lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 1 Mar 2019 08:28:49 -0800
From:   Jakub Kicinski <jakub.kicinski@...ronome.com>
To:     Maciej Fijalkowski <maciejromanfijalkowski@...il.com>
Cc:     Stephen Hemminger <stephen@...workplumber.org>,
        netdev@...r.kernel.org
Subject: Re: [RFC v2 3/6] i40e: use extack for bpf errors

On Fri, 1 Mar 2019 12:31:08 +0100, Maciej Fijalkowski wrote:
> On Thu, 28 Feb 2019 19:06:45 -0800
> Jakub Kicinski <jakub.kicinski@...ronome.com> wrote:
> 
> > On Thu, 28 Feb 2019 13:54:38 -0800, Stephen Hemminger wrote:  
> > > @@ -12140,12 +12144,14 @@ static int i40e_xdp(struct net_device *dev,
> > >  	struct i40e_netdev_priv *np = netdev_priv(dev);
> > >  	struct i40e_vsi *vsi = np->vsi;
> > >  
> > > -	if (vsi->type != I40E_VSI_MAIN)
> > > +	if (vsi->type != I40E_VSI_MAIN) {
> > > +		NL_SET_ERR_MSG_MOD(xdp->extack, "XDP not allowed on VF");    
> > 
> > Is that right?  Intel tends to have separate drivers for VFs, I think
> > the i40evf got renamed to iavf.
> >  
> Good catch, this sanity check is to make sure that XDP is being enabled on main
> VSI of PF, not for example the VSI dedicated for Flow Director management
> (I40E_VSI_FDIR). Besides that, vsi->type != I40E_VSI_MAIN doesn't yield the
> I40E_VSI_SRIOV type.
> 
> So it would be better to have an error message like "XDP is not allowed on VSIs
> other than main VSI".
> 
> Thoughts?

Do the other VSI types have netdevs?  If they do this may be hard to
understand (unless Intel's manuals refer to VSI and users know what
that is).

If there is no netdev on other VSIs perhaps this "should never happen"
and we can convert it to a WARN_ON()?

> > I think it would be a good idea to CC maintainers on the driver patches.
> >   
> > >  		return -EINVAL;
> > > +	}
> > >      
> >   
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ