| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 May 2018 13:13:06 +0200
From: Jesper Dangaard Brouer <brouer@...hat.com>
To: David Ahern <dsahern@...il.com>
Cc: netdev@...r.kernel.org, borkmann@...earbox.net, ast@...nel.org,
davem@...emloft.net, shm@...ulusnetworks.com,
roopa@...ulusnetworks.com, toke@...e.dk, john.fastabend@...il.com,
brouer@...hat.com, Tariq Toukan <tariqt@...lanox.com>
Subject: Re: [RFC v2 bpf-next 9/9] samples/bpf: Add examples of ipv4 and
ipv6 forwarding in XDP
On Sun, 29 Apr 2018 11:07:52 -0700 David Ahern <dsahern@...il.com> wrote:
> + /* verify egress index has xdp support */
> + // TO-DO bpf_map_lookup_elem(&tx_port, &key) fails with
> + // cannot pass map_type 14 into func bpf_map_lookup_elem#1:
I just want to point out that I/we are aware of this "usability"
problem with the sample program, but I don't want to block the FIB
helper going upstream, we can fix this problem later.
The problem is that if you load this bpf/xdp prog, then all incoming
traffic (on that interface), will be forward using XDP, regardless
whether the egress ifindex support XDP or not. And if not supported,
then packets are dropped hard (only detectable via tracepoints).
If the bpf prog could tell/know that the egress ifindex doesn't
support XDP xmit, then it could simply return XDP_PASS to fallback to
the normal network stack.
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
Powered by blists - more mailing lists