| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251015140140.62273-4-daniel@iogearbox.net>
Date: Wed, 15 Oct 2025 16:01:28 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: netdev@...r.kernel.org
Cc: bpf@...r.kernel.org,
kuba@...nel.org,
davem@...emloft.net,
razor@...ckwall.org,
pabeni@...hat.com,
willemb@...gle.com,
sdf@...ichev.me,
john.fastabend@...il.com,
martin.lau@...nel.org,
jordan@...fe.io,
maciej.fijalkowski@...el.com,
magnus.karlsson@...el.com,
dw@...idwei.uk,
toke@...hat.com,
yangzhenze@...edance.com,
wangdongdong.6@...edance.com
Subject: [PATCH net-next v2 03/15] net: Add peer info to queue-get response
From: David Wei <dw@...idwei.uk>
Add a nested peer field to the queue-get response that returns the peered
ifindex and queue id.
Example with ynl client:
# ip netns exec foo ./pyynl/cli.py \
--spec ~/netlink/specs/netdev.yaml \
--do queue-get \
--json '{"ifindex": 3, "id": 1, "type": "rx"}'
{'id': 1, 'ifindex': 3, 'peer': {'id': 15, 'ifindex': 4, 'netns-id': 21}, 'type': 'rx'}
Note that the caller of netdev_nl_queue_fill_one() holds the netdevice
lock. For the queue-get we do not lock both devices. When queues get
{un,}peered, both devices are locked, thus if netdev_rx_queue_peered()
returns true, the peer pointer points to a valid device. The netns-id
is fetched via peernet2id_alloc() similarly as done in OVS.
Signed-off-by: David Wei <dw@...idwei.uk>
Co-developed-by: Daniel Borkmann <daniel@...earbox.net>
Signed-off-by: Daniel Borkmann <daniel@...earbox.net>
---
Documentation/netlink/specs/netdev.yaml | 24 ++++++++++++++++++
include/net/netdev_rx_queue.h | 3 +++
include/uapi/linux/netdev.h | 10 ++++++++
net/core/netdev-genl.c | 33 +++++++++++++++++++++++--
net/core/netdev_rx_queue.c | 8 ++++++
tools/include/uapi/linux/netdev.h | 10 ++++++++
6 files changed, 86 insertions(+), 2 deletions(-)
diff --git a/Documentation/netlink/specs/netdev.yaml b/Documentation/netlink/specs/netdev.yaml
index 20bb00b7e9ac..a3c562dfd205 100644
--- a/Documentation/netlink/specs/netdev.yaml
+++ b/Documentation/netlink/specs/netdev.yaml
@@ -297,6 +297,24 @@ attribute-sets:
-
name: xsk-info
attributes: []
+ -
+ name: peer-info
+ attributes:
+ -
+ name: id
+ doc: Queue index of the netdevice to which the peer queue belongs.
+ type: u32
+ -
+ name: ifindex
+ doc: ifindex of the netdevice to which the peer queue belongs.
+ type: u32
+ -
+ name: netns-id
+ doc: |
+ Network namespace of the netdevice to which the peer queue belongs.
+ This is populated if the netdevices are not in the same network
+ namespace.
+ type: s32
-
name: queue
attributes:
@@ -338,6 +356,11 @@ attribute-sets:
doc: XSK information for this queue, if any.
type: nest
nested-attributes: xsk-info
+ -
+ name: peer
+ doc: Whether this queue was bound to another peer queue.
+ type: nest
+ nested-attributes: peer-info
-
name: qstats
doc: |
@@ -723,6 +746,7 @@ operations:
- dmabuf
- io-uring
- xsk
+ - peer
dump:
request:
attributes:
diff --git a/include/net/netdev_rx_queue.h b/include/net/netdev_rx_queue.h
index db3ef94c0744..ea23cca947bb 100644
--- a/include/net/netdev_rx_queue.h
+++ b/include/net/netdev_rx_queue.h
@@ -90,4 +90,7 @@ struct netdev_rx_queue *
netif_get_rx_queue_peer_locked(struct net_device **dev,
unsigned int *rxq_idx,
bool *needs_unlock);
+struct netdev_rx_queue *
+netif_get_rx_queue_peer_any(struct net_device **dev,
+ unsigned int *rxq_idx);
#endif /* _LINUX_NETDEV_RX_QUEUE_H */
diff --git a/include/uapi/linux/netdev.h b/include/uapi/linux/netdev.h
index 4ef04d0bc412..d4d5d9f86eee 100644
--- a/include/uapi/linux/netdev.h
+++ b/include/uapi/linux/netdev.h
@@ -150,6 +150,15 @@ enum {
NETDEV_A_XSK_INFO_MAX = (__NETDEV_A_XSK_INFO_MAX - 1)
};
+enum {
+ NETDEV_A_PEER_INFO_ID = 1,
+ NETDEV_A_PEER_INFO_IFINDEX,
+ NETDEV_A_PEER_INFO_NETNS_ID,
+
+ __NETDEV_A_PEER_INFO_MAX,
+ NETDEV_A_PEER_INFO_MAX = (__NETDEV_A_PEER_INFO_MAX - 1)
+};
+
enum {
NETDEV_A_QUEUE_ID = 1,
NETDEV_A_QUEUE_IFINDEX,
@@ -158,6 +167,7 @@ enum {
NETDEV_A_QUEUE_DMABUF,
NETDEV_A_QUEUE_IO_URING,
NETDEV_A_QUEUE_XSK,
+ NETDEV_A_QUEUE_PEER,
__NETDEV_A_QUEUE_MAX,
NETDEV_A_QUEUE_MAX = (__NETDEV_A_QUEUE_MAX - 1)
diff --git a/net/core/netdev-genl.c b/net/core/netdev-genl.c
index 579469abac8c..28658b5cd7a4 100644
--- a/net/core/netdev-genl.c
+++ b/net/core/netdev-genl.c
@@ -393,6 +393,7 @@ netdev_nl_queue_fill_one(struct sk_buff *rsp, struct net_device *netdev,
struct pp_memory_provider_params *params;
struct netdev_rx_queue *rxq;
struct netdev_queue *txq;
+ struct nlattr *nest;
void *hdr;
hdr = genlmsg_iput(rsp, info);
@@ -410,6 +411,34 @@ netdev_nl_queue_fill_one(struct sk_buff *rsp, struct net_device *netdev,
if (nla_put_napi_id(rsp, rxq->napi))
goto nla_put_failure;
+ if (netdev_rx_queue_peered(netdev, q_idx)) {
+ struct net_device *p_netdev = netdev;
+ struct net *net, *p_net;
+ u32 p_q_idx = q_idx;
+
+ nest = nla_nest_start(rsp, NETDEV_A_QUEUE_PEER);
+ if (!nest)
+ goto nla_put_failure;
+
+ netif_get_rx_queue_peer_any(&p_netdev, &p_q_idx);
+ if (nla_put_u32(rsp, NETDEV_A_PEER_INFO_ID, p_q_idx) ||
+ nla_put_u32(rsp, NETDEV_A_PEER_INFO_IFINDEX,
+ READ_ONCE(p_netdev->ifindex)))
+ goto nla_put_failure;
+
+ rcu_read_lock();
+ p_net = dev_net_rcu(p_netdev);
+ net = dev_net_rcu(netdev);
+ if (!net_eq(net, p_net)) {
+ s32 id = peernet2id_alloc(net, p_net, GFP_ATOMIC);
+
+ if (nla_put_s32(rsp, NETDEV_A_PEER_INFO_NETNS_ID, id))
+ goto nla_put_failure_unlock;
+ }
+ rcu_read_unlock();
+ nla_nest_end(rsp, nest);
+ }
+
params = &rxq->mp_params;
if (params->mp_ops &&
params->mp_ops->nl_fill(params->mp_priv, rsp, rxq))
@@ -419,7 +448,6 @@ netdev_nl_queue_fill_one(struct sk_buff *rsp, struct net_device *netdev,
if (nla_put_empty_nest(rsp, NETDEV_A_QUEUE_XSK))
goto nla_put_failure;
#endif
-
break;
case NETDEV_QUEUE_TYPE_TX:
txq = netdev_get_tx_queue(netdev, q_idx);
@@ -434,9 +462,10 @@ netdev_nl_queue_fill_one(struct sk_buff *rsp, struct net_device *netdev,
}
genlmsg_end(rsp, hdr);
-
return 0;
+nla_put_failure_unlock:
+ rcu_read_unlock();
nla_put_failure:
genlmsg_cancel(rsp, hdr);
return -EMSGSIZE;
diff --git a/net/core/netdev_rx_queue.c b/net/core/netdev_rx_queue.c
index 85cf1b3749ee..686a6300df78 100644
--- a/net/core/netdev_rx_queue.c
+++ b/net/core/netdev_rx_queue.c
@@ -77,6 +77,14 @@ netif_get_rx_queue_peer_locked(struct net_device **dev, unsigned int *rxq_idx,
return rxq;
}
+struct netdev_rx_queue *
+netif_get_rx_queue_peer_any(struct net_device **dev, unsigned int *rxq_idx)
+{
+ netdev_assert_locked(*dev);
+ /* Retrieves both virt-to-phys and phys-to-virt peering. */
+ return __netif_get_rx_queue_peer(dev, rxq_idx, false);
+}
+
int netdev_rx_queue_restart(struct net_device *dev, unsigned int rxq_idx)
{
struct netdev_rx_queue *rxq = __netif_get_rx_queue(dev, rxq_idx);
diff --git a/tools/include/uapi/linux/netdev.h b/tools/include/uapi/linux/netdev.h
index 4ef04d0bc412..d4d5d9f86eee 100644
--- a/tools/include/uapi/linux/netdev.h
+++ b/tools/include/uapi/linux/netdev.h
@@ -150,6 +150,15 @@ enum {
NETDEV_A_XSK_INFO_MAX = (__NETDEV_A_XSK_INFO_MAX - 1)
};
+enum {
+ NETDEV_A_PEER_INFO_ID = 1,
+ NETDEV_A_PEER_INFO_IFINDEX,
+ NETDEV_A_PEER_INFO_NETNS_ID,
+
+ __NETDEV_A_PEER_INFO_MAX,
+ NETDEV_A_PEER_INFO_MAX = (__NETDEV_A_PEER_INFO_MAX - 1)
+};
+
enum {
NETDEV_A_QUEUE_ID = 1,
NETDEV_A_QUEUE_IFINDEX,
@@ -158,6 +167,7 @@ enum {
NETDEV_A_QUEUE_DMABUF,
NETDEV_A_QUEUE_IO_URING,
NETDEV_A_QUEUE_XSK,
+ NETDEV_A_QUEUE_PEER,
__NETDEV_A_QUEUE_MAX,
NETDEV_A_QUEUE_MAX = (__NETDEV_A_QUEUE_MAX - 1)
--
2.43.0
Powered by blists - more mailing lists