lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <550313B6.2080701@iogearbox.net>
Date:	Fri, 13 Mar 2015 17:43:34 +0100
From:	Daniel Borkmann <daniel@...earbox.net>
To:	Alexei Starovoitov <ast@...mgrid.com>,
	"David S. Miller" <davem@...emloft.net>
CC:	Thomas Graf <tgraf@...g.ch>, linux-api@...r.kernel.org,
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next 1/2] bpf: allow extended BPF programs access
 skb fields

On 03/13/2015 05:22 PM, Alexei Starovoitov wrote:
> On 3/13/15 2:57 AM, Daniel Borkmann wrote:
>> On 03/13/2015 03:21 AM, Alexei Starovoitov wrote:
>>> introduce user accessible mirror of in-kernel 'struct sk_buff':
>>
>> For each member, I'd also add BUILD_BUG_ON()s similarly as we have in
>> convert_bpf_extensions(). That way, people won't forget to adjust the
>> code.
>
> I thought about it, but didn't add it, since we already have them
> in the same file several lines above this spot.
> I think one build error per .c file should be enough to attract
> attention.
> Though I'll add a comment to convert_bpf_extensions() that build_bug_on
> errors should be addressed in two places.

My concern would be that in case the code gets changed, this spot
could easily be overlooked by someone possibly unfamiliar with the
code, since no build error triggers there.

So I guess it wouldn't hurt or cost us much to also adding the
BUILD_BUG_ON()s there instead of a comment.

...
>> The remaining fields we export in classic BPF would be skb->hash,
>> skb->protocol, skb->vlan_tci, are we adding them as well to match
>> up functionality with classic BPF? For example, I can see hash being
>> useful as a key to be used with eBPF maps, etc.
>
> I want to do skb->protocol and skb->vlan_tci differently and hopefully
> more generically than classic did them, so they will come in the
> follow on patches. skb->hash also should be done differently.
> So yes. All of them are subjects of future patches/discussions.

Ok, sounds good.

Thanks,
Daniel
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ