lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190301120813.2517cbd2@cakuba.netronome.com> Date: Fri, 1 Mar 2019 12:08:13 -0800 From: Jakub Kicinski <jakub.kicinski@...ronome.com> To: Andrii Nakryiko <andrii.nakryiko@...il.com> Cc: Daniel Borkmann <daniel@...earbox.net>, Alexei Starovoitov <ast@...com>, bpf@...r.kernel.org, Networking <netdev@...r.kernel.org>, Joe Stringer <joe@...d.net.nz>, john fastabend <john.fastabend@...il.com>, tgraf@...g.ch, Yonghong Song <yhs@...com>, Andrii Nakryiko <andriin@...com>, lmb@...udflare.com Subject: Re: [PATCH bpf-next v2 1/7] bpf: implement lookup-free direct value access On Fri, 1 Mar 2019 11:35:17 -0800, Andrii Nakryiko wrote: > > > Do you think that would work? Using array is a bit limiting, because > > > it doesn't allow to do partial reads/updates, while BPF_MAP_TYPE_HEAP > > > would be single big value that allows partial reading/updating. > > > > If I understand it correctly, the main difference this would have is > > to be able to use spin_locks in a more fine-grained fashion, right? > > spin_lock is just a nice bonus, if there is any manipulation that > isn't <= 8 byte long that needs to be done atomically. > > The reason for this new type of map is actually ability to update > global variables from outside BPF program in granular fashion. E.g., > turning on some extra debug output temporarily, tuning parameters, > changing PID to trace, etc, without stopping and reloading BPF > program. With array, it's all-or-nothing: to update anything you have > to overwrite entire .data section. As I mentioned, if we can get BTF > type information for entirety of .data, it would allow to manipulate > those variables by name even with generic tools like bpftool. Sounds like you'd almost want to mmap the value ;)
Powered by blists - more mailing lists