| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f285c8c8-2640-8c34-804c-48928adbe0ff@iogearbox.net>
Date: Fri, 5 Mar 2021 23:56:20 +0100
From: Daniel Borkmann <daniel@...earbox.net>
To: Björn Töpel <bjorn.topel@...el.com>,
Björn Töpel <bjorn.topel@...il.com>,
ast@...nel.org, netdev@...r.kernel.org, bpf@...r.kernel.org
Cc: maciej.fijalkowski@...el.com, hawk@...nel.org, toke@...hat.com,
magnus.karlsson@...el.com, john.fastabend@...il.com,
kuba@...nel.org, davem@...emloft.net,
Jesper Dangaard Brouer <brouer@...hat.com>
Subject: Re: [PATCH bpf-next v5 2/2] bpf, xdp: restructure redirect actions
On 3/5/21 6:11 PM, Björn Töpel wrote:
> On 2021-03-05 16:44, Daniel Borkmann wrote:
>> On 2/27/21 1:21 PM, Björn Töpel wrote:
>> [...]
>>> diff --git a/include/linux/filter.h b/include/linux/filter.h
>>> index 008691fd3b58..a7752badc2ec 100644
>>> --- a/include/linux/filter.h
>>> +++ b/include/linux/filter.h
>>> @@ -646,11 +646,20 @@ struct bpf_redirect_info {
>>> u32 flags;
>>> u32 tgt_index;
>>> void *tgt_value;
>>> - struct bpf_map *map;
>>> + u32 map_id;
>>> + u32 tgt_type;
>>> u32 kern_flags;
>>> struct bpf_nh_params nh;
>>> };
>>> +enum xdp_redirect_type {
>>> + XDP_REDIR_UNSET,
>>> + XDP_REDIR_DEV_IFINDEX,
>>
>> [...]
>>
>>> + XDP_REDIR_DEV_MAP,
>>> + XDP_REDIR_CPU_MAP,
>>> + XDP_REDIR_XSK_MAP,
>>
>> Did you eval whether for these maps we can avoid the redundant def above by just
>> passing in map->map_type as ri->tgt_type and inferring the XDP_REDIR_UNSET from
>> invalid map_id of 0 (given the idr will never allocate such)?
>>
>
> I'll take a stab at it!
Sounds good, thanks! If it doesn't simplify or gets worse, we can always stick to
the one here.
>> [...]
>>> @@ -4068,10 +4039,9 @@ BPF_CALL_2(bpf_xdp_redirect, u32, ifindex, u64, flags)
>>> if (unlikely(flags))
>>> return XDP_ABORTED;
>>> - ri->flags = flags;
>>> - ri->tgt_index = ifindex;
>>> - ri->tgt_value = NULL;
>>> - WRITE_ONCE(ri->map, NULL);
>>> + ri->tgt_type = XDP_REDIR_DEV_IFINDEX;
>>> + ri->tgt_index = 0;
>>> + ri->tgt_value = (void *)(long)ifindex;
>>
>> nit: Bit ugly to pass this in /read out this way, maybe union if we cannot use
>> tgt_index?
>>
>
> Dito!
>
>
> Thanks for the input! I'll get back with a v6!
>
>
> Björn
>
>
>>> return XDP_REDIRECT;
>>> }
>>> diff --git a/net/xdp/xskmap.c b/net/xdp/xskmap.c
>>> index 711acb3636b3..2c58d88aa69d 100644
>>> --- a/net/xdp/xskmap.c
>>> +++ b/net/xdp/xskmap.c
>>> @@ -87,7 +87,6 @@ static void xsk_map_free(struct bpf_map *map)
>>> {
>>> struct xsk_map *m = container_of(map, struct xsk_map, map);
>>> - bpf_clear_redirect_map(map);
>>> synchronize_net();
>>> bpf_map_area_free(m);
>>> }
>>> @@ -229,7 +228,8 @@ static int xsk_map_delete_elem(struct bpf_map *map, void *key)
>>> static int xsk_map_redirect(struct bpf_map *map, u32 ifindex, u64 flags)
>>> {
>>> - return __bpf_xdp_redirect_map(map, ifindex, flags, __xsk_map_lookup_elem);
>>> + return __bpf_xdp_redirect_map(map, ifindex, flags, __xsk_map_lookup_elem,
>>> + XDP_REDIR_XSK_MAP);
>>> }
>>> void xsk_map_try_sock_delete(struct xsk_map *map, struct xdp_sock *xs,
>>>
>>
Powered by blists - more mailing lists