| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e4777396-dbf0-855d-beaf-ba7fd533a4fb@isovalent.com>
Date: Wed, 26 Feb 2020 17:22:12 +0000
From: Quentin Monnet <quentin@...valent.com>
To: Michal Rostecki <mrostecki@...nsuse.org>, bpf@...r.kernel.org
Cc: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Andrii Nakryiko <andriin@...com>,
Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, Shuah Khan <shuah@...nel.org>,
linux-kselftest@...r.kernel.org
Subject: Re: [PATCH bpf-next v4 0/5] Make probes which emit dmesg warnings
optional
2020-02-26 17:59 UTC+0100 ~ Michal Rostecki <mrostecki@...nsuse.org>
> Feature probes in bpftool related to bpf_probe_write_user and
> bpf_trace_printk helpers emit dmesg warnings which might be confusing
> for people running bpftool on production environments. This patch series
> addresses that by filtering them out by default and introducing the new
> positional argument "full" which enables all available probes.
>
> The main motivation behind those changes is ability the fact that some
> probes (for example those related to "trace" or "write_user" helpers)
> emit dmesg messages which might be confusing for people who are running
> on production environments. For details see the Cilium issue[0].
>
> v1 -> v2:
> - Do not expose regex filters to users, keep filtering logic internal,
> expose only the "full" option for including probes which emit dmesg
> warnings.
>
> v2 -> v3:
> - Do not use regex for filtering out probes, use function IDs directly.
> - Fix bash completion - in v2 only "prefix" was proposed after "macros",
> "dev" and "kernel" were not.
> - Rephrase the man page paragraph, highlight helper function names.
> - Remove tests which parse the plain output of bpftool (except the
> header/macros test), focus on testing JSON output instead.
> - Add test which compares the output with and without "full" option.
>
> v3 -> v4:
> - Use enum to check for helper functions.
> - Make selftests compatible with older versions of Python 3.x than 3.7.
>
> [0] https://github.com/cilium/cilium/issues/10048
>
> Michal Rostecki (5):
> bpftool: Move out sections to separate functions
> bpftool: Make probes which emit dmesg warnings optional
> bpftool: Update documentation of "bpftool feature" command
> bpftool: Update bash completion for "bpftool feature" command
> selftests/bpf: Add test for "bpftool feature" command
>
> .../bpftool/Documentation/bpftool-feature.rst | 19 +-
> tools/bpf/bpftool/bash-completion/bpftool | 3 +-
> tools/bpf/bpftool/feature.c | 283 +++++++++++-------
> tools/testing/selftests/.gitignore | 5 +-
> tools/testing/selftests/bpf/Makefile | 3 +-
> tools/testing/selftests/bpf/test_bpftool.py | 178 +++++++++++
> tools/testing/selftests/bpf/test_bpftool.sh | 5 +
> 7 files changed, 373 insertions(+), 123 deletions(-)
> create mode 100644 tools/testing/selftests/bpf/test_bpftool.py
> create mode 100755 tools/testing/selftests/bpf/test_bpftool.sh
>
Reviewed-by: Quentin Monnet <quentin@...valent.com>
(Please keep tags between versions.)
Your change looks good. The tests in patch 5 still pass with Python
3.7.5 (but I have not tried to run with an older version of Python).
Quentin
Powered by blists - more mailing lists