| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Nov 2022 14:01:53 -0800
From: Martin KaFai Lau <martin.lau@...ux.dev>
To: Stanislav Fomichev <sdf@...gle.com>
Cc: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
song@...nel.org, yhs@...com, john.fastabend@...il.com,
kpsingh@...nel.org, haoluo@...gle.com, jolsa@...nel.org,
David Ahern <dsahern@...il.com>,
Jakub Kicinski <kuba@...nel.org>,
Willem de Bruijn <willemb@...gle.com>,
Jesper Dangaard Brouer <brouer@...hat.com>,
Anatoly Burakov <anatoly.burakov@...el.com>,
Alexander Lobakin <alexandr.lobakin@...el.com>,
Magnus Karlsson <magnus.karlsson@...il.com>,
Maryam Tahhan <mtahhan@...hat.com>, xdp-hints@...-project.net,
netdev@...r.kernel.org, bpf@...r.kernel.org
Subject: Re: [RFC bpf-next v2 06/14] xdp: Carry over xdp metadata into skb
context
On 11/3/22 8:25 PM, Stanislav Fomichev wrote:
> > diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
> index 59c9fd55699d..dba857f212d7 100644
> --- a/include/linux/skbuff.h
> +++ b/include/linux/skbuff.h
> @@ -4217,9 +4217,13 @@ static inline bool skb_metadata_differs(const struct sk_buff *skb_a,
> true : __skb_metadata_differs(skb_a, skb_b, len_a);
> }
>
> +void skb_metadata_import_from_xdp(struct sk_buff *skb, size_t len);
> +
> static inline void skb_metadata_set(struct sk_buff *skb, u8 meta_len)
> {
> skb_shinfo(skb)->meta_len = meta_len;
> + if (meta_len)
> + skb_metadata_import_from_xdp(skb, meta_len);
> }
>
[ ... ]
> +struct xdp_to_skb_metadata {
> + u32 magic; /* xdp_metadata_magic */
> + u64 rx_timestamp;
> +} __randomize_layout;
> +
> +struct bpf_patch;
> +
[ ... ]
> +void skb_metadata_import_from_xdp(struct sk_buff *skb, size_t len)
> +{
> + struct xdp_to_skb_metadata *meta = (void *)(skb_mac_header(skb) - len);
> +
> + /* Optional SKB info, currently missing:
> + * - HW checksum info (skb->ip_summed)
> + * - HW RX hash (skb_set_hash)
> + * - RX ring dev queue index (skb_record_rx_queue)
> + */
> +
> + if (len != sizeof(struct xdp_to_skb_metadata))
> + return;
> +
> + if (meta->magic != xdp_metadata_magic)
> + return;
> +
> + if (meta->rx_timestamp) {
> + *skb_hwtstamps(skb) = (struct skb_shared_hwtstamps){
> + .hwtstamp = ns_to_ktime(meta->rx_timestamp),
> + };
> + }
> +}
Considering the metadata will affect the gro, should the meta be cleared after
importing to the skb?
[ ... ]
> +/* Since we're not actually doing a call but instead rewriting
> + * in place, we can only afford to use R0-R5 scratch registers.
> + *
> + * We reserve R1 for bpf_xdp_metadata_export_to_skb and let individual
> + * metadata kfuncs use only R0,R4-R5.
> + *
> + * The above also means we _cannot_ easily call any other helper/kfunc
> + * because there is no place for us to preserve our R1 argument;
> + * existing R6-R9 belong to the callee.
> + */
> +void xdp_metadata_export_to_skb(const struct bpf_prog *prog, struct bpf_patch *patch)
> +{
> + u32 func_id;
> +
> + /*
> + * The code below generates the following:
> + *
> + * void bpf_xdp_metadata_export_to_skb(struct xdp_md *ctx)
> + * {
> + * struct xdp_to_skb_metadata *meta;
> + * int ret;
> + *
> + * ret = bpf_xdp_adjust_meta(ctx, -sizeof(*meta));
> + * if (!ret)
> + * return;
> + *
> + * meta = ctx->data_meta;
> + * meta->magic = xdp_metadata_magic;
> + * meta->rx_timestamp = bpf_xdp_metadata_rx_timestamp(ctx);
> + * }
> + *
> + */
> +
> + bpf_patch_append(patch,
> + /* r2 = ((struct xdp_buff *)r1)->data_meta; */
> + BPF_LDX_MEM(BPF_DW, BPF_REG_2, BPF_REG_1,
> + offsetof(struct xdp_buff, data_meta)),
> + /* r3 = ((struct xdp_buff *)r1)->data; */
> + BPF_LDX_MEM(BPF_DW, BPF_REG_3, BPF_REG_1,
> + offsetof(struct xdp_buff, data)),
> + /* if (data_meta != data) return;
> + *
> + * data_meta > data: xdp_data_meta_unsupported()
> + * data_meta < data: already used, no need to touch
> + */
> + BPF_JMP_REG(BPF_JNE, BPF_REG_2, BPF_REG_3, S16_MAX),
> +
> + /* r2 -= sizeof(struct xdp_to_skb_metadata); */
> + BPF_ALU64_IMM(BPF_SUB, BPF_REG_2,
> + sizeof(struct xdp_to_skb_metadata)),
> + /* r3 = ((struct xdp_buff *)r1)->data_hard_start; */
> + BPF_LDX_MEM(BPF_DW, BPF_REG_3, BPF_REG_1,
> + offsetof(struct xdp_buff, data_hard_start)),
> + /* r3 += sizeof(struct xdp_frame) */
> + BPF_ALU64_IMM(BPF_ADD, BPF_REG_3,
> + sizeof(struct xdp_frame)),
> + /* if (data-sizeof(struct xdp_to_skb_metadata) < data_hard_start+sizeof(struct xdp_frame)) return; */
> + BPF_JMP_REG(BPF_JLT, BPF_REG_2, BPF_REG_3, S16_MAX),
> +
> + /* ((struct xdp_buff *)r1)->data_meta = r2; */
> + BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_2,
> + offsetof(struct xdp_buff, data_meta)),
> +
> + /* *((struct xdp_to_skb_metadata *)r2)->magic = xdp_metadata_magic; */
> + BPF_ST_MEM(BPF_W, BPF_REG_2,
> + offsetof(struct xdp_to_skb_metadata, magic),
> + xdp_metadata_magic),
> + );
> +
> + /* r0 = bpf_xdp_metadata_rx_timestamp(ctx); */
> + func_id = xdp_metadata_kfunc_id(XDP_METADATA_KFUNC_RX_TIMESTAMP);
> + prog->aux->xdp_kfunc_ndo->ndo_unroll_kfunc(prog, func_id, patch);
> +
> + bpf_patch_append(patch,
> + /* r2 = ((struct xdp_buff *)r1)->data_meta; */
> + BPF_LDX_MEM(BPF_DW, BPF_REG_2, BPF_REG_1,
> + offsetof(struct xdp_buff, data_meta)),
> + /* *((struct xdp_to_skb_metadata *)r2)->rx_timestamp = r0; */
> + BPF_STX_MEM(BPF_DW, BPF_REG_2, BPF_REG_0,
> + offsetof(struct xdp_to_skb_metadata, rx_timestamp)),
Can the xdp prog still change the metadata through xdp->data_meta? tbh, I am not
sure it is solid enough by asking the xdp prog not to use the same random number
in its own metadata + not to change the metadata through xdp->data_meta after
calling bpf_xdp_metadata_export_to_skb().
Does xdp_to_skb_metadata have a use case for XDP_PASS (like patch 7) or the
xdp_to_skb_metadata can be limited to XDP_REDIRECT only?
> + );
> +
> + bpf_patch_resolve_jmp(patch);
> +}
> +
> static int __init xdp_metadata_init(void)
> {
> + xdp_metadata_magic = get_random_u32() | 1;
> return register_btf_kfunc_id_set(BPF_PROG_TYPE_XDP, &xdp_metadata_kfunc_set);
> }
> late_initcall(xdp_metadata_init);
Powered by blists - more mailing lists