| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 18 Mar 2018 16:30:44 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: john.fastabend@...il.com
Cc: davejwatson@...com, daniel@...earbox.net, ast@...nel.org,
netdev@...r.kernel.org
Subject: Re: [bpf-next PATCH v3 07/18] bpf: sockmap, add msg_cork_bytes()
helper
From: John Fastabend <john.fastabend@...il.com>
Date: Sun, 18 Mar 2018 12:57:20 -0700
> In the case where we need a specific number of bytes before a
> verdict can be assigned, even if the data spans multiple sendmsg
> or sendfile calls. The BPF program may use msg_cork_bytes().
>
> The extreme case is a user can call sendmsg repeatedly with
> 1-byte msg segments. Obviously, this is bad for performance but
> is still valid. If the BPF program needs N bytes to validate
> a header it can use msg_cork_bytes to specify N bytes and the
> BPF program will not be called again until N bytes have been
> accumulated. The infrastructure will attempt to coalesce data
> if possible so in many cases (most my use cases at least) the
> data will be in a single scatterlist element with data pointers
> pointing to start/end of the element. However, this is dependent
> on available memory so is not guaranteed. So BPF programs must
> validate data pointer ranges, but this is the case anyways to
> convince the verifier the accesses are valid.
>
> Signed-off-by: John Fastabend <john.fastabend@...il.com>
Acked-by: David S. Miller <davem@...emloft.net>
Powered by blists - more mailing lists