lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e4777396-dbf0-855d-beaf-ba7fd533a4fb@isovalent.com>
Date:   Wed, 26 Feb 2020 17:22:12 +0000
From:   Quentin Monnet <quentin@...valent.com>
To:     Michal Rostecki <mrostecki@...nsuse.org>, bpf@...r.kernel.org
Cc:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>,
        Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, Shuah Khan <shuah@...nel.org>,
        linux-kselftest@...r.kernel.org
Subject: Re: [PATCH bpf-next v4 0/5] Make probes which emit dmesg warnings
 optional

2020-02-26 17:59 UTC+0100 ~ Michal Rostecki <mrostecki@...nsuse.org>
> Feature probes in bpftool related to bpf_probe_write_user and
> bpf_trace_printk helpers emit dmesg warnings which might be confusing
> for people running bpftool on production environments. This patch series
> addresses that by filtering them out by default and introducing the new
> positional argument "full" which enables all available probes.
> 
> The main motivation behind those changes is ability the fact that some
> probes (for example those related to "trace" or "write_user" helpers)
> emit dmesg messages which might be confusing for people who are running
> on production environments. For details see the Cilium issue[0].
> 
> v1 -> v2:
> - Do not expose regex filters to users, keep filtering logic internal,
> expose only the "full" option for including probes which emit dmesg
> warnings.
> 
> v2 -> v3:
> - Do not use regex for filtering out probes, use function IDs directly.
> - Fix bash completion - in v2 only "prefix" was proposed after "macros",
>    "dev" and "kernel" were not.
> - Rephrase the man page paragraph, highlight helper function names.
> - Remove tests which parse the plain output of bpftool (except the
>    header/macros test), focus on testing JSON output instead.
> - Add test which compares the output with and without "full" option.
> 
> v3 -> v4:
> - Use enum to check for helper functions.
> - Make selftests compatible with older versions of Python 3.x than 3.7.
> 
> [0] https://github.com/cilium/cilium/issues/10048
> 
> Michal Rostecki (5):
>    bpftool: Move out sections to separate functions
>    bpftool: Make probes which emit dmesg warnings optional
>    bpftool: Update documentation of "bpftool feature" command
>    bpftool: Update bash completion for "bpftool feature" command
>    selftests/bpf: Add test for "bpftool feature" command
> 
>   .../bpftool/Documentation/bpftool-feature.rst |  19 +-
>   tools/bpf/bpftool/bash-completion/bpftool     |   3 +-
>   tools/bpf/bpftool/feature.c                   | 283 +++++++++++-------
>   tools/testing/selftests/.gitignore            |   5 +-
>   tools/testing/selftests/bpf/Makefile          |   3 +-
>   tools/testing/selftests/bpf/test_bpftool.py   | 178 +++++++++++
>   tools/testing/selftests/bpf/test_bpftool.sh   |   5 +
>   7 files changed, 373 insertions(+), 123 deletions(-)
>   create mode 100644 tools/testing/selftests/bpf/test_bpftool.py
>   create mode 100755 tools/testing/selftests/bpf/test_bpftool.sh
> 

Reviewed-by: Quentin Monnet <quentin@...valent.com>
(Please keep tags between versions.)

Your change looks good. The tests in patch 5 still pass with Python 
3.7.5 (but I have not tried to run with an older version of Python).

Quentin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ