lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <d91879b5-5389-c35b-93d0-59295e83520b@gmail.com>
Date:   Wed, 2 May 2018 10:24:08 -0700
From:   John Fastabend <john.fastabend@...il.com>
To:     Jiong Wang <jiong.wang@...ronome.com>,
        Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc:     borkmann@...earbox.net, ecree@...arflare.com,
        netdev@...r.kernel.org, oss-drivers@...ronome.com
Subject: Re: [PATCH bpf-next 0/3] bpf: cleanups on managing subprog
 information

On 05/02/2018 09:59 AM, Jiong Wang wrote:
> On 01/05/2018 23:22, Alexei Starovoitov wrote:
> ...
>> [   27.784931]  ? bpf_int_jit_compile+0x7ac/0xab0
>> [   27.785475]  bpf_int_jit_compile+0x2b6/0xab0
>> [   27.786001]  ? do_jit+0x6020/0x6020
>> [   27.786428]  ? kasan_kmalloc+0xa0/0xd0
>> [   27.786885]  bpf_check+0x2c05/0x4c40
>> [   27.787346]  ? fixup_bpf_calls+0x1140/0x1140
>> [   27.787865]  ? kasan_unpoison_shadow+0x30/0x40
>> [   27.788406]  ? kasan_kmalloc+0xa0/0xd0
>> [   27.788865]  ? memset+0x1f/0x40
>> [   27.789255]  ? bpf_obj_name_cpy+0x2d/0x200
>> [   27.789750]  bpf_prog_load+0xb07/0xeb0
>>
>> simply running test_verifier with JIT and kasan on.
> 
> Ah, sorry, I should add "sysctl net/core/bpf_jit_enable=1" to my test
> script, error reproduced.
> 
> convert_ctx_accesses and fixup_bpf_calls might insert ebpf insns that
> prog->len would change.
> 
> The new fake "exit" subprog whose .start offset is prog->len should be
> updated as well.
> 
> The "for" condition in adjust_subprog_starts:
> 
>   for (i = 0; i < env->subprog_cnt; i++) {
> 
> need to be changed into:
> 
>   for (i = 0; i <= env->subprog_cnt; i++) {
> 
> Will respin the patch set.
> 
> Thanks.
> 
> Regards,
> Jiong
> 

Also a bit of a nit, but if you are doing a respin. How about
consider renaming BPF_MAX_SUBPROGS -> BPF_MAX_PROGS. It will
make the naming more accurate and also avoid some diffs below
where changing '>=' to '>' is required.

@@ -191,7 +191,7 @@ struct bpf_verifier_env {
 	bool seen_direct_write;
 	struct bpf_insn_aux_data *insn_aux_data; /* array of per-insn state */
 	struct bpf_verifier_log log;
-	u32 subprog_starts[BPF_MAX_SUBPROGS];
+	u32 subprog_starts[BPF_MAX_SUBPROGS + 1];
 	/* computes the stack depth of each bpf function */
 	u16 subprog_stack_depth[BPF_MAX_SUBPROGS + 1];
 	u32 subprog_cnt;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ