| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Nov 2015 15:40:15 -0800 From: Alexei Starovoitov <alexei.starovoitov@...il.com> To: Peter Zijlstra <peterz@...radead.org> Cc: David Miller <davem@...emloft.net>, will.deacon@....com, daniel@...earbox.net, arnd@...db.de, yang.shi@...aro.org, linaro-kernel@...ts.linaro.org, eric.dumazet@...il.com, zlim.lnx@...il.com, ast@...nel.org, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, xi.wang@...il.com, catalin.marinas@....com, linux-arm-kernel@...ts.infradead.org, yhs@...mgrid.com, bblanco@...mgrid.com Subject: Re: [PATCH 2/2] arm64: bpf: add BPF XADD instruction On Wed, Nov 11, 2015 at 11:21:35PM +0100, Peter Zijlstra wrote: > On Wed, Nov 11, 2015 at 11:55:59AM -0800, Alexei Starovoitov wrote: > > Therefore things like memory barriers, full set of atomics are not applicable > > in bpf world. > > There are still plenty of wait-free constructs one can make using them. yes, but all such lock-free algos are typically based on cmpxchg8b and tight loop, so it would be very hard for verifier to proof termination of such loops. I think when we'd need to add something like this, we'll add new bpf insn that will be membarrier+cmpxhg8b+check+loop as a single insn, so it cannot be misused. I don't know of any concrete use case yet. All possible though. > Say a barrier/rendezvous construct for knowing when an event has > happened on all CPUs. > > But if you really do not want any of that, I suppose that is a valid > choice. I do want it :) and I think in the future we'll add a bunch of interesting stuff. May be including things like above. I just don't want to rush things in just because x86 has such insn or because gcc has a builtin for it. Like we discussed adding popcnt insn. It can be useful in some cases, but doesn't seem to worth the pain of adding it to interpreter, JITs and llvm backends... as of today... May be tomorrow it will be must have. > Is even privileged (e)BPF not allowed things like this? I was thinking > the strict no loops stuff was for unpriv (e)BPF only. the only difference between unpriv and priv is the ability to send all values (including kernel addresses) to user space (like tracing needs to see all registers). The rest is the same. root should never crash the kernel as well. If we relax even little bit for root then the whole bpf stuff is no better than kernel module. btw, support for mini loops was requested many times in the past. I guess we'd have to add something like this, but it's tricky. Mainly because control flow graph analysis becomes much more complicated. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists