From patchwork Mon Nov 27 18:32:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Larysa Zaremba X-Patchwork-Id: 13470097 X-Patchwork-Delegate: bpf@iogearbox.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="ThKZPKTM" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.93]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 32E90D4C; Mon, 27 Nov 2023 10:51:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1701111103; x=1732647103; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=jRJExu1kINjylZ5RqABycvnvPx8c1x03hFJra8lgzQA=; b=ThKZPKTM4iaPMR/Qg1a/bgBItdc/3axNV27wHclBAtCy2KFxBtOuphWN OeJfgBYwHjR/pJkwFb7KT37GG9lzr5nDsbFwfaIM3qp5bWMg7GY+xPYnC iR5bFIylAv7A4TZHb0edhvPbBrsQXQdKNGhWLTR2WILXuOAF9hQu60iNK 8Q/p0peOOVXxvnc8Q8JvwhBEgX+Ej+pshHCB5Cu92z5JwlXa8P6B63OQ5 48R8POMPYtlwZAyFizMdbeXS7lbEyBwWZOnOclRpRiX8Sixxh4CttFAMT jeSO/kC2YSShah4JNnjeQyxxu1Os1QHcfiVxlWgXDrdVhRkkeXi0b4WgG g==; X-IronPort-AV: E=McAfee;i="6600,9927,10907"; a="389921343" X-IronPort-AV: E=Sophos;i="6.04,231,1695711600"; d="scan'208";a="389921343" Received: from orviesa001.jf.intel.com ([10.64.159.141]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 10:51:42 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,231,1695711600"; d="scan'208";a="16376304" Received: from irvmail002.ir.intel.com ([10.43.11.120]) by orviesa001.jf.intel.com with ESMTP; 27 Nov 2023 10:51:39 -0800 Received: from lincoln.igk.intel.com (lincoln.igk.intel.com [10.102.21.235]) by irvmail002.ir.intel.com (Postfix) with ESMTP id 1AB2138D81; Mon, 27 Nov 2023 18:33:52 +0000 (GMT) From: Larysa Zaremba To: bpf@vger.kernel.org Cc: Larysa Zaremba , netdev@vger.kernel.org, Alexei Starovoitov , Daniel Borkmann , "David S. Miller" , Jakub Kicinski , Jesper Dangaard Brouer , Eric Dumazet , Magnus Karlsson , Willem de Bruijn , Yunsheng Lin , Maciej Fijalkowski , John Fastabend , Aleksander Lobakin Subject: [PATCH bpf-next v3 1/2] selftests/bpf: increase invalid metadata size Date: Mon, 27 Nov 2023 19:32:15 +0100 Message-ID: <20231127183216.269958-2-larysa.zaremba@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231127183216.269958-1-larysa.zaremba@intel.com> References: <20231127183216.269958-1-larysa.zaremba@intel.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net Changed check expects passed data meta to be deemed invalid. After loosening the requirement, the size of 36 bytes becomes valid. Therefore, increase tested meta size to 256, so we do not get an unexpected success. Signed-off-by: Larysa Zaremba --- tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c b/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c index ab4952b9fb1d..e6a783c7f5db 100644 --- a/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c +++ b/tools/testing/selftests/bpf/prog_tests/xdp_context_test_run.c @@ -77,8 +77,8 @@ void test_xdp_context_test_run(void) test_xdp_context_error(prog_fd, opts, 4, sizeof(__u32), sizeof(data), 0, 0, 0); - /* Meta data must be 32 bytes or smaller */ - test_xdp_context_error(prog_fd, opts, 0, 36, sizeof(data), 0, 0, 0); + /* Meta data must be 255 bytes or smaller */ + test_xdp_context_error(prog_fd, opts, 0, 256, sizeof(data), 0, 0, 0); /* Total size of data must match data_end - data_meta */ test_xdp_context_error(prog_fd, opts, 0, sizeof(__u32), From patchwork Mon Nov 27 18:32:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Larysa Zaremba X-Patchwork-Id: 13470098 X-Patchwork-Delegate: bpf@iogearbox.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="HKzWHzH2" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BA36CD4D; Mon, 27 Nov 2023 10:51:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1701111103; x=1732647103; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=G6N5BWdcxTgKtZ03TKk2tuA+8QGXvp1vc8qUVDweir4=; b=HKzWHzH2UCH4x1VJtydW9azHbjzV6pJSt49ZQiRPcpSUuslEJ7zbVRrN 7XB31hREIxs7fTd7bXFHQijeEsG5q7LkXQmn+WP/2knEcLwro/wVOiOXy eTjb78MnhxoXHg+wYRycsGfmHvA7HXAZ+2E9TUbzw9QgKBYQAvYAgnyXD 8C0hIKustmIpOOdRzaIeqPdTIgY1u9GwgBc004PEZ883VoRwf5N6AdI97 EAZuFjjQW8j7OZ2JQuGZJ0J7yIa0Pmh8npWtZSfdYkaRstWxuuPu8TNSB NJGNXW0qgrBR2jFhSTrAfY3aiGkC2XUNshVQoNuCtuJo2n4mtMgOql8fo w==; X-IronPort-AV: E=McAfee;i="6600,9927,10907"; a="392519041" X-IronPort-AV: E=Sophos;i="6.04,231,1695711600"; d="scan'208";a="392519041" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Nov 2023 10:51:43 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10907"; a="891824103" X-IronPort-AV: E=Sophos;i="6.04,231,1695711600"; d="scan'208";a="891824103" Received: from irvmail002.ir.intel.com ([10.43.11.120]) by orsmga004.jf.intel.com with ESMTP; 27 Nov 2023 10:51:39 -0800 Received: from lincoln.igk.intel.com (lincoln.igk.intel.com [10.102.21.235]) by irvmail002.ir.intel.com (Postfix) with ESMTP id 92E5338D82; Mon, 27 Nov 2023 18:33:55 +0000 (GMT) From: Larysa Zaremba To: bpf@vger.kernel.org Cc: Larysa Zaremba , netdev@vger.kernel.org, Alexei Starovoitov , Daniel Borkmann , "David S. Miller" , Jakub Kicinski , Jesper Dangaard Brouer , Eric Dumazet , Magnus Karlsson , Willem de Bruijn , Yunsheng Lin , Maciej Fijalkowski , John Fastabend , Aleksander Lobakin Subject: [PATCH bpf-next v3 2/2] net, xdp: allow metadata > 32 Date: Mon, 27 Nov 2023 19:32:16 +0100 Message-ID: <20231127183216.269958-3-larysa.zaremba@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231127183216.269958-1-larysa.zaremba@intel.com> References: <20231127183216.269958-1-larysa.zaremba@intel.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net From: Aleksander Lobakin 32 bytes may be not enough for some custom metadata. Relax the restriction, allow metadata larger than 32 bytes and make __skb_metadata_differs() work with bigger lengths. Now size of metadata is only limited by the fact it is stored as u8 in skb_shared_info, so the upper limit is now is 255. Other important conditions, such as having enough space for xdp_frame building, are already checked in bpf_xdp_adjust_meta(). The requirement of having its length aligned to 4 bytes is still valid. Signed-off-by: Aleksander Lobakin Signed-off-by: Larysa Zaremba --- include/linux/skbuff.h | 13 ++++++++----- include/net/xdp.h | 7 ++++++- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 27998f73183e..6520ac186d96 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -4235,10 +4235,13 @@ static inline bool __skb_metadata_differs(const struct sk_buff *skb_a, { const void *a = skb_metadata_end(skb_a); const void *b = skb_metadata_end(skb_b); - /* Using more efficient varaiant than plain call to memcmp(). */ -#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64 u64 diffs = 0; + if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) || + BITS_PER_LONG != 64) + goto slow; + + /* Using more efficient variant than plain call to memcmp(). */ switch (meta_len) { #define __it(x, op) (x -= sizeof(u##op)) #define __it_diff(a, b, op) (*(u##op *)__it(a, op)) ^ (*(u##op *)__it(b, op)) @@ -4258,11 +4261,11 @@ static inline bool __skb_metadata_differs(const struct sk_buff *skb_a, fallthrough; case 4: diffs |= __it_diff(a, b, 32); break; + default: +slow: + return memcmp(a - meta_len, b - meta_len, meta_len); } return diffs; -#else - return memcmp(a - meta_len, b - meta_len, meta_len); -#endif } static inline bool skb_metadata_differs(const struct sk_buff *skb_a, diff --git a/include/net/xdp.h b/include/net/xdp.h index 349c36fb5fd8..5d3673afc037 100644 --- a/include/net/xdp.h +++ b/include/net/xdp.h @@ -369,7 +369,12 @@ xdp_data_meta_unsupported(const struct xdp_buff *xdp) static inline bool xdp_metalen_invalid(unsigned long metalen) { - return (metalen & (sizeof(__u32) - 1)) || (metalen > 32); + unsigned long meta_max; + + meta_max = type_max(typeof_member(struct skb_shared_info, meta_len)); + BUILD_BUG_ON(!__builtin_constant_p(meta_max)); + + return !IS_ALIGNED(metalen, sizeof(u32)) || metalen > meta_max; } struct xdp_attachment_info {