| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210327022729.cgizt5xnhkerbrmy@ast-mbp>
Date: Fri, 26 Mar 2021 19:27:29 -0700
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
To: Ciara Loftus <ciara.loftus@...el.com>
Cc: netdev@...r.kernel.org, bpf@...r.kernel.org,
magnus.karlsson@...el.com, bjorn@...nel.org,
magnus.karlsson@...il.com
Subject: Re: [PATCH v2 bpf 3/3] libbpf: ignore return values of setsockopt
for XDP rings.
On Fri, Mar 26, 2021 at 02:29:46PM +0000, Ciara Loftus wrote:
> During xsk_socket__create the XDP_RX_RING and XDP_TX_RING setsockopts
> are called to create the rx and tx rings for the AF_XDP socket. If the ring
> has already been set up, the setsockopt will return an error. However,
> in the event of a failure during xsk_socket__create(_shared) after the
> rings have been set up, the user may wish to retry the socket creation
> using these pre-existing rings. In this case we can ignore the error
> returned by the setsockopts. If there is a true error, the subsequent
> call to mmap() will catch it.
>
> Fixes: 1cad07884239 ("libbpf: add support for using AF_XDP sockets")
>
> Acked-by: Magnus Karlsson <magnus.karlsson@...el.com>
> Signed-off-by: Ciara Loftus <ciara.loftus@...el.com>
> ---
> tools/lib/bpf/xsk.c | 34 ++++++++++++++++------------------
> 1 file changed, 16 insertions(+), 18 deletions(-)
>
> diff --git a/tools/lib/bpf/xsk.c b/tools/lib/bpf/xsk.c
> index d4991ddff05a..cfc4abf505c3 100644
> --- a/tools/lib/bpf/xsk.c
> +++ b/tools/lib/bpf/xsk.c
> @@ -900,24 +900,22 @@ int xsk_socket__create_shared(struct xsk_socket **xsk_ptr,
> }
> xsk->ctx = ctx;
>
> - if (rx) {
> - err = setsockopt(xsk->fd, SOL_XDP, XDP_RX_RING,
> - &xsk->config.rx_size,
> - sizeof(xsk->config.rx_size));
> - if (err) {
> - err = -errno;
> - goto out_put_ctx;
> - }
> - }
> - if (tx) {
> - err = setsockopt(xsk->fd, SOL_XDP, XDP_TX_RING,
> - &xsk->config.tx_size,
> - sizeof(xsk->config.tx_size));
> - if (err) {
> - err = -errno;
> - goto out_put_ctx;
> - }
> - }
> + /* The return values of these setsockopt calls are intentionally not checked.
> + * If the ring has already been set up setsockopt will return an error. However,
> + * this scenario is acceptable as the user may be retrying the socket creation
> + * with rings which were set up in a previous but ultimately unsuccessful call
> + * to xsk_socket__create(_shared). The call later to mmap() will fail if there
> + * is a real issue and we handle that return value appropriately there.
> + */
> + if (rx)
> + setsockopt(xsk->fd, SOL_XDP, XDP_RX_RING,
> + &xsk->config.rx_size,
> + sizeof(xsk->config.rx_size));
> +
> + if (tx)
> + setsockopt(xsk->fd, SOL_XDP, XDP_TX_RING,
> + &xsk->config.tx_size,
> + sizeof(xsk->config.tx_size));
Instead of ignoring the error can you remember that setsockopt was done
in struct xsk_socket and don't do it the second time?
Powered by blists - more mailing lists