lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <87d0o0q4t1.fsf@toke.dk> Date: Sat, 09 Feb 2019 17:56:10 +0100 From: Toke Høiland-Jørgensen <toke@...hat.com> To: Saeed Mahameed <saeedm@...lanox.com>, "brouer\@redhat.com" <brouer@...hat.com> Cc: "hawk\@kernel.org" <hawk@...nel.org>, "virtualization\@lists.linux-foundation.org" <virtualization@...ts.linux-foundation.org>, "borkmann\@iogearbox.net" <borkmann@...earbox.net>, Tariq Toukan <tariqt@...lanox.com>, "john.fastabend\@gmail.com" <john.fastabend@...il.com>, "mst\@redhat.com" <mst@...hat.com>, "jakub.kicinski\@netronome.com" <jakub.kicinski@...ronome.com>, "dsahern\@gmail.com" <dsahern@...il.com>, "netdev\@vger.kernel.org" <netdev@...r.kernel.org>, "jasowang\@redhat.com" <jasowang@...hat.com>, "davem\@davemloft.net" <davem@...emloft.net>, "makita.toshiaki\@lab.ntt.co.jp" <makita.toshiaki@....ntt.co.jp> Subject: Re: Resource management for ndo_xdp_xmit (Was: [PATCH net] virtio_net: Account for tx bytes and packets on sending xdp_frames) Saeed Mahameed <saeedm@...lanox.com> writes: > On Fri, 2019-02-08 at 15:17 -0800, Saeed Mahameed wrote: >> On Thu, 2019-02-07 at 19:08 +0000, Saeed Mahameed wrote: >> > >> > So >> > 1) on dev_map_update_elem() we will call >> > dev->dev->ndo_bpf() to notify the device on the intention to >> > start/stop >> > redirect, and wait for it to create/destroy the HW resources >> > before/after actually updating the map >> > >> >> silly me, dev_map_update_elem must be atomic, we can't hook driver >> resource allocation to it, it must come as a separate request >> (syscall) >> from user space to request to create XDP redirect resources. >> > > Well, it is possible to render dev_map_update_elem non-atomic and fail > BPF programs who try to update it in the verifier > check_map_func_compatibility. > > if you know of any case where devmap needs to be updated from the BPF > program please let me know. Well, maybe? My plan for dealing with the non-map redirect variant is essentially to have a hidden map that does just-in-time insertion of ifindexes if they are not already there; and rework XDP_REDIRECT to use that. However, this would essentially be an insert from eBPF; but I guess maybe it could be deferred until the RX-side driver exits its NAPI loop (as we're buffering frames in the map anyway)? -Toke
Powered by blists - more mailing lists