From: David L Stevens <david.stevens@oracle.com>
To: Raghuram Kothakota <Raghuram.Kothakota@oracle.com>
Cc: David Miller <davem@davemloft.net>,
netdev@vger.kernel.org,
Sowmini Varadhan <sowmini.varadhan@oracle.com>
Subject: Re: [PATCHv9 net-next 2/4] sunvnet: make transmit path zero-copy in the kernel
Date: Thu, 02 Oct 2014 07:11:00 -0400 [thread overview]
Message-ID: <542D32C4.8070703@oracle.com> (raw)
In-Reply-To: <77E6695E-58F8-4D10-8ED7-EEC4A487339E@oracle.com>
On 10/02/2014 01:50 AM, Raghuram Kothakota wrote:
>> + err = ldc_map_single(port->vio.lp, start, nlen,
>> + port->tx_bufs[txi].cookies, 2,
>> + (LDC_MAP_SHADOW | LDC_MAP_DIRECT | LDC_MAP_RW));
>
>
> The LDC sharing protection mechanism is at a page level. If I understand
> well, the vnet_skb_shape() function only addresses the alignment requirement
> but it still leaves the possibility of exporting a lot more data than required to the
> peer. This can be treated as a security issue, wondering if you thought of this issue.
Since the specific offsets and lengths are provided in the API, I didn't realize that it was
sharing more than the provided buffer until you pointed that out, before I submitted the
patches. At that point, I considered it.
The original buffers were ~1500 byte kzalloc'ed (for each buffer), meaning that they were
potentially shared with arbitrary kernel memory on the same page.
This patch-set doesn't increase or decrease any security concerns related to oversharing
with other LDOMs. The extents outside the provided buffers are (now) skbs, and so packet
data, where before they could be any dynamically allocated kernel memory.
+-DLS
next prev parent reply other threads:[~2014-10-02 11:11 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-29 23:48 [PATCHv9 net-next 2/4] sunvnet: make transmit path zero-copy in the kernel David L Stevens
2014-10-02 5:50 ` Raghuram Kothakota
2014-10-02 9:06 ` David Laight
2014-10-02 11:33 ` David L Stevens
2014-10-02 11:11 ` David L Stevens [this message]
2014-10-02 23:11 ` Raghuram Kothakota
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=542D32C4.8070703@oracle.com \
--to=david.stevens@oracle.com \
--cc=Raghuram.Kothakota@oracle.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=sowmini.varadhan@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).