lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 5 Dec 2019 10:44:50 -0800
From:   Paul Burton <paulburton@...nel.org>
To:     Alexander Lobakin <alobakin@...nk.ru>
Cc:     Paul Burton <paul.burton@...s.com>,
        Hassan Naveed <hnaveed@...ecomp.com>,
        Ralf Baechle <ralf@...ux-mips.org>,
        James Hogan <jhogan@...nel.org>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>, netdev@...r.kernel.org,
        bpf@...r.kernel.org, linux-mips@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: MIPS eBPF JIT support on pre-32R2

Hi Alexander,

On Thu, Dec 05, 2019 at 03:45:27PM +0300, Alexander Lobakin wrote:
> Hey all,
> 
> I'm writing about lines arch/mips/net/ebpf_jit.c:1806-1807:
> 
> 	if (!prog->jit_requested || MIPS_ISA_REV < 2)
> 		return prog;
> 
> Do pre-32R2 architectures (32R1, maybe even R3000-like) actually support
> this eBPF JIT code?

No, they don't; the eBPF JIT makes unconditional use of at least the
(d)ins & (d)ext instructions which were added in MIPSr2, so it would
result in reserved instruction exceptions & panics if enabled on
pre-MIPSr2 CPUs.

> If they do, then the condition 'MIPS_ISA_REV < 2'
> should be removed as it is always true for them and tells CC to remove
> JIT completely.
> 
> If they don't support instructions from this JIT, then the line
> arch/mips/Kconfig:50:
> 
> 	select HAVE_EBPF_JIT if (!CPU_MICROMIPS)
> 
> should be changed to something like:
> 
> 	select HAVE_EBPF_JIT if !CPU_MICROMIPS && TARGET_ISA_REV >= 2
> 
> (and then the mentioned 'if' condition would become redundant)

Good spot; I agree entirely, this dependency should be reflected in
Kconfig.

> At the moment it is possible to build a kernel without both JIT and
> interpreter, but with CONFIG_BPF_SYSCALL=y (what should not be allowed
> I suppose?) within the following configuration:
> 
> - select any pre-32R2 CPU (e.g. CONFIG_CPU_MIPS32_R1);
> - enable CONFIG_BPF_JIT (CONFIG_MIPS_EBPF_JIT will be autoselected);
> - enable CONFIG_BPF_JIT_ALWAYS_ON (this removes BPF interpreter from
>   the system).
> 
> I may prepare a proper patch by myself if needed (after clarification).

That would be great, thanks!

One thing to note is that I hope we'll restore the cBPF JIT with this
patch:

https://lore.kernel.org/linux-mips/20191205182318.2761605-1-paulburton@kernel.org/T/#u

The cBPF JIT looks like it should work on older pre-MIPSr2 CPUs, so the
only way this is relevant is that your patch might have a minor
conflict. But I thought I'd mention it anyway :)

Thanks,
    Paul

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ