lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+khW7iGQyoxRuOR=fHFzjpXLnHKraJ6=brktaZw6Rqkg85a6g@mail.gmail.com>
Date:   Tue, 2 Aug 2022 17:15:50 -0700
From:   Hao Luo <haoluo@...gle.com>
To:     Jiri Olsa <olsajiri@...il.com>
Cc:     linux-kernel@...r.kernel.org, bpf@...r.kernel.org,
        Alexei Starovoitov <ast@...nel.org>,
        Andrii Nakryiko <andrii@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <martin.lau@...ux.dev>,
        Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
        KP Singh <kpsingh@...nel.org>,
        John Fastabend <john.fastabend@...il.com>,
        Stanislav Fomichev <sdf@...gle.com>
Subject: Re: [PATCH bpf-next v1] bpf, iter: clean up bpf_seq_read().

On Tue, Aug 2, 2022 at 4:14 AM Jiri Olsa <olsajiri@...il.com> wrote:
>
> On Mon, Aug 01, 2022 at 01:50:39PM -0700, Hao Luo wrote:
>
> SNIP
>
> > +static int do_seq_show(struct seq_file *seq, void *p, size_t offs)
> > +{
> > +     int err;
> > +
> > +     WARN_ON(IS_ERR_OR_NULL(p));
> > +
> > +     err = seq->op->show(seq, p);
> > +     if (err > 0) {
> > +             /* object is skipped, decrease seq_num, so next
> > +              * valid object can reuse the same seq_num.
> > +              */
> > +             bpf_iter_dec_seq_num(seq);
> > +             seq->count = offs;
> > +             return err;
> > +     }
> > +
> > +     if (err < 0 || seq_has_overflowed(seq)) {
> > +             seq->count = offs;
> > +             return err ? err : -E2BIG;
> > +     }
> > +
> > +     /* err == 0 and no overflow */
> > +     return 0;
> > +}
> > +
> > +/* do_seq_stop, stops at the given object 'p'. 'p' could be an ERR or NULL. If
> > + * 'p' is an ERR or there was an overflow, reset seq->count to 'offs' and
> > + * returns error. Returns 0 otherwise.
> > + */
> > +static int do_seq_stop(struct seq_file *seq, void *p, size_t offs)
> > +{
> > +     if (IS_ERR(p)) {
> > +             seq->op->stop(seq, NULL);
> > +             seq->count = offs;
>
> should we set seq->count to 0 in case of error?
>

Thanks Jiri. To be honest, I don't know. There are two paths that may
lead to an error "p".

First, seq->op->start() could return ERR, in that case, '"offs'" is
zero and we set it to zero already. This is fine.

The other one, seq->op->next() could return ERR. This is a case where
bpf_seq_read() fails to handle right now, so I am not sure what to do.

Based on my understanding reading the code, if seq->count isn't
zeroed, the current read() will not copy data, but the next read()
will copy data (see the "if (seq->count)" at the beginning of
bpf_seq_read). If seq->count is zeroed, the data in buffer will be
discarded. I don't know what is right.

> jirka
>
> > +             return PTR_ERR(p);
> > +     }
> > +
> > +     seq->op->stop(seq, p);
> > +     if (!p) {
> > +             if (!seq_has_overflowed(seq)) {
> > +                     bpf_iter_done_stop(seq);
> > +             } else {
> > +                     seq->count = offs;
> > +                     if (offs == 0)
> > +                             return -E2BIG;
> > +             }
> > +     }
> > +     return 0;
> > +}
> > +
> >  /* maximum visited objects before bailing out */
> >  #define MAX_ITER_OBJECTS     1000000
> >
>
> SNIP

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ