On Fri, Jul 1, 2022 at 11:43 AM Johan Almbladh
<johan.almbladh@xxxxxxxxxxxxxxxxx> wrote:
>
> The byte queue limits (BQL) mechanism is intended to move queuing from
> the driver to the network stack in order to reduce latency caused by
> excessive queuing in hardware. However, when transmitting or redirecting
> a packet with XDP, the qdisc layer is bypassed and there are no
> additional queues. Since netif_xmit_stopped() also takes BQL limits into
> account, but without having any alternative queuing, packets are
> silently dropped.
>
> This patch modifies the drop condition to only consider cases when the
> driver itself cannot accept any more packets. This is analogous to the
> condition in __dev_direct_xmit(). Dropped packets are also counted on
> the device.
This means XDP packets are able to starve other packets going through a qdisc,
DDOS attacks will be more effective.
in-driver-XDP use dedicated TX queues, so they do not have this
starvation issue.
This should be mentioned somewhere I guess.
>
> Signed-off-by: Johan Almbladh <johan.almbladh@xxxxxxxxxxxxxxxxx>
> ---
> net/core/dev.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/net/core/dev.c b/net/core/dev.c
> index 8e6f22961206..41b5d7ac5ec5 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -4875,10 +4875,12 @@ void generic_xdp_tx(struct sk_buff *skb, struct bpf_prog *xdp_prog)
> txq = netdev_core_pick_tx(dev, skb, NULL);
> cpu = smp_processor_id();
> HARD_TX_LOCK(dev, txq, cpu);
> - if (!netif_xmit_stopped(txq)) {
> + if (!netif_xmit_frozen_or_drv_stopped(txq)) {
> rc = netdev_start_xmit(skb, dev, txq, 0);
> if (dev_xmit_complete(rc))
> free_skb = false;
> + } else {
> + dev_core_stats_tx_dropped_inc(dev);
> }
> HARD_TX_UNLOCK(dev, txq);
> if (free_skb) {
> --
> 2.30.2
>
