| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Mar 2020 10:18:53 +0100
From: Jesper Dangaard Brouer <brouer@...hat.com>
To: Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc: brouer@...hat.com, Jakub Kicinski <kuba@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Luigi Rizzo <lrizzo@...gle.com>,
Network Development <netdev@...r.kernel.org>,
Toke Høiland-Jørgensen
<toke@...hat.com>, David Miller <davem@...emloft.net>,
Alexander Duyck <alexander.duyck@...il.com>,
"Jubran, Samih" <sameehj@...zon.com>,
linux-kernel <linux-kernel@...r.kernel.org>,
Alexei Starovoitov <ast@...nel.org>, bpf <bpf@...r.kernel.org>
Subject: Re: [PATCH v4] netdev attribute to control xdpgeneric skb
linearization
On Tue, 3 Mar 2020 16:10:14 -0500
Willem de Bruijn <willemdebruijn.kernel@...il.com> wrote:
> On Tue, Mar 3, 2020 at 3:50 PM Jakub Kicinski <kuba@...nel.org> wrote:
> >
> > On Tue, 3 Mar 2020 20:46:55 +0100 Daniel Borkmann wrote:
> > > Thus, when the data/data_end test fails in generic XDP, the user can
> > > call e.g. bpf_xdp_pull_data(xdp, 64) to make sure we pull in as much as
> > > is needed w/o full linearization and once done the data/data_end can be
> > > repeated to proceed. Native XDP will leave xdp->rxq->skb as NULL, but
> > > later we could perhaps reuse the same bpf_xdp_pull_data() helper for
> > > native with skb-less backing. Thoughts?
>
> Something akin to pskb_may_pull sounds like a great solution to me.
>
> Another approach would be a new xdp_action XDP_NEED_LINEARIZED that
> causes the program to be restarted after linearization. But that is both
> more expensive and less elegant.
>
> Instead of a sysctl or device option, is this an optimization that
> could be taken based on the program? Specifically, would XDP_FLAGS be
> a path to pass a SUPPORT_SG flag along with the program? I'm not
> entirely familiar with the XDP setup code, so this may be a totally
> off. But from a quick read it seems like generic_xdp_install could
> transfer such a flag to struct net_device.
>
> > I'm curious why we consider a xdpgeneric-only addition. Is attaching
> > a cls_bpf program noticeably slower than xdpgeneric?
>
> This just should not be xdp*generic* only, but allow us to use any XDP
> with large MTU sizes and without having to disable GRO.
This is an important point: "should not be xdp*generic* only".
I really want to see this work for XDP-native *first*, and it seems
that with Daniel's idea, it can can also work for XDP-generic. As Jakub
also hinted, it seems strange that people are trying to implement this
for XDP-generic, as I don't think there is any performance advantage
over cls_bpf. We really want this to work from XDP-native.
> I'd still like a way to be able to drop or modify packets before GRO,
> or to signal that a type of packet should skip GRO.
That is a use-case, that we should remember to support.
Samih (cc'ed) is working on adding multi-frame support[1] to XDP-native.
Given the huge interest this thread shows, I think I will dedicate
some of my time to help him out on the actual coding.
For my idea to work[1], we first have storage space for the multi-buffer
references, and I propose we use the skb_shared_info area, that is
available anyhow for XDP_PASS that calls build_skb(). Thus, we first
need to standardize across all XDP drivers, how and where this memory
area is referenced/offset.
[1] https://github.com/xdp-project/xdp-project/blob/master/areas/core/xdp-multi-buffer01-design.org
[2] https://github.com/xdp-project/xdp-project/blob/master/areas/core/xdp-multi-buffer01-design.org#storage-space-for-multi-buffer-referencessegments
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
Powered by blists - more mailing lists