lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200304101853.760034dc@carbon>
Date:   Wed, 4 Mar 2020 10:18:53 +0100
From:   Jesper Dangaard Brouer <brouer@...hat.com>
To:     Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc:     brouer@...hat.com, Jakub Kicinski <kuba@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Luigi Rizzo <lrizzo@...gle.com>,
        Network Development <netdev@...r.kernel.org>,
        Toke Høiland-Jørgensen 
        <toke@...hat.com>, David Miller <davem@...emloft.net>,
        Alexander Duyck <alexander.duyck@...il.com>,
        "Jubran, Samih" <sameehj@...zon.com>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        Alexei Starovoitov <ast@...nel.org>, bpf <bpf@...r.kernel.org>
Subject: Re: [PATCH v4] netdev attribute to control xdpgeneric skb
 linearization

On Tue, 3 Mar 2020 16:10:14 -0500
Willem de Bruijn <willemdebruijn.kernel@...il.com> wrote:

> On Tue, Mar 3, 2020 at 3:50 PM Jakub Kicinski <kuba@...nel.org> wrote:
> >
> > On Tue, 3 Mar 2020 20:46:55 +0100 Daniel Borkmann wrote:  
> > > Thus, when the data/data_end test fails in generic XDP, the user can
> > > call e.g. bpf_xdp_pull_data(xdp, 64) to make sure we pull in as much as
> > > is needed w/o full linearization and once done the data/data_end can be
> > > repeated to proceed. Native XDP will leave xdp->rxq->skb as NULL, but
> > > later we could perhaps reuse the same bpf_xdp_pull_data() helper for
> > > native with skb-less backing. Thoughts?  
> 
> Something akin to pskb_may_pull sounds like a great solution to me.
> 
> Another approach would be a new xdp_action XDP_NEED_LINEARIZED that
> causes the program to be restarted after linearization. But that is both
> more expensive and less elegant.
> 
> Instead of a sysctl or device option, is this an optimization that
> could be taken based on the program? Specifically, would XDP_FLAGS be
> a path to pass a SUPPORT_SG flag along with the program? I'm not
> entirely familiar with the XDP setup code, so this may be a totally
> off. But from a quick read it seems like generic_xdp_install could
> transfer such a flag to struct net_device.
> 
> > I'm curious why we consider a xdpgeneric-only addition. Is attaching
> > a cls_bpf program noticeably slower than xdpgeneric?  
> 
> This just should not be xdp*generic* only, but allow us to use any XDP
> with large MTU sizes and without having to disable GRO.

This is an important point: "should not be xdp*generic* only".

I really want to see this work for XDP-native *first*, and it seems
that with Daniel's idea, it can can also work for XDP-generic.  As Jakub
also hinted, it seems strange that people are trying to implement this
for XDP-generic, as I don't think there is any performance advantage
over cls_bpf.  We really want this to work from XDP-native.


> I'd still like a way to be able to drop or modify packets before GRO,
> or to signal that a type of packet should skip GRO.

That is a use-case, that we should remember to support.

Samih (cc'ed) is working on adding multi-frame support[1] to XDP-native.
Given the huge interest this thread shows, I think I will dedicate
some of my time to help him out on the actual coding.

For my idea to work[1], we first have storage space for the multi-buffer
references, and I propose we use the skb_shared_info area, that is
available anyhow for XDP_PASS that calls build_skb().  Thus, we first
need to standardize across all XDP drivers, how and where this memory
area is referenced/offset.


[1] https://github.com/xdp-project/xdp-project/blob/master/areas/core/xdp-multi-buffer01-design.org
[2] https://github.com/xdp-project/xdp-project/blob/master/areas/core/xdp-multi-buffer01-design.org#storage-space-for-multi-buffer-referencessegments
-- 
Best regards,
  Jesper Dangaard Brouer
  MSc.CS, Principal Kernel Engineer at Red Hat
  LinkedIn: http://www.linkedin.com/in/brouer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ