lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <0511ac38-beec-131f-5643-04eee3357cc4@iogearbox.net>
Date:   Wed, 27 Jun 2018 12:36:23 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Kleber Souza <kleber.souza@...onical.com>,
        linux-s390@...r.kernel.org, netdev@...r.kernel.org
Cc:     Alexei Starovoitov <ast@...nel.org>
Subject: Re: s390x BPF JIT failures with test_bpf

On 06/27/2018 12:13 PM, Kleber Souza wrote:
> On 06/27/18 12:01, Daniel Borkmann wrote:
>> On 06/27/2018 11:40 AM, Kleber Souza wrote:
>> [...]
>>> When I load the test_bpf module from mainline (v4.18-rc2) with
>>> CONFIG_BPF_JIT_ALWAYS_ON=y on a s390x system I get the following errors:
>>>
>>> test_bpf: #289 BPF_MAXINSNS: Ctx heavy transformations FAIL to
>>> prog_create err=-524 len=4096
>>> test_bpf: #290 BPF_MAXINSNS: Call heavy transformations FAIL to
>>> prog_create err=-524 len=4096
>>> [...]
>>> test_bpf: #296 BPF_MAXINSNS: exec all MSH FAIL to prog_create err=-524
>>> len=4096
>>> test_bpf: #297 BPF_MAXINSNS: ld_abs+get_processor_id FAIL to prog_create
>>> err=-524 len=4096
>>>
>>> From a quick look at the code it seems that
>>> arch/s390/net/bpf_jit_comp.c:bpf_int_jit_compile() is failing to JIT
>>> compile the test code.
>>>
>>> Are those failures expected and could be flagged with FLAG_EXPECTED_FAIL
>>> on lib/test_bpf.c or are those caused by some issue with the s390x JIT
>>> compiler that needs to be fixed?
>>
>> JIT doesn't guarantee in general to map really all programs to native insns,
>> so some, mostly crafted corner cases could fail. E.g. x86-64 JIT doesn't converge
>> on some programs in test_bpf.c and thus falls back to interpreter or simply
>> rejects the program in case of CONFIG_BPF_JIT_ALWAYS_ON=y. Above would seem
>> likely that it's hitting the BPF_SIZE_MAX that s390 would do. I think it might
>> make sense to either have the FLAG_EXPECTED_FAIL in lib/test_bpf.c more fine
>> grained as a flag per arch, so we could say it's expected to fail on e.g. s390
>> but not on x86 and the like, or just denote it as 'could potentially fail but
>> doesn't have to be the case everywhere'.
> 
> Thank you for your reply. I will run some more tests to make sure we are
> hitting BPF_SIZE_MAX or what exactly is failing and send a patch to flag
> it conditionally for s390x.

Sounds good, thanks! In any case, please let us know your findings.

Best,
Daniel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ