netdev - Re: [PATCH bpf-next v3] libbpf: use implicit XSKMAP lookup from AF

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <CAADnVQJpBT63ySCMZUWUokORP2C8DiTKTtwf6Mawq3UsCFS5EQ@mail.gmail.com>
Date:   Wed, 23 Oct 2019 10:05:50 -0700
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Toke Høiland-Jørgensen <toke@...hat.com>
Cc:     Björn Töpel <bjorn.topel@...il.com>,
        Network Development <netdev@...r.kernel.org>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Björn Töpel <bjorn.topel@...el.com>,
        bpf <bpf@...r.kernel.org>,
        Magnus Karlsson <magnus.karlsson@...il.com>,
        "Karlsson, Magnus" <magnus.karlsson@...el.com>,
        Sridhar Samudrala <sridhar.samudrala@...el.com>
Subject: Re: [PATCH bpf-next v3] libbpf: use implicit XSKMAP lookup from
 AF_XDP XDP program

On Tue, Oct 22, 2019 at 12:35 AM Toke Høiland-Jørgensen <toke@...hat.com> wrote:
>
> Björn Töpel <bjorn.topel@...il.com> writes:
>
> > From: Björn Töpel <bjorn.topel@...el.com>
> >
> > In commit 43e74c0267a3 ("bpf_xdp_redirect_map: Perform map lookup in
> > eBPF helper") the bpf_redirect_map() helper learned to do map lookup,
> > which means that the explicit lookup in the XDP program for AF_XDP is
> > not needed for post-5.3 kernels.
> >
> > This commit adds the implicit map lookup with default action, which
> > improves the performance for the "rx_drop" [1] scenario with ~4%.
> >
> > For pre-5.3 kernels, the bpf_redirect_map() returns XDP_ABORTED, and a
> > fallback path for backward compatibility is entered, where explicit
> > lookup is still performed. This means a slight regression for older
> > kernels (an additional bpf_redirect_map() call), but I consider that a
> > fair punishment for users not upgrading their kernels. ;-)
> >
> > v1->v2: Backward compatibility (Toke) [2]
> > v2->v3: Avoid masking/zero-extension by using JMP32 [3]
> >
> > [1] # xdpsock -i eth0 -z -r
> > [2] https://lore.kernel.org/bpf/87pnirb3dc.fsf@toke.dk/
> > [3] https://lore.kernel.org/bpf/87v9sip0i8.fsf@toke.dk/
> >
> > Suggested-by: Toke Høiland-Jørgensen <toke@...hat.com>
> > Signed-off-by: Björn Töpel <bjorn.topel@...el.com>
>
> Acked-by: Toke Høiland-Jørgensen <toke@...hat.com>

Applied. Thanks