Skip to content

bpf: Unshare cloned skb before devmap egress XDP program#12402

Open
kernel-patches-daemon-bpf[bot] wants to merge 1 commit into
bpf-next_basefrom
series/1108462=>bpf-next
Open

bpf: Unshare cloned skb before devmap egress XDP program#12402
kernel-patches-daemon-bpf[bot] wants to merge 1 commit into
bpf-next_basefrom
series/1108462=>bpf-next

Conversation

@kernel-patches-daemon-bpf

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot commented Jun 9, 2026

Copy link
Copy Markdown

Pull request for series with
subject: bpf: Unshare cloned skb before devmap egress XDP program
version: 1
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462

@kernel-patches-daemon-bpf

kernel-patches-daemon-bpf Bot commented Jun 9, 2026

Copy link
Copy Markdown
Author

Upstream branch: b9452b5
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462
version: 1

@kernel-patches-daemon-bpf

kernel-patches-daemon-bpf Bot commented Jun 9, 2026

Copy link
Copy Markdown
Author

Upstream branch: dd0f968
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot force-pushed the series/1108462=>bpf-next branch from c18b415 to 3bff632 Compare June 9, 2026 15:44
@kernel-patches-daemon-bpf

kernel-patches-daemon-bpf Bot commented Jun 9, 2026

Copy link
Copy Markdown
Author

Upstream branch: f1a660b
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot force-pushed the series/1108462=>bpf-next branch from 3bff632 to f821f98 Compare June 9, 2026 15:58
@kernel-patches-daemon-bpf

kernel-patches-daemon-bpf Bot commented Jun 9, 2026

Copy link
Copy Markdown
Author

Upstream branch: 68f4e48
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot force-pushed the series/1108462=>bpf-next branch from f821f98 to 6a96564 Compare June 9, 2026 18:20
@kernel-patches-daemon-bpf

kernel-patches-daemon-bpf Bot commented Jun 9, 2026

Copy link
Copy Markdown
Author

Upstream branch: c15261b
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot force-pushed the series/1108462=>bpf-next branch from 6a96564 to ec73b72 Compare June 9, 2026 19:53
@kernel-patches-daemon-bpf

kernel-patches-daemon-bpf Bot commented Jun 10, 2026

Copy link
Copy Markdown
Author

Upstream branch: 140fa23
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot force-pushed the series/1108462=>bpf-next branch from ec73b72 to ef2e63a Compare June 10, 2026 04:32
@kernel-patches-daemon-bpf

kernel-patches-daemon-bpf Bot commented Jun 10, 2026

Copy link
Copy Markdown
Author

Upstream branch: 2e8ad1f
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot force-pushed the series/1108462=>bpf-next branch from ef2e63a to 995933f Compare June 10, 2026 16:30
@kernel-patches-daemon-bpf

kernel-patches-daemon-bpf Bot commented Jun 10, 2026

Copy link
Copy Markdown
Author

Upstream branch: 30dee2c
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1108462
version: 1

@ahjf-07
bpf: Unshare cloned skb before devmap egress XDP program
dd89b01 
dev_map_redirect_clone() uses skb_clone() when redirecting a generic XDP
skb to multiple devmap destinations. The cloned skb can share packet data
with other clones.

If the destination devmap entry has an egress XDP program, that program
can modify packet data. Such modifications can then be observed by other
clones sharing the same packet data.

This can be reproduced by strengthening xdp_veth_egress to configure a
different source MAC for each egress device and checking that store_mac_1/2
observe the MAC configured for their own egress devices. Without the fix,
the SKB_MODE subtest observes store_mac_1 receiving the MAC configured for
the next egress device.

Fix this by unsharing the cloned skb before running the devmap egress XDP
program. Limit the extra copy to destinations with an attached egress
program.

Tested with:
  ./test_progs -t xdp_veth_egress
  ./test_progs -t xdp_veth
  ./test_progs -t xdp

Fixes: e624d4e ("xdp: Extend xdp_redirect_map with broadcast support")
Signed-off-by: Sun Jian <sun.jian.kdev@gmail.com>
@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot force-pushed the series/1108462=>bpf-next branch from 995933f to dd89b01 Compare June 10, 2026 23:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bpf-next new V1-ci-pass V1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ahjf-07