lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200521062947.71d9cddd@carbon>
Date:   Thu, 21 May 2020 06:29:47 +0200
From:   Jesper Dangaard Brouer <brouer@...hat.com>
To:     Björn Töpel <bjorn.topel@...el.com>
Cc:     Björn Töpel <bjorn.topel@...il.com>,
        ast@...nel.org, daniel@...earbox.net, davem@...emloft.net,
        kuba@...nel.org, hawk@...nel.org, john.fastabend@...il.com,
        netdev@...r.kernel.org, bpf@...r.kernel.org,
        magnus.karlsson@...el.com, jonathan.lemon@...il.com,
        jeffrey.t.kirsher@...el.com, maximmi@...lanox.com,
        maciej.fijalkowski@...el.com, brouer@...hat.com
Subject: Re: [PATCH bpf-next v4 01/15] xsk: fix xsk_umem_xdp_frame_sz()

On Wed, 20 May 2020 16:34:05 +0200
Björn Töpel <bjorn.topel@...el.com> wrote:

> On 2020-05-20 15:18, Jesper Dangaard Brouer wrote:
> > On Wed, 20 May 2020 11:47:28 +0200
> > Björn Töpel <bjorn.topel@...il.com> wrote:
> >   
> >> From: Björn Töpel <bjorn.topel@...el.com>
> >>
> >> Calculating the "data_hard_end" for an XDP buffer coming from AF_XDP
> >> zero-copy mode, the return value of xsk_umem_xdp_frame_sz() is added
> >> to "data_hard_start".
> >>
> >> Currently, the chunk size of the UMEM is returned by
> >> xsk_umem_xdp_frame_sz(). This is not correct, if the fixed UMEM
> >> headroom is non-zero. Fix this by returning the chunk_size without the
> >> UMEM headroom.
> >>
> >> Fixes: 2a637c5b1aaf ("xdp: For Intel AF_XDP drivers add XDP frame_sz")
> >> Signed-off-by: Björn Töpel <bjorn.topel@...el.com>
> >> ---
> >>   include/net/xdp_sock.h | 2 +-
> >>   1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/include/net/xdp_sock.h b/include/net/xdp_sock.h
> >> index abd72de25fa4..6b1137ce1692 100644
> >> --- a/include/net/xdp_sock.h
> >> +++ b/include/net/xdp_sock.h
> >> @@ -239,7 +239,7 @@ static inline u64 xsk_umem_adjust_offset(struct xdp_umem *umem, u64 address,
> >>   
> >>   static inline u32 xsk_umem_xdp_frame_sz(struct xdp_umem *umem)
> >>   {
> >> -	return umem->chunk_size_nohr + umem->headroom;
> >> +	return umem->chunk_size_nohr;  
> > 
> > Hmm, is this correct?
> > 
> > As you write "xdp_data_hard_end" is calculated as an offset from
> > xdp->data_hard_start pointer based on the frame_sz.  Will your
> > xdp->data_hard_start + frame_sz point to packet end?
> >  
> 
> Yes, I believe this is correct.
> 
> Say that a user uses a chunk size of 2k, and a umem headroom of, say,
> 64. This means that the kernel should (at least) leave 64B which the
> kernel shouldn't touch.
> 
> umem->headroom | XDP_PACKET_HEADROOM | packet |          |
>                 ^                     ^        ^      ^   ^
>                 a                     b        c      d   e
> 
> a: data_hard_start
> b: data
> c: data_end
> d: data_hard_end, (e - 320)
> e: hardlimit of chunk, a + umem->chunk_size_nohr
> 
> Prior this fix the umem->headroom was *included* in frame_sz.

Thanks for the nice ascii art description. I can now see that you are
right.   We should add this kind of documentation, perhaps as a comment
in the code?


> > #define xdp_data_hard_end(xdp)                          \
> >          ((xdp)->data_hard_start + (xdp)->frame_sz -     \
> >           SKB_DATA_ALIGN(sizeof(struct skb_shared_info)))
> > 
> > Note the macro reserves the last 320 bytes (for skb_shared_info), but
> > for AF_XDP zero-copy mode, it will never create an SKB that use this
> > area.   Thus, in principle we can allow XDP-progs to extend/grow tail
> > into this area, but I don't think there is any use-case for this, as
> > it's much easier to access packet-data in userspace application.
> > (Thus, it might not be worth the complexity to give AF_XDP
> > bpf_xdp_adjust_tail access to this area, by e.g. "lying" via adding 320
> > bytes to frame_sz).
> >   
> 
> I agree, and in the picture (well...) above that would be "d". IOW
> data_hard_end is 320 "off" the real end.

Yes, we agree.

-- 
Best regards,
  Jesper Dangaard Brouer
  MSc.CS, Principal Kernel Engineer at Red Hat
  LinkedIn: http://www.linkedin.com/in/brouer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ