lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5928463C.5000204@iogearbox.net>
Date:   Fri, 26 May 2017 17:14:04 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     David Daney <david.daney@...ium.com>,
        Alexei Starovoitov <ast@...nel.org>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-mips@...ux-mips.org,
        ralf@...ux-mips.org
CC:     Markos Chandras <markos.chandras@...tec.com>
Subject: Re: [PATCH 5/5] MIPS: Add support for eBPF JIT.

On 05/26/2017 02:38 AM, David Daney wrote:
> Since the eBPF machine has 64-bit registers, we only support this in
> 64-bit kernels.  As of the writing of this commit log test-bpf is showing:
>
>    test_bpf: Summary: 316 PASSED, 0 FAILED, [308/308 JIT'ed]
>
> All current test cases are successfully compiled.
>
> Signed-off-by: David Daney <david.daney@...ium.com>

Awesome work!

Did you also manage to run tools/testing/selftests/bpf/ fine with
the JIT enabled?

[...]
> +struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
> +{
> +	struct jit_ctx ctx;
> +	unsigned int alloc_size;
> +
> +	/* Only 64-bit kernel supports eBPF */
> +	if (!IS_ENABLED(CONFIG_64BIT) || !bpf_jit_enable)

Isn't this already reflected by the following?

   select HAVE_EBPF_JIT if (64BIT && !CPU_MICROMIPS)

> +		return prog;
> +
> +	memset(&ctx, 0, sizeof(ctx));
> +
> +	ctx.offsets = kcalloc(prog->len + 1, sizeof(*ctx.offsets), GFP_KERNEL);
> +	if (ctx.offsets == NULL)
> +		goto out;
> +
> +	ctx.reg_val_types = kcalloc(prog->len + 1, sizeof(*ctx.reg_val_types), GFP_KERNEL);
> +	if (ctx.reg_val_types == NULL)
> +		goto out;
> +
> +	ctx.skf = prog;
> +
> +	if (reg_val_propagate(&ctx))
> +		goto out;
> +
> +	/* First pass discovers used resources */
> +	if (build_int_body(&ctx))
> +		goto out;
> +
> +	/* Second pass generates offsets */
> +	ctx.idx = 0;
> +	if (gen_int_prologue(&ctx))
> +		goto out;
> +	if (build_int_body(&ctx))
> +		goto out;
> +	if (build_int_epilogue(&ctx))
> +		goto out;
> +
> +	alloc_size = 4 * ctx.idx;
> +
> +	ctx.target = module_alloc(alloc_size);

You would need to use bpf_jit_binary_alloc() like all other
eBPF JITs do, otherwise kallsyms of the JITed progs would
break.

> +	if (ctx.target == NULL)
> +		goto out;
> +
> +	/* Clean it */
> +	memset(ctx.target, 0, alloc_size);
> +
> +	/* Third pass generates the code */
> +	ctx.idx = 0;
> +	if (gen_int_prologue(&ctx))
> +		goto out;
> +	if (build_int_body(&ctx))
> +		goto out;
> +	if (build_int_epilogue(&ctx))
> +		goto out;
> +	/* Update the icache */
> +	flush_icache_range((ptr)ctx.target, (ptr)(ctx.target + ctx.idx));
> +
> +	if (bpf_jit_enable > 1)
> +		/* Dump JIT code */
> +		bpf_jit_dump(prog->len, alloc_size, 2, ctx.target);
> +
> +	prog->bpf_func = (void *)ctx.target;
> +	prog->jited = 1;
> +
> +out:
> +	kfree(ctx.offsets);
> +	kfree(ctx.reg_val_types);
> +
> +	return prog;
> +}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ