From: "Toke Høiland-Jørgensen" <toke@redhat.com>
To: Stanislav Fomichev <sdf@google.com>, bpf@vger.kernel.org
Cc: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org,
martin.lau@linux.dev, song@kernel.org, yhs@fb.com,
john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com,
haoluo@google.com, jolsa@kernel.org,
David Ahern <dsahern@gmail.com>, Jakub Kicinski <kuba@kernel.org>,
Willem de Bruijn <willemb@google.com>,
Jesper Dangaard Brouer <brouer@redhat.com>,
Anatoly Burakov <anatoly.burakov@intel.com>,
Alexander Lobakin <alexandr.lobakin@intel.com>,
Magnus Karlsson <magnus.karlsson@gmail.com>,
Maryam Tahhan <mtahhan@redhat.com>,
xdp-hints@xdp-project.net, netdev@vger.kernel.org
Subject: Re: [xdp-hints] [PATCH bpf-next v3 00/11] xdp: hints via kfuncs
Date: Tue, 29 Nov 2022 21:50:14 +0100 [thread overview]
Message-ID: <8735a1zdrt.fsf@toke.dk> (raw)
In-Reply-To: <20221129193452.3448944-1-sdf@google.com>
Stanislav Fomichev <sdf@google.com> writes:
> Please see the first patch in the series for the overall
> design and use-cases.
>
> Changes since v2:
>
> - Rework bpf_prog_aux->xdp_netdev refcnt (Martin)
>
> Switched to dropping the count early, after loading / verification is
> done. At attach time, the pointer value is used only for comparing
> the actual netdev at attach vs netdev at load.
So if we're not holding the netdev reference, we'll end up with a BPF
program with hard-coded CALL instructions calling into a module that
could potentially be unloaded while that BPF program is still alive,
right?
I suppose that since we're checking that the attach iface is the same
that the program should not be able to run after the module is unloaded,
but it still seems a bit iffy. And we should definitely block
BPF_PROG_RUN invocations of programs with a netdev set (but we should do
that anyway).
> (potentially can be a problem if the same slub slot is reused
> for another netdev later on?)
Yeah, this would be bad as well, obviously. I guess this could happen?
-Toke
next prev parent reply other threads:[~2022-11-29 20:51 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-29 19:34 [PATCH bpf-next v3 00/11] xdp: hints via kfuncs Stanislav Fomichev
2022-11-29 19:34 ` [PATCH bpf-next v3 01/11] bpf: Document XDP RX metadata Stanislav Fomichev
2022-12-02 20:58 ` kernel test robot
2022-11-29 19:34 ` [PATCH bpf-next v3 02/11] bpf: XDP metadata RX kfuncs Stanislav Fomichev
2022-11-30 17:56 ` kernel test robot
2022-11-30 22:49 ` kernel test robot
2022-11-29 19:34 ` [PATCH bpf-next v3 03/11] veth: Introduce veth_xdp_buff wrapper for xdp_buff Stanislav Fomichev
2022-11-29 19:34 ` [PATCH bpf-next v3 04/11] veth: Support RX XDP metadata Stanislav Fomichev
2022-11-29 19:34 ` [PATCH bpf-next v3 05/11] selftests/bpf: Verify xdp_metadata xdp->af_xdp path Stanislav Fomichev
2022-11-29 19:34 ` [PATCH bpf-next v3 06/11] mlx4: Introduce mlx4_xdp_buff wrapper for xdp_buff Stanislav Fomichev
2022-11-29 19:34 ` [PATCH bpf-next v3 07/11] mxl4: Support RX XDP metadata Stanislav Fomichev
2022-11-29 19:34 ` [PATCH bpf-next v3 08/11] xsk: Add cb area to struct xdp_buff_xsk Stanislav Fomichev
2022-11-29 19:34 ` [PATCH bpf-next v3 09/11] mlx5: Introduce mlx5_xdp_buff wrapper for xdp_buff Stanislav Fomichev
2022-11-29 19:34 ` [PATCH bpf-next v3 10/11] mlx5: Support RX XDP metadata Stanislav Fomichev
2022-11-30 5:48 ` kernel test robot
2022-11-30 22:29 ` kernel test robot
2022-12-01 2:42 ` kernel test robot
2022-12-01 13:08 ` kernel test robot
2022-11-29 19:34 ` [PATCH bpf-next v3 11/11] selftests/bpf: Simple program to dump XDP RX metadata Stanislav Fomichev
2022-11-29 20:50 ` Toke Høiland-Jørgensen [this message]
2022-11-29 23:41 ` [xdp-hints] [PATCH bpf-next v3 00/11] xdp: hints via kfuncs Stanislav Fomichev
2022-11-30 23:01 ` [xdp-hints] " Toke Høiland-Jørgensen
2022-12-01 0:16 ` Martin KaFai Lau
2022-12-01 0:32 ` Stanislav Fomichev
2022-12-01 3:56 ` Jakub Kicinski
2022-12-01 0:32 ` Stanislav Fomichev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8735a1zdrt.fsf@toke.dk \
--to=toke@redhat.com \
--cc=alexandr.lobakin@intel.com \
--cc=anatoly.burakov@intel.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brouer@redhat.com \
--cc=daniel@iogearbox.net \
--cc=dsahern@gmail.com \
--cc=haoluo@google.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=kuba@kernel.org \
--cc=magnus.karlsson@gmail.com \
--cc=martin.lau@linux.dev \
--cc=mtahhan@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=sdf@google.com \
--cc=song@kernel.org \
--cc=willemb@google.com \
--cc=xdp-hints@xdp-project.net \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.