lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200320103530.2853c573@kicinski-fedora-PC1C0HJN>
Date:   Fri, 20 Mar 2020 10:35:30 -0700
From:   Jakub Kicinski <kuba@...nel.org>
To:     Toke Høiland-Jørgensen <toke@...hat.com>
Cc:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>,
        "David S. Miller" <davem@...emloft.net>,
        Jesper Dangaard Brouer <brouer@...hat.com>,
        John Fastabend <john.fastabend@...il.com>,
        Lorenz Bauer <lmb@...udflare.com>,
        Andrey Ignatov <rdna@...com>, netdev@...r.kernel.org,
        bpf@...r.kernel.org
Subject: Re: [PATCH bpf-next 1/4] xdp: Support specifying expected existing
 program when attaching XDP

On Fri, 20 Mar 2020 09:48:10 +0100 Toke Høiland-Jørgensen wrote:
> Jakub Kicinski <kuba@...nel.org> writes:
> > On Thu, 19 Mar 2020 14:13:13 +0100 Toke Høiland-Jørgensen wrote:  
> >> From: Toke Høiland-Jørgensen <toke@...hat.com>
> >> 
> >> While it is currently possible for userspace to specify that an existing
> >> XDP program should not be replaced when attaching to an interface, there is
> >> no mechanism to safely replace a specific XDP program with another.
> >> 
> >> This patch adds a new netlink attribute, IFLA_XDP_EXPECTED_FD, which can be
> >> set along with IFLA_XDP_FD. If set, the kernel will check that the program
> >> currently loaded on the interface matches the expected one, and fail the
> >> operation if it does not. This corresponds to a 'cmpxchg' memory operation.
> >> 
> >> A new companion flag, XDP_FLAGS_EXPECT_FD, is also added to explicitly
> >> request checking of the EXPECTED_FD attribute. This is needed for userspace
> >> to discover whether the kernel supports the new attribute.
> >> 
> >> Signed-off-by: Toke Høiland-Jørgensen <toke@...hat.com>  
> >
> > I didn't know we wanted to go ahead with this...  
> 
> Well, I'm aware of the bpf_link discussion, obviously. Not sure what's
> happening with that, though. So since this is a straight-forward
> extension of the existing API, that doesn't carry a high implementation
> cost, I figured I'd just go ahead with this. Doesn't mean we can't have
> something similar in bpf_link as well, of course.

I'm not really in the loop, but from what I overheard - I think the
bpf_link may be targeting something non-networking first.

> > If we do please run this thru checkpatch, set .strict_start_type,  
> 
> Will do.
> 
> > and make the expected fd unsigned. A negative expected fd makes no
> > sense.  
> 
> A negative expected_fd corresponds to setting the UPDATE_IF_NOEXIST
> flag. I guess you could argue that since we have that flag, setting a
> negative expected_fd is not strictly needed. However, I thought it was
> weird to have a "this is what I expect" API that did not support
> expressing "I expect no program to be attached".

I see it now, not entirely unreasonable.

Why did you choose to use the FD rather than passing prog id directly?
Is the application unlikely to have program ID?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ