[dpdk-dev] packet data access bug in bpf and pdump libs

Morten Brørup mb at smartsharesystems.com
Wed Oct 9 13:35:27 CEST 2019

Previous message: [dpdk-dev] packet data access bug in bpf and pdump libs
Next message: [dpdk-dev] packet data access bug in bpf and pdump libs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> -----Original Message-----
> From: dev [mailto:dev-bounces at dpdk.org] On Behalf Of Ananyev,
> Konstantin
> Sent: Wednesday, October 9, 2019 1:12 PM
> 
> Hi Morten,
> 
> >
> > Hi Konstantin and Stephen,
> >
> > I just noticed the same bug in your bpf and pcap libraries:
> >
> > You are using rte_pktmbuf_mtod(), but should be using
> rte_pktmbuf_read(). Otherwise you cannot read data across multiple
> segments.
> 
> In plain data buffer mode expected input for BPF program is start of
> first segment packet data.
> Other segments are simply not available to BPF program in that mode.

I understand the implementation, but I still consider this a bug, not a feature.

Why should a BPF program not be able to access all data in packet? It might be used for DPI.

What if header splitting is being used, so the first segment only contains the header? E.g. the first segment on egress could be really small in a multicast scenario.

Furthermore, VLAN information cannot be accessed unless the BPF runtime has access to the mbuf. E.g. BPF_STMT(BPF_LD | BPF_ABS, SKF_AD_OFF + SKF_AD_VLAN_TAG) is supposed to read m->vlan_tci.

> AFAIK, cBPF uses the same model.
>

AFAIK, the Linux kernel can read across fragments.


> >
> >
> > Med venlig hilsen / kind regards
> > - Morten Brørup

Previous message: [dpdk-dev] packet data access bug in bpf and pdump libs
Next message: [dpdk-dev] packet data access bug in bpf and pdump libs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list