| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <602d631877e40_aed9208bc@john-XPS-13-9370.notmuch>
Date: Wed, 17 Feb 2021 10:40:24 -0800
From: John Fastabend <john.fastabend@...il.com>
To: Cong Wang <xiyou.wangcong@...il.com>, netdev@...r.kernel.org
Cc: bpf@...r.kernel.org, duanxiongchun@...edance.com,
wangdongdong.6@...edance.com, jiang.wang@...edance.com,
Cong Wang <cong.wang@...edance.com>,
John Fastabend <john.fastabend@...il.com>,
Daniel Borkmann <daniel@...earbox.net>,
Jakub Sitnicki <jakub@...udflare.com>,
Lorenz Bauer <lmb@...udflare.com>
Subject: RE: [Patch bpf-next v4 4/5] skmsg: move sk_redir from TCP_SKB_CB to
skb
Cong Wang wrote:
> From: Cong Wang <cong.wang@...edance.com>
>
> Currently TCP_SKB_CB() is hard-coded in skmsg code, it certainly
> does not work for any other non-TCP protocols. We can move them to
> skb ext, but it introduces a memory allocation on fast path.
>
> Fortunately, we only need to a word-size to store all the information,
> because the flags actually only contains 1 bit so can be just packed
> into the lowest bit of the "pointer", which is stored as unsigned
> long.
>
> Inside struct sk_buff, '_skb_refdst' can be reused because skb dst is
> no longer needed after ->sk_data_ready() so we can just drop it.
>
> Cc: John Fastabend <john.fastabend@...il.com>
> Cc: Daniel Borkmann <daniel@...earbox.net>
> Cc: Jakub Sitnicki <jakub@...udflare.com>
> Cc: Lorenz Bauer <lmb@...udflare.com>
> Signed-off-by: Cong Wang <cong.wang@...edance.com>
> ---
Great, its likely we have more space in sk_buff we can use if needed
as well. queue_mapping, skb_iif, vlan*, fields come to mind. Couple
comments inline, but looks good to me.
Acked-by: John Fastabend <john.fastabend@...il.com>
[...]
> --- a/net/core/skmsg.c
> +++ b/net/core/skmsg.c
> @@ -494,6 +494,8 @@ static int sk_psock_skb_ingress_self(struct sk_psock *psock, struct sk_buff *skb
> static int sk_psock_handle_skb(struct sk_psock *psock, struct sk_buff *skb,
> u32 off, u32 len, bool ingress)
> {
> + skb_bpf_redirect_clear(skb);
> +
> if (!ingress) {
> if (!sock_writeable(psock->sk))
> return -EAGAIN;
> @@ -525,7 +527,7 @@ static void sk_psock_backlog(struct work_struct *work)
> len = skb->len;
> off = 0;
> start:
> - ingress = tcp_skb_bpf_ingress(skb);
> + ingress = skb_bpf_ingress(skb);
> do {
> ret = -EIO;
> if (likely(psock->sk->sk_socket))
> @@ -631,7 +633,12 @@ void __sk_psock_purge_ingress_msg(struct sk_psock *psock)
>
> static void sk_psock_zap_ingress(struct sk_psock *psock)
> {
> - __skb_queue_purge(&psock->ingress_skb);
> + struct sk_buff *skb;
> +
> + while ((skb = __skb_dequeue(&psock->ingress_skb)) != NULL) {
> + skb_bpf_redirect_clear(skb);
> + kfree_skb(skb);
> + }
> __sk_psock_purge_ingress_msg(psock);
> }
>
> @@ -752,7 +759,7 @@ static void sk_psock_skb_redirect(struct sk_buff *skb)
> struct sk_psock *psock_other;
> struct sock *sk_other;
>
> - sk_other = tcp_skb_bpf_redirect_fetch(skb);
> + sk_other = skb_bpf_redirect_fetch(skb);
> /* This error is a buggy BPF program, it returned a redirect
> * return code, but then didn't set a redirect interface.
> */
> @@ -802,9 +809,10 @@ int sk_psock_tls_strp_read(struct sk_psock *psock, struct sk_buff *skb)
> * TLS context.
> */
> skb->sk = psock->sk;
> - tcp_skb_bpf_redirect_clear(skb);
> + skb_dst_drop(skb);
> + skb_bpf_redirect_clear(skb);
Do we really need the skb_dst_drop() I thought we would have already dropped this here
but I've not had time to check yet.
> ret = sk_psock_bpf_run(psock, prog, skb);
> - ret = sk_psock_map_verd(ret, tcp_skb_bpf_redirect_fetch(skb));
> + ret = sk_psock_map_verd(ret, skb_bpf_redirect_fetch(skb));
> skb->sk = NULL;
> }
> sk_psock_tls_verdict_apply(skb, psock->sk, ret);
> @@ -816,7 +824,6 @@ EXPORT_SYMBOL_GPL(sk_psock_tls_strp_read);
> static void sk_psock_verdict_apply(struct sk_psock *psock,
> struct sk_buff *skb, int verdict)
> {
> - struct tcp_skb_cb *tcp;
> struct sock *sk_other;
> int err = -EIO;
>
> @@ -828,8 +835,7 @@ static void sk_psock_verdict_apply(struct sk_psock *psock,
> goto out_free;
> }
>
> - tcp = TCP_SKB_CB(skb);
> - tcp->bpf.flags |= BPF_F_INGRESS;
> + skb_bpf_set_ingress(skb);
>
> /* If the queue is empty then we can submit directly
> * into the msg queue. If its not empty we have to
> @@ -890,9 +896,10 @@ static void sk_psock_strp_read(struct strparser *strp, struct sk_buff *skb)
> skb_set_owner_r(skb, sk);
> prog = READ_ONCE(psock->progs.skb_verdict);
> if (likely(prog)) {
> - tcp_skb_bpf_redirect_clear(skb);
> + skb_dst_drop(skb);
Same here.
> + skb_bpf_redirect_clear(skb);
> ret = sk_psock_bpf_run(psock, prog, skb);
> - ret = sk_psock_map_verd(ret, tcp_skb_bpf_redirect_fetch(skb));
> + ret = sk_psock_map_verd(ret, skb_bpf_redirect_fetch(skb));
> }
> sk_psock_verdict_apply(psock, skb, ret);
> out:
> @@ -1005,9 +1012,10 @@ static int sk_psock_verdict_recv(read_descriptor_t *desc, struct sk_buff *skb,
> skb_set_owner_r(skb, sk);
> prog = READ_ONCE(psock->progs.skb_verdict);
> if (likely(prog)) {
> - tcp_skb_bpf_redirect_clear(skb);
> + skb_dst_drop(skb);
And here.
> + skb_bpf_redirect_clear(skb);
> ret = sk_psock_bpf_run(psock, prog, skb);
> - ret = sk_psock_map_verd(ret, tcp_skb_bpf_redirect_fetch(skb));
> + ret = sk_psock_map_verd(ret, skb_bpf_redirect_fetch(skb));
> }
> sk_psock_verdict_apply(psock, skb, ret);
Thanks for doing this.
Powered by blists - more mailing lists