lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 5 Nov 2019 06:31:56 -0800
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Alexei Starovoitov <ast@...nel.org>
Cc:     davem@...emloft.net, daniel@...earbox.net, peterz@...radead.org,
        rostedt@...dmis.org, x86@...nel.org, netdev@...r.kernel.org,
        bpf@...r.kernel.org, kernel-team@...com
Subject: Re: [PATCH bpf-next 0/7] Introduce BPF trampoline

On Sat, Nov 02, 2019 at 03:00:18PM -0700, Alexei Starovoitov wrote:
> Introduce BPF trampoline that works as a bridge between kernel functions and
> BPF programs. The first use case is fentry/fexit BPF programs that are roughly
> equivalent to kprobe/kretprobe. Unlike k[ret]probe there is practically zero
> overhead to call a set of BPF programs before or after kernel function. In the
> future patches networking use cases will be explored. For example: BPF
> trampoline can be used to call XDP programs from drivers with direct calls or
> wrapping BPF program into another BPF program.
> 
> The patch set depends on register_ftrace_direct() API. It's not upstream yet
> and available in [1]. The first patch is a hack to workaround this dependency.
> The idea is to land this set via bpf-next tree and land register_ftrace_direct
> via Steven's ftrace tree. Then during the merge window revert the first patch.
> Steven,
> do you think it's workable?
> As an alternative we can route register_ftrace_direct patches via bpf-next ?
> 
> Peter's static_call patches [2] are solving the issue of indirect call overhead
> for large class of kernel use cases, but unfortunately don't help calling into
> a set of BPF programs.  BPF trampoline's first goal is to translate kernel
> calling convention into BPF calling convention. The second goal is to call a
> set of programs efficiently. In the future we can replace BPF_PROG_RUN_ARRAY
> with BPF trampoline variant. Another future work is to add support for static_key,
> static_jmp and static_call inside generated BPF trampoline.
> 
> Please see patch 3 for details.
> 
> [1]
> https://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace.git/commit/?h=ftrace/direct&id=3ac423d902727884a389699fd7294c0e2e94b29c

Steven,
look slike your branch hasn't been updated in 13 days.
Are you still planning to fix the bugs and send it in for the merge window?
I cannot afford to wait a full release, since I have my own follow for
XDP/networking based on this and other folks are building their stuff on top of
BPF trampoline too. So I'm thinking for v2 I will switch to using text_poke()
and add appropriate guard checks, so it will be safe out of the box without
ftrace dependency. If register_ftrace_direct() indeed comes in soon I'll
switch to that and will make bpf trampoline to co-operate with ftrace.
text_poke approach will make it such that what ever comes first to trace the
fentry (either bpf trampoline or ftrace) will grab the nop and the other system
will not be able to attach. That's safe and correct, but certainly not nice
long term. So the fix will be needed. The key point that switching to text_poke
will remove the register_ftrace_direct() dependency, unblock bpf developers and
will give you time to land your stuff at your pace.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ