[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALx6S37bfMpMhWTSL-WzumGfqywi0oJPnLqj_yEUs61AtyLZKA@mail.gmail.com>
Date: Mon, 31 Oct 2016 13:29:23 -0700
From: Tom Herbert <tom@...bertland.com>
To: "Mintz, Yuval" <Yuval.Mintz@...ium.com>
Cc: netdev <netdev@...r.kernel.org>
Subject: Re: XDP question - how much can BPF change in xdp_buff?
On Mon, Oct 31, 2016 at 11:31 AM, Mintz, Yuval <Yuval.Mintz@...ium.com> wrote:
> So I've [finally] started looking into implementing XDP
> for qede, and there's one thing I feel like I'm missing in
> regard to XDP_TX - what's the guarantee/requirement
> that the bpf program isn't going to transmute some fields
> of the rx packet in a way that would prevent the forwarding?
>
I think there are really two separate questions you're probably
asking. 1) Can XDP modify a packet in such a way that it won't be
forwarded by the driver when XDP_TX is returned, ie. driver would drop
packet 2) Does anything prevent the BPF program from modifying the
packet such that it becomes malformed (bad checksum, mangled headers,
etc.).
I believe the answer to #1 is "no", the XDP interface assumes raw
packets. If program returns XDP_TX then the driver will forward the
raw packet without any further consideration.
The answer to #2 is "no", there is no check that packet produced is
sensible. We assume that the user setting the XDP program knows what
they are doing.
> E.g., can a BPF change the TCP payload of an incoming packet
> without correcting its TCP checksum, and then expect the
> driver to transmit it [via XDP_TX]? If not, how is this enforced [if at all]?
>
It's not enforced. If program doesn't update a checksum then we assume
that forwarded packet is dropped at the receiver.
> [Looked at samples/bpf/xdp2_kern.c which manipulates the
> UDP header; so I'm not certain what prevents it from doing
> the same when checksum modifications would be required]
>
>
>
Powered by blists - more mailing lists