lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 24 May 2024 15:01:13 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: martin.lau@...nel.org
Cc: razor@...ckwall.org,
	bpf@...r.kernel.org,
	netdev@...r.kernel.org,
	Daniel Borkmann <daniel@...earbox.net>,
	Joe Stringer <joe@...ium.io>
Subject: [PATCH bpf 3/5] netkit: Fix syncing peer device mtu with primary

Implement the ndo_change_mtu callback in netkit in order to align the MTU
to the primary device. This is needed in order to sync MTUs to the latter
from the control plane (e.g. Cilium) which does not have access into the
Pod's netns.

Fixes: 35dfaad7188c ("netkit, bpf: Add bpf programmable net device")
Signed-off-by: Daniel Borkmann <daniel@...earbox.net>
Cc: Joe Stringer <joe@...ium.io>
---
 drivers/net/netkit.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/drivers/net/netkit.c b/drivers/net/netkit.c
index 16789cd446e9..ead7097c224b 100644
--- a/drivers/net/netkit.c
+++ b/drivers/net/netkit.c
@@ -167,6 +167,25 @@ static int netkit_set_macaddr(struct net_device *dev, void *sa)
 	return eth_mac_addr(dev, sa);
 }
 
+static int netkit_set_mtu(struct net_device *dev, int new_mtu)
+{
+	struct netkit *nk = netkit_priv(dev);
+	struct net_device *peer;
+
+	rcu_read_lock();
+	peer = rcu_dereference(nk->peer);
+	if (unlikely(!peer))
+		goto out;
+	if (!nk->primary)
+		new_mtu = READ_ONCE(peer->mtu);
+	else
+		WRITE_ONCE(peer->mtu, new_mtu);
+out:
+	WRITE_ONCE(dev->mtu, new_mtu);
+	rcu_read_unlock();
+	return 0;
+}
+
 static void netkit_set_headroom(struct net_device *dev, int headroom)
 {
 	struct netkit *nk = netkit_priv(dev), *nk2;
@@ -211,6 +230,7 @@ static const struct net_device_ops netkit_netdev_ops = {
 	.ndo_set_rx_mode	= netkit_set_multicast,
 	.ndo_set_rx_headroom	= netkit_set_headroom,
 	.ndo_set_mac_address	= netkit_set_macaddr,
+	.ndo_change_mtu		= netkit_set_mtu,
 	.ndo_get_iflink		= netkit_get_iflink,
 	.ndo_get_peer_dev	= netkit_peer_dev,
 	.ndo_get_stats64	= netkit_get_stats,
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ