On 25/07/2025 12.11, Edward Cree wrote:
On 7/24/25 10:57, Paolo Abeni wrote:
On 7/23/25 2:32 AM, Chenyuan Yang wrote:
The xdp_convert_buff_to_frame() function can return NULL when there is
insufficient headroom in the buffer to store the xdp_frame structure
or when the driver didn't reserve enough tailroom for skb_shared_info.
AFAIC the sfc driver reserves both enough headroom and tailroom, but
this is after ebpf run, which in turn could consume enough headroom to
cause a failure, so I think this makes sense.
Your reasoning seems plausible to me.
Hmm... have you actually tested that XDP/BPF can adjust headroom so much
that xdp_convert_buff_to_frame() function fails?
I really doubt this possible for BPF-progs to violate this.
The XDP BPF-prog can only adjust the headroom via the helpers
bpf_xdp_adjust_head() and bpf_xdp_adjust_meta(). These helpers reserve
room for sizeof(struct xdp_frame).
The tailroom can be adjusted via helper bpf_xdp_adjust_tail() and it
also reserve room for sizeof(struct skb_shared_info) such that BPF-progs
cannot get access to this area. See define for xdp_data_hard_end.
--Jesper
