From: Jesper Dangaard Brouer <brouer@redhat.com>
To: "Toke Høiland-Jørgensen" <toke@redhat.com>
Cc: sameehj@amazon.com, netdev@vger.kernel.org, bpf@vger.kernel.org,
zorik@amazon.com, akiyano@amazon.com, gtzalik@amazon.com,
Daniel Borkmann <borkmann@iogearbox.net>,
Alexei Starovoitov <alexei.starovoitov@gmail.com>,
John Fastabend <john.fastabend@gmail.com>,
Alexander Duyck <alexander.duyck@gmail.com>,
Jeff Kirsher <jeffrey.t.kirsher@intel.com>,
David Ahern <dsahern@gmail.com>,
Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Lorenzo Bianconi <lorenzo@kernel.org>,
brouer@redhat.com
Subject: Re: [PATCH RFC v1 09/15] xdp: clear grow memory in bpf_xdp_adjust_tail()
Date: Wed, 18 Mar 2020 11:25:39 +0100 [thread overview]
Message-ID: <20200318112539.6b595142@carbon> (raw)
In-Reply-To: <87v9n2koqt.fsf@toke.dk>
On Wed, 18 Mar 2020 10:15:38 +0100
Toke Høiland-Jørgensen <toke@redhat.com> wrote:
> Jesper Dangaard Brouer <brouer@redhat.com> writes:
>
> > To reviewers: Need some opinions if this is needed?
> >
> > (TODO: Squash patch)
> > ---
> > net/core/filter.c | 6 ++++++
> > 1 file changed, 6 insertions(+)
> >
> > diff --git a/net/core/filter.c b/net/core/filter.c
> > index 0ceddee0c678..669f29992177 100644
> > --- a/net/core/filter.c
> > +++ b/net/core/filter.c
> > @@ -3432,6 +3432,12 @@ BPF_CALL_2(bpf_xdp_adjust_tail, struct xdp_buff *, xdp, int, offset)
> > if (unlikely(data_end < xdp->data + ETH_HLEN))
> > return -EINVAL;
> >
> > + // XXX: To reviewers: How paranoid are we? Do we really need to
> > + /* clear memory area on grow, as in-theory can contain uninit kmem */
> > + if (offset > 0) {
> > + memset(xdp->data_end, 0, offset);
> > + }
>
> This memory will usually be recycled through page_pool or equivalent,
> right? So couldn't we clear the pages when they are first allocated?
> That way, the only data that would be left there would be packet data
> from previous packets...
Yes, that is another option, to clear pages on "real" alloc (not
recycle alloc), but it is a bit harder to implement (when not using
page_pool).
And yes, this area will very likely just contain old packet data, but
we cannot be 100% sure.
Previously Alexei have argued that we should not leak pointer values in
XDP. Which is why we have xdp_scrub_frame(), but this is not 100% the
same. So, I would like to hear Alexei's opinion ?
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
next prev parent reply other threads:[~2020-03-18 10:25 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-17 17:29 [PATCH RFC v1 00/15] XDP extend with knowledge of frame size Jesper Dangaard Brouer
2020-03-17 17:29 ` [PATCH RFC v1 01/15] xdp: add frame size to xdp_buff Jesper Dangaard Brouer
2020-03-17 20:42 ` Jakub Kicinski
2020-03-18 6:58 ` Jesper Dangaard Brouer
2020-03-17 17:29 ` [PATCH RFC v1 02/15] mvneta: add XDP frame size to driver Jesper Dangaard Brouer
2020-03-17 17:29 ` [PATCH RFC v1 03/15] bnxt: " Jesper Dangaard Brouer
2020-03-20 19:22 ` Andy Gospodarek
2020-03-23 14:18 ` Andy Gospodarek
2020-03-23 14:44 ` Jesper Dangaard Brouer
2020-03-17 17:29 ` [PATCH RFC v1 04/15] ixgbe: fix XDP redirect on archs with PAGE_SIZE above 4K Jesper Dangaard Brouer
2020-03-17 17:29 ` [PATCH RFC v1 05/15] ixgbe: add XDP frame size to driver Jesper Dangaard Brouer
2020-03-18 20:03 ` Maciej Fijalkowski
2020-03-18 21:23 ` Alexander Duyck
2020-03-20 21:44 ` Jesper Dangaard Brouer
2020-03-20 22:37 ` Alexander Duyck
2020-03-17 17:29 ` [PATCH RFC v1 06/15] sfc: fix XDP-redirect in this driver Jesper Dangaard Brouer
2020-03-17 17:29 ` [PATCH RFC v1 07/15] sfc: add XDP frame size Jesper Dangaard Brouer
2020-03-17 17:29 ` [PATCH RFC v1 08/15] xdp: allow bpf_xdp_adjust_tail() to grow packet size Jesper Dangaard Brouer
2020-03-17 17:29 ` [PATCH RFC v1 09/15] xdp: clear grow memory in bpf_xdp_adjust_tail() Jesper Dangaard Brouer
2020-03-17 20:38 ` Jakub Kicinski
2020-03-18 9:15 ` Toke Høiland-Jørgensen
2020-03-18 10:25 ` Jesper Dangaard Brouer [this message]
2020-03-19 5:35 ` Alexei Starovoitov
2020-03-17 17:29 ` [PATCH RFC v1 10/15] net: XDP-generic determining XDP frame size Jesper Dangaard Brouer
2020-03-17 17:30 ` [PATCH RFC v1 11/15] xdp: xdp_frame add member frame_sz and handle in convert_to_xdp_frame Jesper Dangaard Brouer
2020-03-17 17:30 ` [PATCH RFC v1 12/15] xdp: cpumap redirect use frame_sz and increase skb_tailroom Jesper Dangaard Brouer
2020-03-17 17:30 ` [PATCH RFC v1 13/15] tun: add XDP frame size Jesper Dangaard Brouer
2020-03-17 17:30 ` [PATCH RFC v1 14/15] veth: xdp using frame_sz in veth driver Jesper Dangaard Brouer
2020-03-17 17:30 ` [PATCH RFC v1 15/15] dpaa2-eth: add XDP frame size Jesper Dangaard Brouer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200318112539.6b595142@carbon \
--to=brouer@redhat.com \
--cc=akiyano@amazon.com \
--cc=alexander.duyck@gmail.com \
--cc=alexei.starovoitov@gmail.com \
--cc=borkmann@iogearbox.net \
--cc=bpf@vger.kernel.org \
--cc=dsahern@gmail.com \
--cc=gtzalik@amazon.com \
--cc=ilias.apalodimas@linaro.org \
--cc=jeffrey.t.kirsher@intel.com \
--cc=john.fastabend@gmail.com \
--cc=lorenzo@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=sameehj@amazon.com \
--cc=toke@redhat.com \
--cc=willemdebruijn.kernel@gmail.com \
--cc=zorik@amazon.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).