From: Daniel Borkmann <daniel@iogearbox.net>
To: Lorenzo Bianconi <lorenzo@kernel.org>,
bpf@vger.kernel.org, netdev@vger.kernel.org
Cc: lorenzo.bianconi@redhat.com, davem@davemloft.net,
kuba@kernel.org, ast@kernel.org, shayagr@amazon.com,
john.fastabend@gmail.com, dsahern@kernel.org, brouer@redhat.com,
echaudro@redhat.com, jasowang@redhat.com,
alexander.duyck@gmail.com, saeed@kernel.org,
maciej.fijalkowski@intel.com, magnus.karlsson@intel.com,
tirthendu.sarkar@intel.com, toke@redhat.com
Subject: Re: [PATCH v16 bpf-next 19/20] net: xdp: introduce bpf_xdp_pointer utility routine
Date: Thu, 28 Oct 2021 00:53:09 +0200 [thread overview]
Message-ID: <3d196d1d-69f3-0ff2-1752-f318defbbf33@iogearbox.net> (raw)
In-Reply-To: <98e60294b7ba81ca647cffd4d7b87617e9b1e9d9.1634301224.git.lorenzo@kernel.org>
On 10/15/21 3:08 PM, Lorenzo Bianconi wrote:
[...]
> +static void *bpf_xdp_pointer(struct xdp_buff *xdp, u32 offset,
> + u32 len, void *buf)
> +{
> + struct skb_shared_info *sinfo = xdp_get_shared_info_from_buff(xdp);
> + u32 size = xdp->data_end - xdp->data;
> + void *addr = xdp->data;
> + u32 frame_sz = size;
> + int i;
> +
> + if (xdp_buff_is_mb(xdp))
> + frame_sz += sinfo->xdp_frags_size;
> +
> + if (offset + len > frame_sz)
> + return ERR_PTR(-EINVAL);
Given offset is ARG_ANYTHING, the above could overflow. In bpf_skb_*_bytes() we
guard with offset > 0xffff.
> + if (offset < size) /* linear area */
> + goto out;
> +
> + offset -= size;
> + for (i = 0; i < sinfo->nr_frags; i++) { /* paged area */
> + u32 frag_size = skb_frag_size(&sinfo->frags[i]);
> +
> + if (offset < frag_size) {
> + addr = skb_frag_address(&sinfo->frags[i]);
> + size = frag_size;
> + break;
> + }
> + offset -= frag_size;
> + }
> +
> +out:
> + if (offset + len < size)
> + return addr + offset; /* fast path - no need to copy */
> +
> + if (!buf) /* no copy to the bounce buffer */
> + return NULL;
> +
> + /* slow path - we need to copy data into the bounce buffer */
> + bpf_xdp_copy_buf(xdp, offset, len, buf, false);
> + return buf;
> +}
> +
> +BPF_CALL_4(bpf_xdp_load_bytes, struct xdp_buff *, xdp, u32, offset,
> + void *, buf, u32, len)
> +{
> + void *ptr;
> +
> + ptr = bpf_xdp_pointer(xdp, offset, len, buf);
> + if (ptr == ERR_PTR(-EINVAL))
> + return -EINVAL;
nit + same below in *_store_bytes(): IS_ERR(ptr) return PTR_ERR(ptr); ? (Or
should we just return -EFAULT to make it analog to bpf_skb_{load,store}_bytes()?
Either is okay, imho.)
> + if (ptr != buf)
> + memcpy(buf, ptr, len);
> +
> + return 0;
> +}
> +
> +static const struct bpf_func_proto bpf_xdp_load_bytes_proto = {
> + .func = bpf_xdp_load_bytes,
> + .gpl_only = false,
> + .ret_type = RET_INTEGER,
> + .arg1_type = ARG_PTR_TO_CTX,
> + .arg2_type = ARG_ANYTHING,
> + .arg3_type = ARG_PTR_TO_MEM,
ARG_PTR_TO_UNINIT_MEM, or do you need the dst buffer to be initialized?
> + .arg4_type = ARG_CONST_SIZE_OR_ZERO,
ARG_CONST_SIZE
> +};
> +
> +BPF_CALL_4(bpf_xdp_store_bytes, struct xdp_buff *, xdp, u32, offset,
> + void *, buf, u32, len)
> +{
> + void *ptr;
> +
> + ptr = bpf_xdp_pointer(xdp, offset, len, NULL);
> + if (ptr == ERR_PTR(-EINVAL))
> + return -EINVAL;
> +
> + if (!ptr)
> + bpf_xdp_copy_buf(xdp, offset, len, buf, true);
> + else
> + memcpy(ptr, buf, len);
> +
> + return 0;
> +}
> +
> +static const struct bpf_func_proto bpf_xdp_store_bytes_proto = {
> + .func = bpf_xdp_store_bytes,
> + .gpl_only = false,
> + .ret_type = RET_INTEGER,
> + .arg1_type = ARG_PTR_TO_CTX,
> + .arg2_type = ARG_ANYTHING,
> + .arg3_type = ARG_PTR_TO_MEM,
> + .arg4_type = ARG_CONST_SIZE_OR_ZERO,
ARG_CONST_SIZE, or do you have a use case for bpf_xdp_store_bytes(..., buf, 0)?
> +};
> +
> static int bpf_xdp_mb_increase_tail(struct xdp_buff *xdp, int offset)
> {
> struct skb_shared_info *sinfo = xdp_get_shared_info_from_buff(xdp);
> @@ -7619,6 +7749,10 @@ xdp_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
> return &bpf_xdp_adjust_tail_proto;
> case BPF_FUNC_xdp_get_buff_len:
> return &bpf_xdp_get_buff_len_proto;
> + case BPF_FUNC_xdp_load_bytes:
> + return &bpf_xdp_load_bytes_proto;
> + case BPF_FUNC_xdp_store_bytes:
> + return &bpf_xdp_store_bytes_proto;
> case BPF_FUNC_fib_lookup:
> return &bpf_xdp_fib_lookup_proto;
> case BPF_FUNC_check_mtu:
> diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h
> index 1cb992ec0cc8..dad1d8c3a4c1 100644
> --- a/tools/include/uapi/linux/bpf.h
> +++ b/tools/include/uapi/linux/bpf.h
> @@ -4920,6 +4920,22 @@ union bpf_attr {
> * Get the total size of a given xdp buff (linear and paged area)
> * Return
> * The total size of a given xdp buffer.
> + *
> + * long bpf_xdp_load_bytes(struct xdp_buff *xdp_md, u32 offset, void *buf, u32 len)
> + * Description
> + * This helper is provided as an easy way to load data from a
> + * xdp buffer. It can be used to load *len* bytes from *offset* from
> + * the frame associated to *xdp_md*, into the buffer pointed by
> + * *buf*.
> + * Return
> + * 0 on success, or a negative error in case of failure.
> + *
> + * long bpf_xdp_store_bytes(struct xdp_buff *xdp_md, u32 offset, void *buf, u32 len)
> + * Description
> + * Store *len* bytes from buffer *buf* into the frame
> + * associated to *xdp_md*, at *offset*.
> + * Return
> + * 0 on success, or a negative error in case of failure.
> */
> #define __BPF_FUNC_MAPPER(FN) \
> FN(unspec), \
> @@ -5101,6 +5117,8 @@ union bpf_attr {
> FN(get_branch_snapshot), \
> FN(trace_vprintk), \
> FN(xdp_get_buff_len), \
> + FN(xdp_load_bytes), \
> + FN(xdp_store_bytes), \
> /* */
>
> /* integer value in 'imm' field of BPF_CALL instruction selects which helper
>
next prev parent reply other threads:[~2021-10-27 22:53 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-15 13:08 [PATCH v16 bpf-next 00/20] mvneta: introduce XDP multi-buffer support Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 01/20] net: skbuff: add size metadata to skb_shared_info for xdp Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 02/20] xdp: introduce flags field in xdp_buff/xdp_frame Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 03/20] net: mvneta: update mb bit before passing the xdp buffer to eBPF layer Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 04/20] net: mvneta: simplify mvneta_swbm_add_rx_fragment management Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 05/20] net: xdp: add xdp_update_skb_shared_info utility routine Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 06/20] net: marvell: rely on " Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 07/20] xdp: add multi-buff support to xdp_return_{buff/frame} Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 08/20] net: mvneta: add multi buffer support to XDP_TX Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 09/20] bpf: introduce BPF_F_XDP_MB flag in prog_flags loading the ebpf program Lorenzo Bianconi
2021-10-15 13:22 ` Toke Høiland-Jørgensen
2021-10-15 13:29 ` Lorenzo Bianconi
2021-10-15 16:03 ` Toke Høiland-Jørgensen
2021-10-15 13:08 ` [PATCH v16 bpf-next 10/20] net: mvneta: enable jumbo frames if the loaded XDP program support mb Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 11/20] bpf: add multi-buff support to the bpf_xdp_adjust_tail() API Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 12/20] bpf: introduce bpf_xdp_get_buff_len helper Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 13/20] bpf: add multi-buffer support to xdp copy helpers Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 14/20] bpf: move user_size out of bpf_test_init Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 15/20] bpf: introduce multibuff support to bpf_prog_test_run_xdp() Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 16/20] bpf: test_run: add xdp_shared_info pointer in bpf_test_finish signature Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 17/20] bpf: update xdp_adjust_tail selftest to include multi-buffer Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 18/20] libbpf: Add SEC name for xdp_mb programs Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 19/20] net: xdp: introduce bpf_xdp_pointer utility routine Lorenzo Bianconi
2021-10-27 22:53 ` Daniel Borkmann [this message]
2021-10-28 9:26 ` Lorenzo Bianconi
2021-10-15 13:08 ` [PATCH v16 bpf-next 20/20] bpf: introduce bpf_xdp_{load,store}_bytes selftest Lorenzo Bianconi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3d196d1d-69f3-0ff2-1752-f318defbbf33@iogearbox.net \
--to=daniel@iogearbox.net \
--cc=alexander.duyck@gmail.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brouer@redhat.com \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=echaudro@redhat.com \
--cc=jasowang@redhat.com \
--cc=john.fastabend@gmail.com \
--cc=kuba@kernel.org \
--cc=lorenzo.bianconi@redhat.com \
--cc=lorenzo@kernel.org \
--cc=maciej.fijalkowski@intel.com \
--cc=magnus.karlsson@intel.com \
--cc=netdev@vger.kernel.org \
--cc=saeed@kernel.org \
--cc=shayagr@amazon.com \
--cc=tirthendu.sarkar@intel.com \
--cc=toke@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).