lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 25 Mar 2019 17:35:19 -0700
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Stanislav Fomichev <sdf@...ichev.me>
Cc:     Stanislav Fomichev <sdf@...gle.com>, netdev@...r.kernel.org,
        bpf@...r.kernel.org, davem@...emloft.net, ast@...nel.org,
        daniel@...earbox.net, simon.horman@...ronome.com,
        willemb@...gle.com, peterpenkov96@...il.com
Subject: Re: [RFC bpf-next v3 6/8] flow_dissector: handle no-skb use case

On Sat, Mar 23, 2019 at 09:05:31AM -0700, Stanislav Fomichev wrote:
> On 03/22, Alexei Starovoitov wrote:
> > On Fri, Mar 22, 2019 at 06:19:57PM -0700, Stanislav Fomichev wrote:
> > > Are we ok with breaking api in this case? I'm all in on removing this
> > > extra information. We can always put it back if somebody complains (and
> > > manually parse in eth_get_headlen case).
> > 
> > Fine. That seems to be the only way forward to clean it all up.
> > Could you submit patch 1 to bpf tree disallowing vlan fields?
> > Patch 3 looks like candidate as well?
> SGTM, will do. Let me also spend some time and do a simple test for
> the vlan case, to make sure I didn't miss something important.
> One question here though: would I need to wait for bpf and bpf-next
> to re-merge to continues the series? Or we can cherry-pick those
> patches to bpf-next as well (and git will work it out during the
> merge)?
> 
> > > We can still have protocol, because in both skb/skb-less cases we have
> > > it.
> > 
> > proto can work in both cases, but is it needed ? Does program benefit from it?
> > The kernel side burns extra bytes by copying it and extra branches to handle it.
> > May be drop it as well?
> I feel like the program benefits from it, there is no need to go back and
> re-parse that (and in the skb case, this data is already pulled). I was
> also thinking about re-purposing flow_keys->n_proto for that (instead
> of skb->protocol), so it functions as input and output, maybe that's a
> more clear way to do it.

Are you saying that skb-less and skb flow dissector progs are looking
at different positions into the packet ?
In case of with-skb it's already after eth header was pulled?
In such case skb-less should be different program type or
both should point at the same point.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ