Tobias Böhm <tobias@xxxxxxxx> writes: > Hello, > > I was playing around a bit with cpumaps and wondered what happens when > the attached program just does another CPU redirect to itself. > > I ended up having an infinite loop. The working example can be found > here: https://github.com/aibor/cpumap-loop > > Now, I wonder if there is a way to detect and break this loop. I took a > look at the xdp_md->rx_queue_index values. When executed by a NIC event, > the value is the NIC ID, so a fairly low number. After CPU redirection > the values I saw were far above the range of NIC queue IDs. I couldn't > figure out if it is just a random memory value or if this value still > has a (maybe different) meaning after CPU redirection. Maybe somehow > related to the CPU queue? It's random. The rxq data structure is not initialised on the stack, so it's basically whatever was in that memory. Interestingly, there's a TODO comment in there to fix this: https://elixir.bootlin.com/linux/latest/source/kernel/bpf/cpumap.c#L195 Not sure what the intention was here. +Lorenzo, who wrote that code. Returning the contents of a random uninitialised stack variable is probably not a good idea, though, we should zero out the data structure. I'll send a patch for that. > If the field is set to a meaningful value I can make assumptions about > it and would be able to detect previous CPU redirection, I guess. > > I'd appreciate any pointers and tips how I could detect such a loop. Or > maybe there is a way to prevent it in the first place other than "just > being careful"? Well, you kinda have to go out of your way to construct a loop like this. How are you envisioning this would happen accidentally? :) -Toke
|