Re: [PATCH v4,bpf-next] bpf: Don't redirect packets with invalid pkt_len
From: Stanislav Fomichev
Date: Sat Sep 17 2022 - 11:47:01 EST
On Wed, Sep 14, 2022 at 4:20 AM Lorenz Bauer <oss@xxxxxx> wrote:
>
> Hi,
>
> I think this patch is causing user-space breakage, see [0].
>
> The gist is that we do BPF_PROG_RUN of a socket filter with 14 byte input to determine whether
> BPF_PROG_RUN is available or not. I'll fix this in cilium/ebpf, but I think this patch
> needs more work since users may be doing the same thing in their code.
Ooops, sorry about that.
Instead of rejecting len=0 data, we might accept the packet but add
some safe header? I think that should be more backwards compatible?
Zhengchao, something you can look into?
> Thanks,
> Lorenz
>
> 0: https://github.com/cilium/ebpf/pull/788