| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160830222246.29e3f3cc@laptop>
Date: Tue, 30 Aug 2016 22:22:46 +0200
From: Jakub Kicinski <kubakici@...pl>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: Alexei Starovoitov <alexei.starovoitov@...il.com>,
Jakub Kicinski <jakub.kicinski@...ronome.com>,
netdev@...r.kernel.org, ast@...nel.org,
dinan.gunawardena@...ronome.com, jiri@...nulli.us,
john.fastabend@...il.com
Subject: Re: [RFCv2 07/16] bpf: enable non-core use of the verfier
On Tue, 30 Aug 2016 21:07:50 +0200, Daniel Borkmann wrote:
> > Having two modes seems more straight forward and I think we would only
> > need to pay attention in the LD_IMM64 case, I don't think I've seen
> > LLVM generating XORs, it's just the cBPF -> eBPF conversion.
>
> Okay, though, I think that the cBPF to eBPF migration wouldn't even
> pass through the bpf_parse() handling, since verifier is not aware on
> some of their aspects such as emitting calls directly (w/o *proto) or
> arg mappings. Probably make sense to reject these (bpf_prog_was_classic())
> if they cannot be handled anyway?
TBH again I only use cBPF for testing. It's a convenient way of
generating certain instruction sequences. I can probably just drop
it completely but the XOR patch is just 3 lines of code so not a huge
cost either... I'll keep patch 6 in my tree for now.
Alternatively - is there any eBPF assembler out there? Something
converting verifier output back into ELF would be quite cool.
Powered by blists - more mailing lists