lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20210929152421.5232-1-simon.horman@corigine.com>
Date:   Wed, 29 Sep 2021 17:24:21 +0200
From:   Simon Horman <simon.horman@...igine.com>
To:     David Miller <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>
Cc:     netdev@...r.kernel.org, oss-drivers@...igine.com,
        Yu Xiao <yu.xiao@...igine.com>,
        Yinjun Zhang <yinjun.zhang@...igine.com>,
        Niklas Söderlund <niklas.soderlund@...igine.com>,
        Louis Peens <louis.peens@...igine.com>,
        Simon Horman <simon.horman@...igine.com>
Subject: [PATCH net] nfp: bpf: Add an MTU check before offloading BPF

From: Yu Xiao <yu.xiao@...igine.com>

There is a bug during xdpoffloading. When MTU is bigger than the
max MTU of BFP (1888), it can still be added xdpoffloading.

Therefore, add an MTU check to ensure that xdpoffloading cannot be
loaded when MTU is larger than a max MTU of 1888.

Fixes: 6d6770755f05 ("nfp: add support for offload of XDP programs")
Signed-off-by: Yu Xiao <yu.xiao@...igine.com>
Signed-off-by: Yinjun Zhang <yinjun.zhang@...igine.com>
Reviewed-by: Niklas Söderlund <niklas.soderlund@...igine.com>
Reviewed-by: Louis Peens <louis.peens@...igine.com>
Signed-off-by: Simon Horman <simon.horman@...igine.com>
---
 drivers/net/ethernet/netronome/nfp/bpf/main.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/drivers/net/ethernet/netronome/nfp/bpf/main.c b/drivers/net/ethernet/netronome/nfp/bpf/main.c
index 11c83a99b014..105142437fb4 100644
--- a/drivers/net/ethernet/netronome/nfp/bpf/main.c
+++ b/drivers/net/ethernet/netronome/nfp/bpf/main.c
@@ -34,11 +34,25 @@ static bool nfp_net_ebpf_capable(struct nfp_net *nn)
 #endif
 }
 
+static inline unsigned int
+nfp_bpf_get_bpf_max_mtu(struct nfp_net *nn)
+{
+	return nn_readb(nn, NFP_NET_CFG_BPF_INL_MTU) * 64 - 32;
+}
+
 static int
 nfp_bpf_xdp_offload(struct nfp_app *app, struct nfp_net *nn,
 		    struct bpf_prog *prog, struct netlink_ext_ack *extack)
 {
 	bool running, xdp_running;
+	unsigned int max_mtu;
+
+	max_mtu = nfp_bpf_get_bpf_max_mtu(nn);
+	if (nn->dp.mtu > max_mtu) {
+		NL_SET_ERR_MSG_MOD(extack,
+				   "port MTU over max MTU of BPF offloading not supported");
+		return -EINVAL;
+	}
 
 	if (!nfp_net_ebpf_capable(nn))
 		return -EINVAL;
@@ -187,7 +201,7 @@ nfp_bpf_check_mtu(struct nfp_app *app, struct net_device *netdev, int new_mtu)
 	if (~nn->dp.ctrl & NFP_NET_CFG_CTRL_BPF)
 		return 0;
 
-	max_mtu = nn_readb(nn, NFP_NET_CFG_BPF_INL_MTU) * 64 - 32;
+	max_mtu = nfp_bpf_get_bpf_max_mtu(nn);
 	if (new_mtu > max_mtu) {
 		nn_info(nn, "BPF offload active, MTU over %u not supported\n",
 			max_mtu);
-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ