lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <878sozmfzk.fsf@toke.dk>
Date:   Fri, 01 Nov 2019 22:41:35 +0100
From:   Toke Høiland-Jørgensen <toke@...hat.com>
To:     Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc:     Jiri Olsa <jolsa@...hat.com>,
        Björn Töpel <bjorn.topel@...il.com>,
        Magnus Karlsson <magnus.karlsson@...il.com>,
        Magnus Karlsson <magnus.karlsson@...el.com>,
        Björn Töpel 
        <bjorn.topel@...el.com>, Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Network Development <netdev@...r.kernel.org>,
        Jonathan Lemon <jonathan.lemon@...il.com>,
        bpf <bpf@...r.kernel.org>, degeneloy@...il.com,
        John Fastabend <john.fastabend@...il.com>
Subject: Re: [PATCH bpf-next v3] libbpf: fix compatibility for kernels without need_wakeup

Alexei Starovoitov <alexei.starovoitov@...il.com> writes:

> On Fri, Nov 1, 2019 at 12:36 PM Toke Høiland-Jørgensen <toke@...hat.com> wrote:
>>
>> Alexei Starovoitov <alexei.starovoitov@...il.com> writes:
>>
>> > On Fri, Nov 1, 2019 at 12:27 AM Jiri Olsa <jolsa@...hat.com> wrote:
>> >>
>> >> On Thu, Oct 31, 2019 at 01:39:12PM -0700, Alexei Starovoitov wrote:
>> >> > On Thu, Oct 31, 2019 at 12:18 PM Jiri Olsa <jolsa@...hat.com> wrote:
>> >> > > >
>> >> > > > yes. older vmlinux and newer installed libbpf.so
>> >> > > > or any version of libbpf.a that is statically linked into apps
>> >> > > > is something that libbpf code has to support.
>> >> > > > The server can be rebooted into older than libbpf kernel and
>> >> > > > into newer than libbpf kernel. libbpf has to recognize all these
>> >> > > > combinations and work appropriately.
>> >> > > > That's what backward and forward compatibility is.
>> >> > > > That's what makes libbpf so difficult to test, develop and code review.
>> >> > > > What that particular server has in /usr/include is irrelevant.
>> >> > >
>> >> > > sure, anyway we can't compile following:
>> >> > >
>> >> > >         tredaell@...ebaran ~ $ echo "#include <bpf/xsk.h>" | gcc -x c -
>> >> > >         In file included from <stdin>:1:
>> >> > >         /usr/include/bpf/xsk.h: In function ‘xsk_ring_prod__needs_wakeup’:
>> >> > >         /usr/include/bpf/xsk.h:82:21: error: ‘XDP_RING_NEED_WAKEUP’ undeclared (first use in this function)
>> >> > >            82 |  return *r->flags & XDP_RING_NEED_WAKEUP;
>> >> > >         ...
>> >> > >
>> >> > >         XDP_RING_NEED_WAKEUP is defined in kernel v5.4-rc1 (77cd0d7b3f257fd0e3096b4fdcff1a7d38e99e10).
>> >> > >         XSK_UNALIGNED_BUF_ADDR_MASK and XSK_UNALIGNED_BUF_OFFSET_SHIFT are defined in kernel v5.4-rc1 (c05cd3645814724bdeb32a2b4d953b12bdea5f8c).
>> >> > >
>> >> > > with:
>> >> > >   kernel-headers-5.3.6-300.fc31.x86_64
>> >> > >   libbpf-0.0.5-1.fc31.x86_64
>> >> > >
>> >> > > if you're saying this is not supported, I guess we could be postponing
>> >> > > libbpf rpm releases until we have the related fedora kernel released
>> >> >
>> >> > why? github/libbpf is the source of truth for building packages
>> >> > and afaik it builds fine.
>> >>
>> >> because we will get issues like above if there's no kernel
>> >> avilable that we could compile libbpf against
>> >
>> > what is the issue again?
>> > bpf-next builds fine. github/libbpf builds fine.
>> > If distro is doing something else it's distro's mistake.
>>
>> With that you're saying that distros should always keep their kernel
>> headers and libbpf version in sync. Which is fine in itself; they can
>> certainly do that.
>
> No. I'm not suggesting that.
> distro is free to package whatever /usr/include headers.
> kernel version is often != /usr/include headers

I did say kernel *headers*. By which I mean the files in /usr/include.
E.g., on my machine:

$ pacman -Qo /usr/include/linux/if_xdp.h                                                                /usr/include/linux/if_xdp.h is owned by linux-api-headers 5.3.1-1


>> The only concern with this is that without a flow of bugfixes into the
>> 'bpf' tree (and stable), users may end up with buggy versions of libbpf.
>> Which is in no one's interest. So how do we avoid that?
>
> As I explained earlier. There is no 'bpf' tree for libbpf. It always
> moves forward.

Yes, you did. And I was just pointing out that this means that there
will be no bug fixes in older versions. So the only way to update is to
move to an entirely new version of libbpf, including updating all the
headers in /usr/include. And when that is not feasible, then the only
choice left is to ship a buggy libbpf... Unless you have a third option
I'm missing?

-Toke

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ