lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 05 May 2022 16:27:31 +0200
From:   Toke Høiland-Jørgensen <toke@...hat.com>
To:     shaozhengchao <shaozhengchao@...wei.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "bpf@...r.kernel.org" <bpf@...r.kernel.org>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "edumazet@...gle.com" <edumazet@...gle.com>,
        "kuba@...nel.org" <kuba@...nel.org>,
        "pabeni@...hat.com" <pabeni@...hat.com>
Cc:     "ast@...nel.org" <ast@...nel.org>,
        "daniel@...earbox.net" <daniel@...earbox.net>,
        "hawk@...nel.org" <hawk@...nel.org>,
        "john.fastabend@...il.com" <john.fastabend@...il.com>,
        "andrii@...nel.org" <andrii@...nel.org>,
        "kafai@...com" <kafai@...com>,
        "songliubraving@...com" <songliubraving@...com>,
        "yhs@...com" <yhs@...com>,
        "kpsingh@...nel.org" <kpsingh@...nel.org>,
        "bigeasy@...utronix.de" <bigeasy@...utronix.de>,
        "imagedong@...cent.com" <imagedong@...cent.com>,
        "petrm@...dia.com" <petrm@...dia.com>,
        "memxor@...il.com" <memxor@...il.com>,
        "arnd@...db.de" <arnd@...db.de>,
        "weiyongjun (A)" <weiyongjun1@...wei.com>,
        yuehaibing <yuehaibing@...wei.com>
Subject: Re: 答复: [PATCH bpf-next] bpf/xdp: Can't detach
 BPF XDP prog if not
 exist

shaozhengchao <shaozhengchao@...wei.com> writes:

> Thank you for your reply. I wiil change sample application firstly.
> But if kernel does nothing and return 0, maybe user will think setup
> is OK, actually It failed. Is this acceptable?

Your patch was about detach; what has that got to do with "setup is OK"?

As for detaching, it's possible to write the application in a way that
it will always get a consistent result. There are basically two cases
when using netlink to detach an XDP program (bpf_link has its own
semantics, so setting that aside here):

1. The application just wants to turn off XDP entirely on the interface
   (e.g., 'ip link set dev XXX xdp off'). In this case you just send a
   RTM_SETLINK message with an IFLA_XDP_FD of -1, and if you don't get
   an error you can be sure that there is now no XDP program attached.
   Whether this was because there was already no program attached, or
   because you just detached it doesn't really matter in this case,
   since you're doing an unspecific detach anyway.

2. You attached a program earlier, and now you want to detach that (and
   only that) program. Or, equivalently, you queried the link and want
   to detach the program you know is attached there. In this case you
   send an RTM_SETLINK message with an IFLA_XDP_FD of -1 and an
   IFLA_XDP_EXPECTED_FD referring to the existing program. In this case
   you will get an error if that specific program is not in fact
   attached, whether because it was detached or swapped out in the
   meantime.

I don't see how case 1. is improved by returning ENOENT if there is no
program attached; if you care about detaching a specific program you'd
use case 2. anyway, and if you just want to check if a program is
attached, you'd do an RTM_GETLINK.

-Toke

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ