| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 23 Jun 2019 08:28:44 -0600
From: David Ahern <dsahern@...il.com>
To: sameehj@...zon.com, davem@...emloft.net, netdev@...r.kernel.org
Cc: dwmw@...zon.com, zorik@...zon.com, matua@...zon.com,
saeedb@...zon.com, msw@...zon.com, aliguori@...zon.com,
nafea@...zon.com, gtzalik@...zon.com, netanel@...zon.com,
alisaidi@...zon.com, benh@...zon.com, akiyano@...zon.com
Subject: Re: [RFC V1 net-next 1/1] net: ena: implement XDP drop support
On 6/23/19 1:06 AM, sameehj@...zon.com wrote:
> +static int ena_xdp_set(struct net_device *netdev, struct bpf_prog *prog)
> +{
> + struct ena_adapter *adapter = netdev_priv(netdev);
> + struct bpf_prog *old_bpf_prog;
> + int i;
> +
> + if (ena_xdp_allowed(adapter)) {
> + old_bpf_prog = xchg(&adapter->xdp_bpf_prog, prog);
> +
> + for (i = 0; i < adapter->num_queues; i++)
> + xchg(&adapter->rx_ring[i].xdp_bpf_prog, prog);
> +
> + if (old_bpf_prog)
> + bpf_prog_put(old_bpf_prog);
> +
> + } else {
> + netif_err(adapter, drv, adapter->netdev, "Failed to set xdp program, the current MTU (%d) is larger than the maximal allowed MTU (%lu) while xdp is on",
> + netdev->mtu, ENA_XDP_MAX_MTU);
> + return -EFAULT;
unfortunate that extack has not been plumbed to ndo_bpf handler so that
message is passed to the user.
And EFAULT seems like the wrong return code.
> + }
> +
> + return 0;
> +}
> +
> +/* This is the main xdp callback, it's used by the kernel to set/unset the xdp
> + * program as well as to query the current xdp program id.
> + */
> +static int ena_xdp(struct net_device *netdev, struct netdev_bpf *bpf)
> +{
> + struct ena_adapter *adapter = netdev_priv(netdev);
> +
> + switch (bpf->command) {
> + case XDP_SETUP_PROG:
> + return ena_xdp_set(netdev, bpf->prog);
> + case XDP_QUERY_PROG:
> + bpf->prog_id = adapter->xdp_bpf_prog ?
> + adapter->xdp_bpf_prog->aux->id : 0;
> + break;
> + default:
> + return -EINVAL;
> + }
> + return 0;
> +}
> +
> static int ena_change_mtu(struct net_device *dev, int new_mtu)
> {
> struct ena_adapter *adapter = netdev_priv(dev);
> int ret;
>
> + if (new_mtu > ENA_XDP_MAX_MTU && ena_xdp_present(adapter)) {
> + netif_err(adapter, drv, dev,
> + "Requested MTU value is not valid while xdp is enabled new_mtu: %d max mtu: %lu min mtu: %d\n",
> + new_mtu, ENA_XDP_MAX_MTU, ENA_MIN_MTU);
> + return -EINVAL;
> + }
If you manage dev->max_mtu as an XDP program is installed / removed this
check is not needed. Instead it is handled by the core change_mtu logic
and has better user semanitcs: link list shows the new MTU and trying to
change it above the new max a message is sent to the user as opposed to
kernel log.
> ret = ena_com_set_dev_mtu(adapter->ena_dev, new_mtu);
> if (!ret) {
> netif_dbg(adapter, drv, dev, "set MTU to %d\n", new_mtu);
Powered by blists - more mailing lists