lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190630165042.GB11278@apalos>
Date:   Sun, 30 Jun 2019 19:50:42 +0300
From:   Ilias Apalodimas <ilias.apalodimas@...aro.org>
To:     Ivan Khoronzhuk <ivan.khoronzhuk@...aro.org>
Cc:     netdev@...r.kernel.org, jaswinder.singh@...aro.org,
        ard.biesheuvel@...aro.org, bjorn.topel@...el.com,
        magnus.karlsson@...el.com, brouer@...hat.com, daniel@...earbox.net,
        ast@...nel.org, makita.toshiaki@....ntt.co.jp,
        jakub.kicinski@...ronome.com, john.fastabend@...il.com,
        davem@...emloft.net, maciejromanfijalkowski@...il.com
Subject: Re: [net-next, PATCH 3/3, v2] net: netsec: add XDP support

On Sun, Jun 30, 2019 at 07:45:13PM +0300, Ivan Khoronzhuk wrote:
> On Sun, Jun 30, 2019 at 07:34:17PM +0300, Ilias Apalodimas wrote:
> >Hi Ivan,
> >>
> >>[...]
> >>
> >>>+
> >>>+static int netsec_xdp(struct net_device *ndev, struct netdev_bpf *xdp)
> >>>+{
> >>>+	struct netsec_priv *priv = netdev_priv(ndev);
> >>>+
> >>>+	switch (xdp->command) {
> >>>+	case XDP_SETUP_PROG:
> >>>+		return netsec_xdp_setup(priv, xdp->prog, xdp->extack);
> >>>+	case XDP_QUERY_PROG:
> >>>+		xdp->prog_id = priv->xdp_prog ? priv->xdp_prog->aux->id : 0;
> >>xdp_attachment family to save bpf flags?
> >Sure why not. This can always be added later though since many drivers are
> >already doing it similarly no?
> yes.
> I can work w/o this ofc.
> But netronome and cpsw (me) added this.
Ok let's start using that

> What I've seen it allows to prevent prog update if flag doesn't allow it.
> Usually it doesn't allow, but can be forced with flag. In another case it can
> be updated any time w/o reason...and seems like in your case it's sensitive.
I intend to send a follow up patch anyway to remove the declaration on the top
of the file of netsec_set_tx_de(). I intentionally choose to add that to make
the review easier (since re-arranging would mess that up).

I'll just this optimization as well on the follow up patch since it doesn't
break anything

Thanks
/Ilias

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ