| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0ce336dc-203c-f2f0-a877-24360d02452d@fb.com>
Date: Mon, 23 Dec 2019 21:21:58 +0000
From: Yonghong Song <yhs@...com>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>,
Martin Lau <kafai@...com>
CC: bpf <bpf@...r.kernel.org>, Alexei Starovoitov <ast@...nel.org>,
"Daniel Borkmann" <daniel@...earbox.net>,
David Miller <davem@...emloft.net>,
"Kernel Team" <Kernel-team@...com>,
Networking <netdev@...r.kernel.org>
Subject: Re: [PATCH bpf-next v2 04/11] bpf: Support bitfield read access in
btf_struct_access
On 12/23/19 12:05 PM, Andrii Nakryiko wrote:
> On Fri, Dec 20, 2019 at 10:26 PM Martin KaFai Lau <kafai@...com> wrote:
>>
>> This patch allows bitfield access as a scalar.
>>
>> Signed-off-by: Martin KaFai Lau <kafai@...com>
>> ---
>> kernel/bpf/btf.c | 10 ++++++----
>> 1 file changed, 6 insertions(+), 4 deletions(-)
>>
>> diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
>> index 6e652643849b..da73b63acfc5 100644
>> --- a/kernel/bpf/btf.c
>> +++ b/kernel/bpf/btf.c
>> @@ -3744,10 +3744,6 @@ int btf_struct_access(struct bpf_verifier_log *log,
>> }
>>
>> for_each_member(i, t, member) {
>> - if (btf_member_bitfield_size(t, member))
>> - /* bitfields are not supported yet */
>> - continue;
>> -
>> /* offset of the field in bytes */
>> moff = btf_member_bit_offset(t, member) / 8;
>> if (off + size <= moff)
>> @@ -3757,6 +3753,12 @@ int btf_struct_access(struct bpf_verifier_log *log,
>> if (off < moff)
>> continue;
>>
>> + if (btf_member_bitfield_size(t, member)) {
>> + if (off == moff && off + size <= t->size)
>> + return SCALAR_VALUE;
>> + continue;
>> + }
>
> Shouldn't this check be done before (off < moff) above?
>
> Imagine this situation:
>
> struct {
> int :16;
> int x:8;
> };
Oh, yes, forgot the case where the first bitfield member may have no
name, in which case, `off` will not match any `moff`.
btf_struct_access is used to check vmlinux btf types. I think in
vmlinux we may not have such scenarios. So the above code should
handle vmlinux use cases properly.
But I agree with Andrii that we probably want to handle
anonymous bitfield member (which is ignored in debuginfo and BTF) properly.
>
> Compiler will generate 4-byte load with offset 0, and then bit shifts
> to extract third byte. From kernel perspective, you'll see that off=0,
> but moff=2, which will get skipped.
>
> So there are two problems, I think:
> 1. if member is bitfield, special handle that before (off < moff) case.
> 2. off == moff is too precise, I think it should be `off <= moff`, but
> also check that it covers entire bitfield, e.g.:
>
> (off + size) * 8 >= btf_member_bit_offset(t, member) +
> btf_member_bitfield_size(t, member)
>
> Make sense or am I missing anything?
>
>> +
>> /* type of the field */
>> mtype = btf_type_by_id(btf_vmlinux, member->type);
>> mname = __btf_name_by_offset(btf_vmlinux, member->name_off);
>> --
>> 2.17.1
>>
Powered by blists - more mailing lists