| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171012143950.58c1b601@cakuba.netronome.com>
Date: Thu, 12 Oct 2017 14:39:50 -0700
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: netdev@...r.kernel.org, oss-drivers@...ronome.com,
alexei.starovoitov@...il.com
Subject: Re: [PATCH net-next 01/12] bpf: verifier: set reg_type on context
accesses in second pass
On Thu, 12 Oct 2017 23:33:21 +0200, Daniel Borkmann wrote:
> On 10/12/2017 10:56 PM, Jakub Kicinski wrote:
> > On Thu, 12 Oct 2017 22:43:10 +0200, Daniel Borkmann wrote:
> [...]
> >> It would be nice to keep the reg_type setting in one place, meaning
> >> the callbacks themselves, so we wouldn't need to maintain this in
> >> multiple places.
> >
> > Hm.. I though this was the smallest and simplest change. I could
> > translate the offsets but that seems wobbly. Or try to consolidate the
> > call into the same if () branch? Not sure..
>
> Different callbacks for post-verification would be good at min as it
> would allow to keep all the context access info in one place for a
> given type at least.
Sorry to be clear - you're suggesting adding a new callback to struct
bpf_verifier_ops, or swapping the struct bpf_verifier_ops for a
special post-verification one?
> > As a bonus info I discovered there is a bug in -net with how things are
> > converted. We allow arithmetic on context pointers but then only
> > look at the insn.off in the converter... I'm working on a fix.
>
> Ohh well, good catch, indeed! :( Can you also add coverage to the
> bpf selftests for this?
Will do!
Powered by blists - more mailing lists