lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4eaf6d02-6b4e-4713-a8f8-6b00a031d255@linux.dev>
Date: Tue, 29 Jul 2025 12:47:23 -0700
From: Martin KaFai Lau <martin.lau@...ux.dev>
To: Jesper Dangaard Brouer <hawk@...nel.org>, Jakub Kicinski
 <kuba@...nel.org>, Lorenzo Bianconi <lorenzo@...nel.org>
Cc: Stanislav Fomichev <stfomichev@...il.com>, bpf@...r.kernel.org,
 netdev@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>,
 Daniel Borkmann <borkmann@...earbox.net>,
 Eric Dumazet <eric.dumazet@...il.com>, "David S. Miller"
 <davem@...emloft.net>, Paolo Abeni <pabeni@...hat.com>, sdf@...ichev.me,
 kernel-team@...udflare.com, arthur@...hurfabre.com, jakub@...udflare.com,
 Jesse Brandeburg <jbrandeburg@...udflare.com>,
 Andrew Rzeznik <arzeznik@...udflare.com>
Subject: Re: [PATCH bpf-next V2 0/7] xdp: Allow BPF to set RX hints for
 XDP_REDIRECTed packets

On 7/29/25 4:15 AM, Jesper Dangaard Brouer wrote:
> That idea has been considered before, but it unfortunately doesn't work
> from a performance angle. The performance model of XDP_REDIRECT into
> CPUMAP relies on moving the expensive SKB allocation+init to a remote
> CPU. This keeps the ingress CPU free to process packets at near line
> rate (our DDoS use-case). If we allocate the SKB on the ingress-CPU
> before the redirect, we destroy this load-balancing model and create the
> exact bottleneck we designed CPUMAP to avoid.

iirc, a xdp prog can be attached to a cpumap. The skb can be created by that xdp 
prog running on the remote cpu. It should be like a xdp prog returning a 
XDP_PASS + an optional skb. The xdp prog can set some fields in the skb. Other 
than setting fields in the skb, something else may be also possible in the 
future, e.g. look up sk, earlier demux ...etc.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ