| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Nov 2019 16:32:27 +0000
From: Edward Cree <ecree@...arflare.com>
To: Alexei Starovoitov <alexei.starovoitov@...il.com>,
Toke Høiland-Jørgensen <toke@...hat.com>
CC: John Fastabend <john.fastabend@...il.com>,
Daniel Borkmann <daniel@...earbox.net>,
Alexei Starovoitov <ast@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Marek Majkowski <marek@...udflare.com>,
Lorenz Bauer <lmb@...udflare.com>,
Alan Maguire <alan.maguire@...cle.com>,
Jesper Dangaard Brouer <brouer@...hat.com>,
David Miller <davem@...emloft.net>, <netdev@...r.kernel.org>,
<bpf@...r.kernel.org>
Subject: Re: static and dynamic linking. Was: [PATCH bpf-next v3 1/5] bpf:
Support chain calling multiple BPF
On 12/11/2019 02:51, Alexei Starovoitov wrote:
> There
> could be a 'root' bpf program (let's call it rootlet.o) that looks like:
This looks a lot like what I had in mind...
> We can introduce dynamic linking. The second part of 'BPF trampoline' patches
> allows tracing programs to attach to other BPF programs. The idea of dynamic
> linking is to replace a program or subprogram instead of attaching to it.
... as does this, particularly the "partial verification" / verify a subprog
as a separate unit with its own contract.
> The rootlet.o calls into firewall1.o directly. So no retpoline to worry about
> and firewall1.o can use bpf_tail_call() if it wants so. That tail_call will
> still return back to rootlet.o
Yep, that's a really nice gain that comes out of partial verification.
+1 to this whole proposal.
-Ed
Powered by blists - more mailing lists