| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87wo9i9zkc.fsf@toke.dk>
Date: Thu, 23 Jan 2020 12:34:11 +0100
From: Toke Høiland-Jørgensen <toke@...hat.com>
To: David Ahern <dsahern@...nel.org>, netdev@...r.kernel.org
Cc: prashantbhole.linux@...il.com, jasowang@...hat.com,
davem@...emloft.net, jakub.kicinski@...ronome.com,
jbrouer@...hat.com, mst@...hat.com, toshiaki.makita1@...il.com,
daniel@...earbox.net, john.fastabend@...il.com, ast@...nel.org,
kafai@...com, songliubraving@...com, yhs@...com, andriin@...com,
dsahern@...il.com, David Ahern <dahern@...italocean.com>
Subject: Re: [PATCH bpf-next 02/12] net: Add BPF_XDP_EGRESS as a bpf_attach_type
David Ahern <dsahern@...nel.org> writes:
> From: Prashant Bhole <prashantbhole.linux@...il.com>
>
> Add new bpf_attach_type, BPF_XDP_EGRESS, for BPF programs attached
> at the XDP layer, but the egress path.
>
> Since egress path does not have rx_queue_index and ingress_ifindex set,
> update xdp_is_valid_access to block access to these entries in the xdp
> context when a program is attached to egress path.
Isn't the whole point of this to be able to use unchanged XDP programs?
But now you're introducing a semantic difference. Since supposedly only
point-to-point links are going to be using this attach type, don't they
know enough about their peer device to be able to populate those fields
with meaningful values, instead of restricting access to them?
-Toke
Powered by blists - more mailing lists