> -----Original Message-----
> From: Jakub Kicinski <k...@kernel.org>
> Sent: Thursday, November 19, 2020 02:22
> To: Camelia Alexandra Groza <camelia.gr...@nxp.com>
> Cc: bro...@redhat.com; sa...@kernel.org; da...@davemloft.net;
> Madalin Bucur (OSS) <madalin.bu...@oss.nxp.com>; Ioana Ciornei
> <ioana.cior...@nxp.com>; netdev@vger.kernel.org
> Subject: Re: [PATCH net-next v2 2/7] dpaa_eth: add basic XDP support
>
> On Mon, 16 Nov 2020 16:42:28 +0200 Camelia Groza wrote:
> > + if (likely(fd_format == qm_fd_contig)) {
> > + xdp_act = dpaa_run_xdp(priv, (struct qm_fd *)fd, vaddr,
> > + &xdp_meta_len);
> > + if (xdp_act != XDP_PASS) {
> > + percpu_stats->rx_packets++;
> > + percpu_stats->rx_bytes += qm_fd_get_length(fd);
> > + return qman_cb_dqrr_consume;
> > + }
> > skb = contig_fd_to_skb(priv, fd);
> > - else
> > + } else {
> > + WARN_ONCE(priv->xdp_prog, "S/G frames not supported
> under XDP\n");
> > skb = sg_fd_to_skb(priv, fd);
>
> It'd be safer to drop the packet if the format does not allow XDP
> to run. Otherwise someone can bypass whatever policy XDP is trying
> to enforce.
I agree on the policy enforcement issue. I'll drop instead. Thanks.
