From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: smtp.subspace.kernel.org; dkim=none Received: from Chamillionaire.breakpoint.cc (Chamillionaire.breakpoint.cc [IPv6:2a0a:51c0:0:237:300::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A159219A; Wed, 29 Nov 2023 06:47:41 -0800 (PST) Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.92) (envelope-from ) id 1r8Lqi-0006yM-ON; Wed, 29 Nov 2023 15:47:36 +0100 Date: Wed, 29 Nov 2023 15:47:36 +0100 From: Florian Westphal To: "D. Wythe" Cc: Florian Westphal , pablo@netfilter.org, kadlec@netfilter.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, coreteam@netfilter.org, netfilter-devel@vger.kernel.org, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, ast@kernel.org Subject: Re: [PATCH net] net/netfilter: bpf: avoid leakage of skb Message-ID: <20231129144736.GB24754@breakpoint.cc> References: <1701252962-63418-1-git-send-email-alibuda@linux.alibaba.com> <20231129131846.GC27744@breakpoint.cc> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) D. Wythe wrote: > And my origin intention was to allow ebpf progs to return NF_STOLEN, we are > trying to modify some netfilter modules via ebpf, > and some scenarios require the use of NF_STOLEN, but from your description, NF_STOLEN can only be supported via a trusted helper, as least as far as I understand. Otherwise verifier would have to guarantee that any branch that returns NF_STOLEN has released the skb, or passed it to a function that will release the skb in the near future.