bpf: Unshare cloned skb before devmap egress XDP program#8007
Open
kernel-patches-daemon-bpf-rc[bot] wants to merge 1 commit into
Open
bpf: Unshare cloned skb before devmap egress XDP program#8007kernel-patches-daemon-bpf-rc[bot] wants to merge 1 commit into
kernel-patches-daemon-bpf-rc[bot] wants to merge 1 commit into
Conversation
Author
|
Upstream branch: b9452b5 |
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
bpf-next_base
branch
from
5fcaaa9 to
bae1e1e
Compare
Author
|
Upstream branch: dd0f968 |
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
series/1108462=>bpf-next
branch
from
fb15f48 to
c5e2ad9
Compare
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
bpf-next_base
branch
from
bae1e1e to
26e71a9
Compare
Author
|
Upstream branch: f1a660b |
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
series/1108462=>bpf-next
branch
from
c5e2ad9 to
58ce5a9
Compare
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
bpf-next_base
branch
from
26e71a9 to
01743a4
Compare
Author
|
Upstream branch: 68f4e48 |
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
series/1108462=>bpf-next
branch
from
58ce5a9 to
000742a
Compare
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
bpf-next_base
branch
from
01743a4 to
58d8cc8
Compare
Author
|
Upstream branch: c15261b |
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
series/1108462=>bpf-next
branch
from
000742a to
7b75796
Compare
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
bpf-next_base
branch
from
58d8cc8 to
4d4751c
Compare
Author
|
Upstream branch: 140fa23 |
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
series/1108462=>bpf-next
branch
from
7b75796 to
dde199a
Compare
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
bpf-next_base
branch
from
4d4751c to
dcffd40
Compare
Author
|
Upstream branch: 2e8ad1f |
1 similar comment
Author
|
Upstream branch: 2e8ad1f |
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
series/1108462=>bpf-next
branch
from
dde199a to
3f67341
Compare
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
bpf-next_base
branch
from
dcffd40 to
8b7f742
Compare
Author
|
Upstream branch: 30dee2c |
dev_map_redirect_clone() uses skb_clone() when redirecting a generic XDP skb to multiple devmap destinations. The cloned skb can share packet data with other clones. If the destination devmap entry has an egress XDP program, that program can modify packet data. Such modifications can then be observed by other clones sharing the same packet data. This can be reproduced by strengthening xdp_veth_egress to configure a different source MAC for each egress device and checking that store_mac_1/2 observe the MAC configured for their own egress devices. Without the fix, the SKB_MODE subtest observes store_mac_1 receiving the MAC configured for the next egress device. Fix this by unsharing the cloned skb before running the devmap egress XDP program. Limit the extra copy to destinations with an attached egress program. Tested with: ./test_progs -t xdp_veth_egress ./test_progs -t xdp_veth ./test_progs -t xdp Fixes: e624d4e ("xdp: Extend xdp_redirect_map with broadcast support") Signed-off-by: Sun Jian <sun.jian.kdev@gmail.com>
kernel-patches-daemon-bpf-rc
Bot
force-pushed
the
series/1108462=>bpf-next
branch
from
3f67341 to
c3f43b6
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull request for series with
subject: bpf: Unshare cloned skb before devmap egress XDP program
version: 1
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462