lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 May 2021 11:32:13 +0200 From: Maciej Fijalkowski <maciej.fijalkowski@...el.com> To: Toke Høiland-Jørgensen <toke@...hat.com> Cc: Xuan Zhuo <xuanzhuo@...ux.alibaba.com>, Björn Töpel <bjorn@...nel.org>, Magnus Karlsson <magnus.karlsson@...el.com>, Jonathan Lemon <jonathan.lemon@...il.com>, "David S. Miller" <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Jesper Dangaard Brouer <hawk@...nel.org>, John Fastabend <john.fastabend@...il.com>, Andrii Nakryiko <andrii@...nel.org>, Martin KaFai Lau <kafai@...com>, Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>, KP Singh <kpsingh@...nel.org>, Willem de Bruijn <willemb@...gle.com>, Xie He <xie.he.0141@...il.com>, Eric Dumazet <edumazet@...gle.com>, John Ogness <john.ogness@...utronix.de>, Wang Hai <wanghai38@...wei.com>, Tanner Love <tannerlove@...gle.com>, Eyal Birger <eyal.birger@...il.com>, Menglong Dong <dong.menglong@....com.cn>, netdev@...r.kernel.org, bpf@...r.kernel.org Subject: Re: [PATCH bpf-next] xsk: support AF_PACKET On Fri, May 28, 2021 at 11:25:56AM +0200, Toke Høiland-Jørgensen wrote: > Xuan Zhuo <xuanzhuo@...ux.alibaba.com> writes: > > > On Fri, 28 May 2021 10:55:58 +0200, Toke Høiland-Jørgensen <toke@...hat.com> wrote: > >> Xuan Zhuo <xuanzhuo@...ux.alibaba.com> writes: > >> > >> > In xsk mode, users cannot use AF_PACKET(tcpdump) to observe the current > >> > rx/tx data packets. This feature is very important in many cases. So > >> > this patch allows AF_PACKET to obtain xsk packages. > >> > >> You can use xdpdump to dump the packets from the XDP program before it > >> gets redirected into the XSK: > >> https://github.com/xdp-project/xdp-tools/tree/master/xdp-dump > > > > Wow, this is a good idea. > > > >> > >> Doens't currently work on egress, but if/when we get a proper TX hook > >> that should be doable as well. > >> > >> Wiring up XSK to AF_PACKET sounds a bit nonsensical: XSK is already a > >> transport to userspace, why would you need a second one? > > > > I have some different ideas. In my opinion, just like AF_PACKET can monitor > > tcp/udp packets, AF_PACKET monitors xsk packets is the same. > > But you're adding code in the fast path to do this, in a code path where > others have been working quite hard to squeeze out every drop of > performance (literally chasing single nanoseconds). So I'm sorry, but > this approach is just not going to fly. +1. Probably would be better for everyone if Xuan started a thread on list what is his need. > > What is your use case anyway? Yes, being able to run tcpdump and see the > packets is nice and convenient, but what do you actually want to use > this for? Just for debugging your application? System monitoring? > Something else? > > -Toke >
Powered by blists - more mailing lists