lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 8 Jan 2020 15:28:30 +0000
From:   Quentin Monnet <quentin.monnet@...ronome.com>
To:     Michal Rostecki <mrostecki@...nsuse.org>
Cc:     bpf@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>,
        Jakub Kicinski <jakub.kicinski@...ronome.com>,
        Stanislav Fomichev <sdf@...gle.com>,
        Peter Wu <peter@...ensteyn.nl>,
        Prashant Bhole <bhole_prashant_q7@....ntt.co.jp>,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v2 2/2] bpftool: Add misc secion and probe for
 large INSN limit

2020-01-08 13:41 UTC+0000 ~ Michal Rostecki <mrostecki@...nsuse.org>
> On Tue, Jan 07, 2020 at 02:36:15PM +0000, Quentin Monnet wrote:
>> Nit: typo in subject ("secion").
>>
>> 2020-01-07 14:03 UTC+0100 ~ Michal Rostecki <mrostecki@...nsuse.org>
>>> Introduce a new probe section (misc) for probes not related to concrete
>>> map types, program types, functions or kernel configuration. Introduce a
>>> probe for large INSN limit as the first one in that section.
>>>
>>> Signed-off-by: Michal Rostecki <mrostecki@...nsuse.org>
>>> ---
>>>  tools/bpf/bpftool/feature.c | 18 ++++++++++++++++++
>>>  1 file changed, 18 insertions(+)
>>>
>>> diff --git a/tools/bpf/bpftool/feature.c b/tools/bpf/bpftool/feature.c
>>> index 03bdc5b3ac49..d8ce93092c45 100644
>>> --- a/tools/bpf/bpftool/feature.c
>>> +++ b/tools/bpf/bpftool/feature.c
>>> @@ -572,6 +572,18 @@ probe_helpers_for_progtype(enum bpf_prog_type prog_type, bool supported_type,
>>>  		printf("\n");
>>>  }
>>>  
>>> +static void
>>> +probe_large_insn_limit(const char *define_prefix, __u32 ifindex)
>>> +{
>>> +	bool res;
>>> +
>>> +	res = bpf_probe_large_insn_limit(ifindex);
>>> +	print_bool_feature("have_large_insn_limit",
>>> +			   "Large complexity and program size limit",
>>
>> I am not sure we should mention "complexity" here. Although it is
>> related to program size in the kernel commit you describe, the probe
>> that is run is only on instruction number. This can make a difference
>> for offloaded programs: When you probe a device, if kernel has commit
>> c04c0d2b968a and supports up to 1M instructions, but hardware supports
>> no more than 4k instructions, you may still benefit from the new value
>> for BPF_COMPLEXITY_LIMIT_INSNS for complexity, but not for the total
>> number of available instructions. In that case the probe will fail, and
>> the message on complexity would not be accurate.
>>
>> Looks good otherwise, thanks Michal!
>>
>> Quentin
> 
> Thanks for review! Should I change the description just to "Large
> program size limit" or "Large instruction limit"?
> 
> Michal
> 

I don't really have a preference here, let's keep "program size"?
Quentin

Powered by blists - more mailing lists