netdev - Re: Co-existing XDP generic and native mode? (Re: [PATCH bpf-next v5 5/8] xdp: Provide extack messages when prog attachment failed)

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <3fd3b387-9a90-fa94-dcdf-5ebe9e82f81a@iogearbox.net>
Date:   Sat, 2 Feb 2019 00:14:19 +0100
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Jakub Kicinski <jakub.kicinski@...ronome.com>
Cc:     Jesper Dangaard Brouer <brouer@...hat.com>, ast@...nel.org,
        David Miller <davem@...emloft.net>,
        Maciej Fijalkowski <maciejromanfijalkowski@...il.com>,
        netdev@...r.kernel.org, john.fastabend@...il.com,
        David Ahern <dsahern@...il.com>,
        Saeed Mahameed <saeedm@...lanox.com>
Subject: Re: Co-existing XDP generic and native mode? (Re: [PATCH bpf-next v5
 5/8] xdp: Provide extack messages when prog attachment failed)

On 02/01/2019 10:44 PM, Jakub Kicinski wrote:
[...]
> diff --git a/net/core/dev.c b/net/core/dev.c
> index 8e276e0192a1..ce4880e5e95d 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -7976,11 +7976,13 @@ int dev_change_xdp_fd(struct net_device *dev, struct netlink_ext_ack *extack,
>         enum bpf_netdev_command query;
>         struct bpf_prog *prog = NULL;
>         bpf_op_t bpf_op, bpf_chk;
> +       bool offload;
>         int err;
>  
>         ASSERT_RTNL();
>  
> -       query = flags & XDP_FLAGS_HW_MODE ? XDP_QUERY_PROG_HW : XDP_QUERY_PROG;
> +       offload = flags & XDP_FLAGS_HW_MODE;
> +       query = offload ? XDP_QUERY_PROG_HW : XDP_QUERY_PROG;
>  
>         bpf_op = bpf_chk = ops->ndo_bpf;
>         if (!bpf_op && (flags & (XDP_FLAGS_DRV_MODE | XDP_FLAGS_HW_MODE)))
> @@ -7991,8 +7993,7 @@ int dev_change_xdp_fd(struct net_device *dev, struct netlink_ext_ack *extack,
>                 bpf_chk = generic_xdp_install;
>  
>         if (fd >= 0) {
> -               if (__dev_xdp_query(dev, bpf_chk, XDP_QUERY_PROG) ||
> -                   __dev_xdp_query(dev, bpf_chk, XDP_QUERY_PROG_HW))
> +               if (!offload && __dev_xdp_query(dev, bpf_chk, XDP_QUERY_PROG))
>                         return -EEXIST;
>                 if ((flags & XDP_FLAGS_UPDATE_IF_NOEXIST) &&
>                     __dev_xdp_query(dev, bpf_op, query))
> @@ -8003,8 +8004,7 @@ int dev_change_xdp_fd(struct net_device *dev, struct netlink_ext_ack *extack,
>                 if (IS_ERR(prog))
>                         return PTR_ERR(prog);
>  
> -               if (!(flags & XDP_FLAGS_HW_MODE) &&
> -                   bpf_prog_is_dev_bound(prog->aux)) {
> +               if (!offload && bpf_prog_is_dev_bound(prog->aux)) {
>                         NL_SET_ERR_MSG(extack, "using device-bound program without HW_MODE flag is not supported");
>                         bpf_prog_put(prog);
>                         return -EINVAL;
> 
> Do you think we shouldn't do it?

Yeah that looks good to me, lets do it. At least this would allow for
prototyping in combination with HW mode till full support of a feature
has landed properly in native mode.

Thanks,
Daniel