lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 18 Nov 2020 16:21:37 -0800
From:   Jakub Kicinski <kuba@...nel.org>
To:     Camelia Groza <camelia.groza@....com>
Cc:     brouer@...hat.com, saeed@...nel.org, davem@...emloft.net,
        madalin.bucur@....nxp.com, ioana.ciornei@....com,
        netdev@...r.kernel.org
Subject: Re: [PATCH net-next v2 2/7] dpaa_eth: add basic XDP support

On Mon, 16 Nov 2020 16:42:28 +0200 Camelia Groza wrote:
> +	if (likely(fd_format == qm_fd_contig)) {
> +		xdp_act = dpaa_run_xdp(priv, (struct qm_fd *)fd, vaddr,
> +				       &xdp_meta_len);
> +		if (xdp_act != XDP_PASS) {
> +			percpu_stats->rx_packets++;
> +			percpu_stats->rx_bytes += qm_fd_get_length(fd);
> +			return qman_cb_dqrr_consume;
> +		}
>  		skb = contig_fd_to_skb(priv, fd);
> -	else
> +	} else {
> +		WARN_ONCE(priv->xdp_prog, "S/G frames not supported under XDP\n");
>  		skb = sg_fd_to_skb(priv, fd);

It'd be safer to drop the packet if the format does not allow XDP 
to run. Otherwise someone can bypass whatever policy XDP is trying 
to enforce.

Powered by blists - more mailing lists