csum_partial() on different archs (selftest/bpf)

Daniel Borkmann daniel at iogearbox.net
Fri Nov 13 09:32:22 EST 2020


On 11/13/20 3:15 PM, Al Viro wrote:
> On Fri, Nov 13, 2020 at 02:22:16PM +0100, Björn Töpel wrote:
> 
>> Folding Al's input to this reply.
>>
>> I think the bpf_csum_diff() is supposed to be used in combination with
>> another helper(s) (e.g. bpf_l4_csum_replace) so I'd guess the returned
>> __wsum should be seen as an opaque value, not something BPF userland
>> can rely on.
> 
> Why not reduce the sucker modulo 0xffff before returning it?  Incidentally,
> implementation is bloody awful:
> 
>          /* This is quite flexible, some examples:
>           *
>           * from_size == 0, to_size > 0,  seed := csum --> pushing data
>           * from_size > 0,  to_size == 0, seed := csum --> pulling data
>           * from_size > 0,  to_size > 0,  seed := 0    --> diffing data
>           *
>           * Even for diffing, from_size and to_size don't need to be equal.
>           */
>          if (unlikely(((from_size | to_size) & (sizeof(__be32) - 1)) ||
>                       diff_size > sizeof(sp->diff)))
>                  return -EINVAL;
> 
>          for (i = 0; i < from_size / sizeof(__be32); i++, j++)
>                  sp->diff[j] = ~from[i];
>          for (i = 0; i <   to_size / sizeof(__be32); i++, j++)
>                  sp->diff[j] = to[i];
> 
>          return csum_partial(sp->diff, diff_size, seed);
> 
> What the hell is this (copying, scratchpad, etc.) for?  First of all,
> _if_ you want to use csum_partial() at all (and I'm not at all sure
> that it won't be cheaper to just go over two arrays, doing csum_add()
> and csum_sub() resp. - depends upon the realistic sizes), you don't
> need to copy anything.  Find the sum of from, find the sum of to and
> then subtract (csum_sub()) the old sum from the seed and and add the
> new one...
> 
> And I would strongly recommend to change the calling conventions of that
> thing - make it return __sum16.  And take __sum16 as well...
> 
> Again, exposing __wsum to anything that looks like a stable ABI is
> a mistake - it's an internal detail that can be easily abused,
> causing unpleasant compat problems.

I'll take a look at both, removing the copying and also wrt not breaking
existing users for cascading the helper when fixing.

Thanks,
Daniel



More information about the linux-riscv mailing list