lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <0878305d-7393-ea7a-25c4-455a43d3549e@huawei.com>
Date: Wed, 26 Jul 2023 11:52:47 +0800
From: shaozhengchao <shaozhengchao@...wei.com>
To: netdev <netdev@...r.kernel.org>, <bpf@...r.kernel.org>
Subject: [Question]Attach xdp program to bond driver with skb mode

Hi:
	Now, as shown in commit 879af96ffd72("net, core: Add support for
XDP redirection to slave device"), if the master has been attached
program, the slave cannot be attached program. Similarly, if the slave
is already attached program, the master is not allowed to attach the
program. It does work for hw and driver mode. But in skb mode, if the
slave has been attached program, the master also can be attached
program. So I have two questions:
1. should skb mode work the same to hw/drv mode?
2. If other "master" drivers (team?) need to implement XDP feature, is
it more appropriate to place the restriction in dev_xdp_attach? As shown
in the following figure:

@@ -9194,6 +9194,14 @@  static int dev_xdp_attach(struct net_device 
*dev, struct netlink_ext_ack *extack
  		}
  	}

+	/* don't allow if a slave device already has a program */
+	netdev_for_each_lower_dev(dev, lower, iter) {
+		if (dev_xdp_prog_count(lower) > 0) {
+			NL_SET_ERR_MSG(extack, "Cannot attach when a slave device already 
has a program");
+			return -EEXIST;
+		}
+	}
+

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ