lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 2 Jan 2024 16:52:08 -0800
From: Martin KaFai Lau <martin.lau@...ux.dev>
To: Menglong Dong <menglong8.dong@...il.com>
Cc: Stanislav Fomichev <sdf@...gle.com>, andrii@...nel.org, ast@...nel.org,
 daniel@...earbox.net, song@...nel.org, yonghong.song@...ux.dev,
 john.fastabend@...il.com, kpsingh@...nel.org, haoluo@...gle.com,
 jolsa@...nel.org, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
 pabeni@...hat.com, mykolal@...com, shuah@...nel.org, horms@...nel.org,
 dhowells@...hat.com, linyunsheng@...wei.com, aleksander.lobakin@...el.com,
 joannelkoong@...il.com, laoar.shao@...il.com, kuifeng@...a.com,
 bjorn@...osinc.com, linux-kernel@...r.kernel.org, bpf@...r.kernel.org,
 netdev@...r.kernel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH bpf-next 0/2] bpf: add csum/ip_summed fields to __sk_buff

On 1/2/24 10:11 AM, Stanislav Fomichev wrote:
> On 12/29, Menglong Dong wrote:
>> For now, we have to call some helpers when we need to update the csum,
>> such as bpf_l4_csum_replace, bpf_l3_csum_replace, etc. These helpers are
>> not inlined, which causes poor performance.
>>
>> In fact, we can define our own csum update functions in BPF program
>> instead of bpf_l3_csum_replace, which is totally inlined and efficient.
>> However, we can't do this for bpf_l4_csum_replace for now, as we can't
>> update skb->csum, which can cause skb->csum invalid in the rx path with
>> CHECKSUM_COMPLETE mode.
>>
>> What's more, we can't use the direct data access and have to use
>> skb_store_bytes() with the BPF_F_RECOMPUTE_CSUM flag in some case, such
>> as modifing the vni in the vxlan header and the underlay udp header has
>> no checksum.

There is bpf_csum_update(), does it work?
A helper call should be acceptable comparing with the csum calculation itself.

>>
>> In the first patch, we make skb->csum readable and writable, and we make
>> skb->ip_summed readable. For now, for tc only. With these 2 fields, we
>> don't need to call bpf helpers for csum update any more.
>>
>> In the second patch, we add some testcases for the read/write testing for
>> skb->csum and skb->ip_summed.
>>
>> If this series is acceptable, we can define the inlined functions for csum
>> update in libbpf in the next step.
> 
> One downside of exposing those as __sk_buff fields is that all this
> skb internal csum stuff now becomes a UAPI. And I'm not sure we want

+1. Please no new __sk_buff extension and no new conversion in 
bpf_convert_ctx_access().

> that :-) Should we add a lightweight kfunc to reset the fields instead?
> Or will it still have an unacceptable overhead?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ