frederic Sowa
2016-12-01 16:28 ` Thomas Graf
2016-12-01 20:44 ` Hannes Frederic Sowa
2016-12-01 21:12 ` Tom Herbert
2016-12-01 21:27 ` Hannes Frederic Sowa
2016-12-01 21:51 ` Tom Herbert
2016-12-02 10:24 ` Jesper Dangaard Brouer
2016-12-02 11:54 ` Hannes Frederic Sowa
2016-12-02 16:59 ` Tom Herbert
2016-12-02 18:12 ` Hannes Frederic Sowa
2016-12-02 19:56 ` Stephen Hemminger
2016-12-02 20:19 ` Tom Herbert
2016-12-02 18:39 ` bpf bounded loops. Was: [flamebait] xdp Alexei Starovoitov
2016-12-02 19:25 ` Hannes Frederic Sowa
2016-12-02 19:42 ` John Fastabend
2016-12-02 19:50 ` Hannes Frederic Sowa
2016-12-03 0:20 ` Alexei Starovoitov
2016-12-03 9:11 ` Sargun Dhillon
2016-12-02 19:42 ` Hannes Frederic Sowa
2016-12-02 23:34 ` Alexei Starovoitov
2016-12-04 16:05 ` [flamebait] xdp Was: " Hannes Frederic Sowa
2016-12-06 3:05 ` Alexei Starovoitov
2016-12-06 5:08 ` Tom Herbert
2016-12-06 6:04 ` Alexei Starovoitov
2016-12-05 16:40 ` Edward Cree
2016-12-05 16:50 ` Hannes Frederic Sowa
2016-12-05 16:54 ` Edward Cree
2016-12-06 11:35 ` Hannes Frederic Sowa
2016-12-01 16:06 ` Florian Westphal [this message]
2016-12-01 16:19 ` [flamebait] xdp, well meaning but pointless David Miller
2016-12-01 16:51 ` Florian Westphal
2016-12-01 17:20 ` Hannes Frederic Sowa
[not found] ` <CALx6S35R_ZStV=DbD-7Gf_y5xXqQq113_6m5p-p0GQfv46v0Ow@mail.gmail.com>
2016-12-01 18:02 ` Tom Herbert
2016-12-02 17:22 ` Jesper Dangaard Brouer
2016-12-03 16:19 ` Willem de Bruijn
2016-12-03 19:48 ` John Fastabend
2016-12-05 11:04 ` Jesper Dangaard Brouer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161201160604.GD17239@breakpoint.cc \
--to=fw@strlen.de \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).