[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231026183509.471af050@kernel.org>
Date: Thu, 26 Oct 2023 18:35:09 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Vadim Fedorenko <vadim.fedorenko@...ux.dev>
Cc: Vadim Fedorenko <vadfed@...a.com>, Martin KaFai Lau
<martin.lau@...ux.dev>, Andrii Nakryiko <andrii@...nel.org>, Alexei
Starovoitov <ast@...nel.org>, Mykola Lysenko <mykolal@...com>,
bpf@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [PATCH bpf-next 1/2] bpf: add skcipher API support to TC/XDP
programs
On Fri, 27 Oct 2023 00:29:29 +0100 Vadim Fedorenko wrote:
> > Does anything prevent them from being used simultaneously
> > by difference CPUs?
>
> The algorithm configuration and the key can be used by different CPUs
> simultaneously
Makes sense, got confused ctx vs req. You allocate req on the fly.
> >> + case BPF_DYNPTR_TYPE_SKB:
> >> + return skb_pointer_if_linear(ptr->data, ptr->offset, __bpf_dynptr_size(ptr));
> >
> > dynptr takes care of checking if skb can be written to?
>
> dynptr is used to take care of size checking, but this particular part is used
> to provide plain buffer from skb. I'm really sure if we can (or should) encrypt
> or decrypt in-place, so API now assumes that src and dst are different buffers.
Not sure this answers my question. What I'm asking is basically whether
for destination we need to call __bpf_dynptr_is_rdonly() or something
already checks that.
Powered by blists - more mailing lists