[{"id":1766571,"web_url":"http://patchwork.ozlabs.org/comment/1766571/","msgid":"<20170911.143340.2229370127207977653.davem@davemloft.net>","list_archive_url":null,"date":"2017-09-11T21:33:40","subject":"Re: [V3 PATCH net] xdp: implement xdp_redirect_map for generic XDP","submitter":{"id":15,"url":"http://patchwork.ozlabs.org/api/people/15/","name":"David Miller","email":"davem@davemloft.net"},"content":"From: Jesper Dangaard Brouer <brouer@redhat.com>\nDate: Sun, 10 Sep 2017 09:47:02 +0200\n\n> Using bpf_redirect_map is allowed for generic XDP programs, but the\n> appropriate map lookup was never performed in xdp_do_generic_redirect().\n> \n> Instead the map-index is directly used as the ifindex.  For the\n> xdp_redirect_map sample in SKB-mode '-S', this resulted in trying\n> sending on ifindex 0 which isn't valid, resulting in getting SKB\n> packets dropped.  Thus, the reported performance numbers are wrong in\n> commit 24251c264798 (\"samples/bpf: add option for native and skb mode\n> for redirect apps\") for the 'xdp_redirect_map -S' case.\n> \n> Before commit 109980b894e9 (\"bpf: don't select potentially stale\n> ri->map from buggy xdp progs\") it could crash the kernel.  Like this\n> commit also check that the map_owner owner is correct before\n> dereferencing the map pointer.  But make sure that this API misusage\n> can be caught by a tracepoint. Thus, allowing userspace via\n> tracepoints to detect misbehaving bpf_progs.\n> \n> Fixes: 6103aa96ec07 (\"net: implement XDP_REDIRECT for xdp generic\")\n> Fixes: 24251c264798 (\"samples/bpf: add option for native and skb mode for redirect apps\")\n> Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>\n\nApplied, thanks Jesper.","headers":{"Return-Path":"<netdev-owner@vger.kernel.org>","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xrh4n1knvz9s7M\n\tfor <patchwork-incoming@ozlabs.org>;\n\tTue, 12 Sep 2017 07:33:45 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1751078AbdIKVdm (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tMon, 11 Sep 2017 17:33:42 -0400","from shards.monkeyblade.net ([184.105.139.130]:56402 \"EHLO\n\tshards.monkeyblade.net\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1750926AbdIKVdl (ORCPT\n\t<rfc822;netdev@vger.kernel.org>); Mon, 11 Sep 2017 17:33:41 -0400","from localhost (74-93-104-98-Washington.hfc.comcastbusiness.net\n\t[74.93.104.98]) (using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(Client did not present a certificate)\n\t(Authenticated sender: davem-davemloft)\n\tby shards.monkeyblade.net (Postfix) with ESMTPSA id 6288E10229C93;\n\tMon, 11 Sep 2017 14:33:41 -0700 (PDT)"],"Date":"Mon, 11 Sep 2017 14:33:40 -0700 (PDT)","Message-Id":"<20170911.143340.2229370127207977653.davem@davemloft.net>","To":"brouer@redhat.com","Cc":"netdev@vger.kernel.org, john.fastabend@gmail.com, andy@greyhouse.net","Subject":"Re: [V3 PATCH net] xdp: implement xdp_redirect_map for generic XDP","From":"David Miller <davem@davemloft.net>","In-Reply-To":"<150502962259.28817.7472180087690436639.stgit@firesoul>","References":"<20170908.205426.624386613610674398.davem@davemloft.net>\n\t<150502962259.28817.7472180087690436639.stgit@firesoul>","X-Mailer":"Mew version 6.7 on Emacs 25.2 / Mule 6.0 (HANACHIRUSATO)","Mime-Version":"1.0","Content-Type":"Text/Plain; charset=us-ascii","Content-Transfer-Encoding":"7bit","X-Greylist":"Sender succeeded SMTP AUTH, not delayed by\n\tmilter-greylist-4.5.12 (shards.monkeyblade.net\n\t[149.20.54.216]); Mon, 11 Sep 2017 14:33:41 -0700 (PDT)","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netdev.vger.kernel.org>","X-Mailing-List":"netdev@vger.kernel.org"}}]