lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 20 Sep 2016 22:21:31 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Jesper Dangaard Brouer <brouer@...hat.com>, netdev@...r.kernel.org,
        tariqt@...lanox.com
CC:     tom@...bertland.com, bblanco@...mgrid.com,
        Alexei Starovoitov <alexei.starovoitov@...il.com>,
        Eric Dumazet <eric.dumazet@...il.com>
Subject: Re: [RFC PATCH] xdp: separate struct xdp_prog as container for bpf_prog

On 09/20/2016 09:55 PM, Jesper Dangaard Brouer wrote:
> Currently the XDP program is simply a bpf_prog pointer.  While it
> is good for simplicity, it is limiting extendability for upcoming
> features.
>
> Introducing a new struct xdp_prog, that can carry information
> related to the XDP program.  Notice this approach does not affect
> performance (tested and benchmarked), because the extra dereference
> for the eBPF program only happens once per 64 packets in the poll
> function.
>
> The features that need this is:
>
> * Multi-port TX:
>    Need to know own port index and port lookup table.
>
> * XDP program per RX queue:
>    Need setup info about program type, global or specific, due to
>    replace semantics.
>
> * Capabilities negotiation:
>    Need to store information about features program want to use,
>    in-order to validate this.
>
> I do realize this new struct xdp_prog features cannot go into the
> kernel before one of the three users of the struct is also implemented.

Yep, so this whole wrapper structure which adds yet another mgmt layer
with ref'counting etc is kind of hard to judge whether it's into the
right direction w/o showing a user of this struct. Each BPF prog does
have struct bpf_prog_aux, where we store auxiliary data, so I'd recommend
to try extending this with some private data, which can be for XDP type
etc since we know it's an XDP prog anyway. Or is there a specific reason
that this is impossible to do, resp. limiting?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ