Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap... | netdev

[PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-19
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-21
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-21
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-21
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-21
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-23
Re: [PATCH] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
[PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
[PATCH v2 3/4] vhost_net: validate virtio_net_hdr only if it exists · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
Re: [PATCH v2 3/4] vhost_net: validate virtio_net_hdr only if it exists · Jason Wang <jasowang@redhat.com> · 2021-06-23
[PATCH v2 2/4] net: tun: don't assume IFF_VNET_HDR in tun_xdp_one() tx path · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
Re: [PATCH v2 2/4] net: tun: don't assume IFF_VNET_HDR in tun_xdp_one() tx path · Jason Wang <jasowang@redhat.com> · 2021-06-23
[PATCH v2 4/4] vhost_net: Add self test with tun device · David Woodhouse <dwmw2@infradead.org> · 2021-06-22
Re: [PATCH v2 4/4] vhost_net: Add self test with tun device · Jason Wang <jasowang@redhat.com> · 2021-06-23
Re: [PATCH v2 4/4] vhost_net: Add self test with tun device · David Woodhouse <dwmw2@infradead.org> · 2021-06-23
Re: [PATCH v2 4/4] vhost_net: Add self test with tun device · Jason Wang <jasowang@redhat.com> · 2021-06-24
Re: [PATCH v2 4/4] vhost_net: Add self test with tun device · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
Re: [PATCH v2 4/4] vhost_net: Add self test with tun device · Jason Wang <jasowang@redhat.com> · 2021-06-25
Re: [PATCH v2 4/4] vhost_net: Add self test with tun device · David Woodhouse <dwmw2@infradead.org> · 2021-06-25
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-23
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-23
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-23
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-23
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-23
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-24
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-24
Re: [PATCH v2 1/4] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
[PATCH v3 1/5] net: add header len parameter to tun_get_socket(), tap_get_socket() · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
[PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Jason Wang <jasowang@redhat.com> · 2021-06-25
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-06-25
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Jason Wang <jasowang@redhat.com> · 2021-06-28
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-06-28
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-06-28
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Jason Wang <jasowang@redhat.com> · 2021-06-29
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-06-29
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-06-29
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-06-29
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Jason Wang <jasowang@redhat.com> · 2021-06-30
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-06-30
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Jason Wang <jasowang@redhat.com> · 2021-07-01
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-07-01
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Jason Wang <jasowang@redhat.com> · 2021-07-02
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · David Woodhouse <dwmw2@infradead.org> · 2021-07-02
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Jason Wang <jasowang@redhat.com> · 2021-07-02
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Eugenio Perez Martin <eperezma@redhat.com> · 2021-07-09
Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves · Jason Wang <jasowang@redhat.com> · 2021-06-29
[PATCH v3 2/5] net: tun: don't assume IFF_VNET_HDR in tun_xdp_one() tx path · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
Re: [PATCH v3 2/5] net: tun: don't assume IFF_VNET_HDR in tun_xdp_one() tx path · Jason Wang <jasowang@redhat.com> · 2021-06-25
[PATCH v3 4/5] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
Re: [PATCH v3 4/5] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-25
Re: [PATCH v3 4/5] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-25
Re: [PATCH v3 4/5] net: tun: fix tun_xdp_one() for IFF_TUN mode · Jason Wang <jasowang@redhat.com> · 2021-06-28
Re: [PATCH v3 4/5] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-28
Re: [PATCH v3 4/5] net: tun: fix tun_xdp_one() for IFF_TUN mode · Willem de Bruijn <willemdebruijn.kernel@gmail.com> · 2021-06-25
Re: [PATCH v3 4/5] net: tun: fix tun_xdp_one() for IFF_TUN mode · David Woodhouse <dwmw2@infradead.org> · 2021-06-25
[PATCH v3 5/5] vhost_net: Add self test with tun device · David Woodhouse <dwmw2@infradead.org> · 2021-06-24
Re: [PATCH v3 1/5] net: add header len parameter to tun_get_socket(), tap_get_socket() · Jason Wang <jasowang@redhat.com> · 2021-06-25
Re: [PATCH v3 1/5] net: add header len parameter to tun_get_socket(), tap_get_socket() · David Woodhouse <dwmw2@infradead.org> · 2021-06-25
Re: [PATCH v3 1/5] net: add header len parameter to tun_get_socket(), tap_get_socket() · Jason Wang <jasowang@redhat.com> · 2021-06-28
Re: [PATCH v3 1/5] net: add header len parameter to tun_get_socket(), tap_get_socket() · Willem de Bruijn <willemdebruijn.kernel@gmail.com> · 2021-06-25
Re: [PATCH v3 1/5] net: add header len parameter to tun_get_socket(), tap_get_socket() · David Woodhouse <dwmw2@infradead.org> · 2021-06-25

Re: [PATCH v3 3/5] vhost_net: remove virtio_net_hdr validation, let tun/tap do it themselves

From: Jason Wang <jasowang@redhat.com>
Date: 2021-06-28 04:27:32

在 2021/6/25 下午4:37, David Woodhouse 写道:

On Fri, 2021-06-25 at 15:33 +0800, Jason Wang wrote:

quoted

在 2021/6/24 下午8:30, David Woodhouse 写道:

quoted

From: David Woodhouse<redacted>

When the underlying socket isn't configured with a virtio_net_hdr, the
existing code in vhost_net_build_xdp() would attempt to validate
uninitialised data, by copying zero bytes (sock_hlen) into the local
copy of the header and then trying to validate that.

Fixing it is somewhat non-trivial because the tun device might put a
struct tun_pi*before*  the virtio_net_hdr, which makes it hard to find.
So just stop messing with someone else's data in vhost_net_build_xdp(),
and let tap and tun validate it for themselves, as they do in the
non-XDP case anyway.

Thinking in another way. All XDP stuffs for vhost is prepared for TAP.
XDP is not expected to work for TUN.

So we can simply let's vhost doesn't go with XDP path is the underlayer
socket is TUN.

Actually, IFF_TUN mode per se isn't that complex. It's fixed purely on
the tun side by that first patch I posted, which I later expanded a
little to factor out tun_skb_set_protocol().

The next two patches in my original set were fixing up the fact that
XDP currently assumes that the *socket* will be doing the vhdr, not
vhost. Those two weren't tun-specific at all.

It's supporting the PI header (which tun puts *before* the virtio
header as I just said) which introduces a tiny bit more complexity.


This reminds me we need to fix tun_put_user_xdp(), but as we've 
discussed, we need first figure out if PI is worth to support for vhost-net.

So yes, avoiding the XDP path if PI is being used would make some
sense.

In fact I wouldn't be entirely averse to refusing PI mode completely,
as long as we fail gracefully at setup time by refusing the
SET_BACKEND. Not by just silently failing to receive packets.


That's another way. Actually, macvtap mandate IFF_TAP | IFF_NO_PI.

Thanks

But then again, it's not actually *that* hard to support, and it's
working fine in my selftests at the end of my patch series.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help