lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 27 Jun 2018 12:01:53 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Kleber Souza <kleber.souza@...onical.com>,
        linux-s390@...r.kernel.org, netdev@...r.kernel.org
Cc:     Alexei Starovoitov <ast@...nel.org>
Subject: Re: s390x BPF JIT failures with test_bpf

Hi Kleber,

On 06/27/2018 11:40 AM, Kleber Souza wrote:
[...]
> When I load the test_bpf module from mainline (v4.18-rc2) with
> CONFIG_BPF_JIT_ALWAYS_ON=y on a s390x system I get the following errors:
> 
> test_bpf: #289 BPF_MAXINSNS: Ctx heavy transformations FAIL to
> prog_create err=-524 len=4096
> test_bpf: #290 BPF_MAXINSNS: Call heavy transformations FAIL to
> prog_create err=-524 len=4096
> [...]
> test_bpf: #296 BPF_MAXINSNS: exec all MSH FAIL to prog_create err=-524
> len=4096
> test_bpf: #297 BPF_MAXINSNS: ld_abs+get_processor_id FAIL to prog_create
> err=-524 len=4096
> 
> From a quick look at the code it seems that
> arch/s390/net/bpf_jit_comp.c:bpf_int_jit_compile() is failing to JIT
> compile the test code.
> 
> Are those failures expected and could be flagged with FLAG_EXPECTED_FAIL
> on lib/test_bpf.c or are those caused by some issue with the s390x JIT
> compiler that needs to be fixed?

JIT doesn't guarantee in general to map really all programs to native insns,
so some, mostly crafted corner cases could fail. E.g. x86-64 JIT doesn't converge
on some programs in test_bpf.c and thus falls back to interpreter or simply
rejects the program in case of CONFIG_BPF_JIT_ALWAYS_ON=y. Above would seem
likely that it's hitting the BPF_SIZE_MAX that s390 would do. I think it might
make sense to either have the FLAG_EXPECTED_FAIL in lib/test_bpf.c more fine
grained as a flag per arch, so we could say it's expected to fail on e.g. s390
but not on x86 and the like, or just denote it as 'could potentially fail but
doesn't have to be the case everywhere'.

Thanks,
Daniel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ