lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 8 Jan 2020 19:37:49 +0100
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Quentin Monnet <quentin.monnet@...ronome.com>,
        Michal Rostecki <mrostecki@...nsuse.org>, bpf@...r.kernel.org
Cc:     Alexei Starovoitov <ast@...nel.org>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>,
        Jakub Kicinski <jakub.kicinski@...ronome.com>,
        Stanislav Fomichev <sdf@...gle.com>,
        Prashant Bhole <bhole_prashant_q7@....ntt.co.jp>,
        Peter Wu <peter@...ensteyn.nl>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v3 0/2] bpftool/libbpf: Add probe for large INSN
 limit

On 1/8/20 6:48 PM, Quentin Monnet wrote:
> 2020-01-08 17:23 UTC+0100 ~ Michal Rostecki <mrostecki@...nsuse.org>
>> This series implements a new BPF feature probe which checks for the
>> commit c04c0d2b968a ("bpf: increase complexity limit and maximum program
>> size"), which increases the maximum program size to 1M. It's based on
>> the similar check in Cilium, although Cilium is already aiming to use
>> bpftool checks and eventually drop all its custom checks.
>>
>> Examples of outputs:
>>
>> # bpftool feature probe
>> [...]
>> Scanning miscellaneous eBPF features...
>> Large complexity limit and maximum program size (1M) is available
>>
>> # bpftool feature probe macros
>> [...]
>> /*** eBPF misc features ***/
>> #define HAVE_HAVE_LARGE_INSN_LIMIT
>>
>> # bpftool feature probe -j | jq '.["misc"]'
>> {
>>    "have_large_insn_limit": true
>> }
>>
>> v1 -> v2:
>> - Test for 'BPF_MAXINSNS + 1' number of total insns.
>> - Remove info about current 1M limit from probe's description.
>>
>> v2 -> v3:
>> - Remove the "complexity" word from probe's description.
> 
> Series looks good to me, thanks!
> 
> Reviewed-by: Quentin Monnet <quentin.monnet@...ronome.com>

Applied, thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ