On Mon, Oct 31, 2016 at 11:31 AM, Mintz, Yuval <yuval.mi...@cavium.com> wrote: > So I've [finally] started looking into implementing XDP > for qede, and there's one thing I feel like I'm missing in > regard to XDP_TX - what's the guarantee/requirement > that the bpf program isn't going to transmute some fields > of the rx packet in a way that would prevent the forwarding? > I think there are really two separate questions you're probably asking. 1) Can XDP modify a packet in such a way that it won't be forwarded by the driver when XDP_TX is returned, ie. driver would drop packet 2) Does anything prevent the BPF program from modifying the packet such that it becomes malformed (bad checksum, mangled headers, etc.).
I believe the answer to #1 is "no", the XDP interface assumes raw packets. If program returns XDP_TX then the driver will forward the raw packet without any further consideration. The answer to #2 is "no", there is no check that packet produced is sensible. We assume that the user setting the XDP program knows what they are doing. > E.g., can a BPF change the TCP payload of an incoming packet > without correcting its TCP checksum, and then expect the > driver to transmit it [via XDP_TX]? If not, how is this enforced [if at all]? > It's not enforced. If program doesn't update a checksum then we assume that forwarded packet is dropped at the receiver. > [Looked at samples/bpf/xdp2_kern.c which manipulates the > UDP header; so I'm not certain what prevents it from doing > the same when checksum modifications would be required] > > >
