lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f073b150-b2e9-43db-aa61-87eee4755a2f@gmail.com>
Date: Fri, 6 Jun 2025 22:48:53 +0700
From: Bui Quang Minh <minhquangbui99@...il.com>
To: Jakub Kicinski <kuba@...nel.org>
Cc: Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
 "Michael S. Tsirkin" <mst@...hat.com>, Jason Wang <jasowang@...hat.com>,
 Xuan Zhuo <xuanzhuo@...ux.alibaba.com>, Eugenio PĂ©rez
 <eperezma@...hat.com>, Andrew Lunn <andrew+netdev@...n.ch>,
 "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>,
 Jesper Dangaard Brouer <hawk@...nel.org>,
 John Fastabend <john.fastabend@...il.com>, virtualization@...ts.linux.dev,
 linux-kernel@...r.kernel.org, bpf@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH net] virtio-net: drop the multi-buffer XDP packet in
 zerocopy

On 6/5/25 21:48, Jakub Kicinski wrote:
> On Thu, 5 Jun 2025 21:33:26 +0700 Bui Quang Minh wrote:
>> On 6/5/25 18:03, Paolo Abeni wrote:
>>> On 6/3/25 5:06 PM, Bui Quang Minh wrote:
>>>> In virtio-net, we have not yet supported multi-buffer XDP packet in
>>>> zerocopy mode when there is a binding XDP program. However, in that
>>>> case, when receiving multi-buffer XDP packet, we skip the XDP program
>>>> and return XDP_PASS. As a result, the packet is passed to normal network
>>>> stack which is an incorrect behavior.
>>> Why? AFAICS the multi-buffer mode depends on features negotiation, which
>>> is not controlled by the VM user.
>>>
>>> Let's suppose the user wants to attach an XDP program to do some per
>>> packet stats accounting. That suddenly would cause drop packets
>>> depending on conditions not controlled by the (guest) user. It looks
>>> wrong to me.
>> But currently, if a multi-buffer packet arrives, it will not go through
>> XDP program so it doesn't increase the stats but still goes to network
>> stack. So I think it's not a correct behavior.
> Sounds fair, but at a glance the normal XDP path seems to be trying to
> linearize the frame. Can we not try to flatten the frame here?
> If it's simply to long for the chunk size that's a frame length error,
> right?

Here we are in the zerocopy path, so the buffers for the frame to fill 
in are allocated from XDP socket's umem. And if the frame spans across 
multiple buffers then the total frame size is larger than the chunk 
size. Furthermore, we are in the zerocopy so we cannot linearize by 
allocating a large enough buffer to cover the whole frame then copy the 
frame data to it. That's not zerocopy anymore. Also, XDP socket zerocopy 
receive has assumption that the packet it receives must from the umem 
pool. AFAIK, the generic XDP path is for copy mode only.

Thanks,
Quang Minh.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ