lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+hQ2+jp471vBvRna7ugdYyFgEB63a9tgCXZCOjEQkT+tZTM1g@mail.gmail.com>
Date:   Mon, 16 Dec 2019 20:15:12 -0800
From:   Luigi Rizzo <rizzo@....unipi.it>
To:     Jesper Dangaard Brouer <brouer@...hat.com>
Cc:     "Jubran, Samih" <sameehj@...zon.com>,
        "Machulsky, Zorik" <zorik@...zon.com>,
        Daniel Borkmann <borkmann@...earbox.net>,
        David Miller <davem@...emloft.net>,
        "Tzalik, Guy" <gtzalik@...zon.com>,
        Ilias Apalodimas <ilias.apalodimas@...aro.org>,
        Toke Høiland-Jørgensen <toke@...hat.com>,
        "Kiyanovski, Arthur" <akiyano@...zon.com>,
        Alexei Starovoitov <ast@...nel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        David Ahern <dsahern@...il.com>
Subject: Re: XDP multi-buffer design discussion

On Mon, Dec 16, 2019 at 6:07 AM Jesper Dangaard Brouer
<brouer@...hat.com> wrote:
>
>
> See answers inlined below (please get an email client that support
> inline replies... to interact with this community)
>
> On Sun, 15 Dec 2019 13:57:12 +0000
> "Jubran, Samih" <sameehj@...zon.com> wrote:
...
> > * Why should we provide the fragments to the bpf program if the
> > program doesn't access them? If validating the length is what
> > matters, we can provide only the full length info to the user with no
> > issues.
>
> My Proposal#1 (in [base-doc]) is that XDP only get access to the
> first-buffer.  People are welcome to challenge this choice.
>
> There are a several sub-questions and challenges hidden inside this
> choice.
>
> As you hint, the total length... spawns some questions we should answer:
>
>  (1) is it relevant to the BPF program to know this, explain the use-case.
>
>  (2) if so, how does BPF prog access info (without slowdown baseline)

For some use cases, the bpf program could deduct the total length
looking at the L3 header. It won't work for XDP_TX response though.

cheers
luigi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ