| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 29 Dec 2023 16:14:07 +0800 From: Menglong Dong <menglong8.dong@...il.com> To: andrii@...nel.org Cc: ast@...nel.org, daniel@...earbox.net, martin.lau@...ux.dev, song@...nel.org, yonghong.song@...ux.dev, john.fastabend@...il.com, kpsingh@...nel.org, sdf@...gle.com, haoluo@...gle.com, jolsa@...nel.org, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, mykolal@...com, shuah@...nel.org, horms@...nel.org, dhowells@...hat.com, linyunsheng@...wei.com, aleksander.lobakin@...el.com, joannelkoong@...il.com, laoar.shao@...il.com, kuifeng@...a.com, menglong8.dong@...il.com, bjorn@...osinc.com, linux-kernel@...r.kernel.org, bpf@...r.kernel.org, netdev@...r.kernel.org, linux-kselftest@...r.kernel.org Subject: [PATCH bpf-next 0/2] bpf: add csum/ip_summed fields to __sk_buff For now, we have to call some helpers when we need to update the csum, such as bpf_l4_csum_replace, bpf_l3_csum_replace, etc. These helpers are not inlined, which causes poor performance. In fact, we can define our own csum update functions in BPF program instead of bpf_l3_csum_replace, which is totally inlined and efficient. However, we can't do this for bpf_l4_csum_replace for now, as we can't update skb->csum, which can cause skb->csum invalid in the rx path with CHECKSUM_COMPLETE mode. What's more, we can't use the direct data access and have to use skb_store_bytes() with the BPF_F_RECOMPUTE_CSUM flag in some case, such as modifing the vni in the vxlan header and the underlay udp header has no checksum. In the first patch, we make skb->csum readable and writable, and we make skb->ip_summed readable. For now, for tc only. With these 2 fields, we don't need to call bpf helpers for csum update any more. In the second patch, we add some testcases for the read/write testing for skb->csum and skb->ip_summed. If this series is acceptable, we can define the inlined functions for csum update in libbpf in the next step. Menglong Dong (2): bpf: add csum/ip_summed fields to __sk_buff testcases/bpf: add testcases for skb->csum to ctx_skb.c include/linux/skbuff.h | 2 + include/uapi/linux/bpf.h | 2 + net/core/filter.c | 22 ++++++++++ tools/include/uapi/linux/bpf.h | 2 + .../testing/selftests/bpf/verifier/ctx_skb.c | 43 +++++++++++++++++++ 5 files changed, 71 insertions(+) -- 2.39.2
Powered by blists - more mailing lists