lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20180111.221145.643386077098131140.davem@davemloft.net>
Date:   Thu, 11 Jan 2018 22:11:45 -0500 (EST)
From:   David Miller <davem@...emloft.net>
To:     alexei.starovoitov@...il.com
Cc:     sfr@...b.auug.org.au, netdev@...r.kernel.org, daniel@...earbox.net,
        ast@...nel.org, linux-next@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: linux-next: build failure after merge of the net-next tree

From: Alexei Starovoitov <alexei.starovoitov@...il.com>
Date: Wed, 10 Jan 2018 17:58:54 -0800

> On Thu, Jan 11, 2018 at 11:53:55AM +1100, Stephen Rothwell wrote:
>> Hi all,
>> 
>> After merging the net-next tree, today's linux-next build (x86_64
>> allmodconfig) failed like this:
>> 
>> kernel/bpf/verifier.o: In function `bpf_check':
>> verifier.c:(.text+0xd86e): undefined reference to `bpf_patch_call_args'
>> 
>> Caused by commit
>> 
>>   1ea47e01ad6e ("bpf: add support for bpf_call to interpreter")
>> 
>> interacting with commit
>> 
>>   290af86629b2 ("bpf: introduce BPF_JIT_ALWAYS_ON config")
>> 
>> from the bpf and net trees.
>> 
>> I have just reverted commit 290af86629b2 for today.  A better solution
>> would be nice (lie fixing this in a merge between the net-next and net
>> trees).
> 
> that's due to 'endif' from 290af86629b2 needs to be moved above
> bpf_patch_call_args() definition.

That doesn't fix it, because then you'd need to expose
interpreters_args as well and obviously that can't be right.

Instead, we should never call bpf_patch_call_args() when JIT always on
is enabled.  So if we fail to JIT the subprogs we should fail
immediately.

This is the net --> net-next merge resolution I am about to use to fix
this:

...
 +static int fixup_call_args(struct bpf_verifier_env *env)
 +{
 +	struct bpf_prog *prog = env->prog;
 +	struct bpf_insn *insn = prog->insnsi;
- 	int i, depth;
++	int i, depth, err;
 +
- 	if (env->prog->jit_requested)
- 		if (jit_subprogs(env) == 0)
++	err = 0;
++	if (env->prog->jit_requested) {
++		err = jit_subprogs(env);
++		if (err == 0)
 +			return 0;
- 
++	}
++#ifndef CONFIG_BPF_JIT_ALWAYS_ON
 +	for (i = 0; i < prog->len; i++, insn++) {
 +		if (insn->code != (BPF_JMP | BPF_CALL) ||
 +		    insn->src_reg != BPF_PSEUDO_CALL)
 +			continue;
 +		depth = get_callee_stack_depth(env, insn, i);
 +		if (depth < 0)
 +			return depth;
 +		bpf_patch_call_args(insn, depth);
 +	}
- 	return 0;
++	err = 0;
++#endif
++	return err;
 +}
 +
  /* fixup insn->imm field of bpf_call instructions
   * and inline eligible helpers as explicit sequence of BPF instructions
   *

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ