| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Jun 2017 14:04:46 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: yhs@...com
Cc: ast@...com, daniel@...earbox.net, netdev@...r.kernel.org,
kernel-team@...com
Subject: Re: [PATCH net-next] bpf: possibly avoid extra masking for
narrower load in verifier
From: Yonghong Song <yhs@...com>
Date: Thu, 22 Jun 2017 15:07:39 -0700
> Commit 31fd85816dbe ("bpf: permits narrower load from bpf program
> context fields") permits narrower load for certain ctx fields.
> The commit however will already generate a masking even if
> the prog-specific ctx conversion produces the result with
> narrower size.
>
> For example, for __sk_buff->protocol, the ctx conversion
> loads the data into register with 2-byte load.
> A narrower 2-byte load should not generate masking.
> For __sk_buff->vlan_present, the conversion function
> set the result as either 0 or 1, essentially a byte.
> The narrower 2-byte or 1-byte load should not generate masking.
>
> To avoid unnecessary masking, prog-specific *_is_valid_access
> now passes converted_op_size back to verifier, which indicates
> the valid data width after perceived future conversion.
> Based on this information, verifier is able to avoid
> unnecessary marking.
>
> Since we want more information back from prog-specific
> *_is_valid_access checking, all of them are packed into
> one data structure for more clarity.
>
> Acked-by: Daniel Borkmann <daniel@...earbox.net>
> Signed-off-by: Yonghong Song <yhs@...com>
Applied, thank you.
Powered by blists - more mailing lists