lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 8 Jan 2020 17:48:22 +0000
From:   Quentin Monnet <quentin.monnet@...ronome.com>
To:     Michal Rostecki <mrostecki@...nsuse.org>, bpf@...r.kernel.org
Cc:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>,
        Jakub Kicinski <jakub.kicinski@...ronome.com>,
        Stanislav Fomichev <sdf@...gle.com>,
        Prashant Bhole <bhole_prashant_q7@....ntt.co.jp>,
        Peter Wu <peter@...ensteyn.nl>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v3 0/2] bpftool/libbpf: Add probe for large INSN
 limit

2020-01-08 17:23 UTC+0100 ~ Michal Rostecki <mrostecki@...nsuse.org>
> This series implements a new BPF feature probe which checks for the
> commit c04c0d2b968a ("bpf: increase complexity limit and maximum program
> size"), which increases the maximum program size to 1M. It's based on
> the similar check in Cilium, although Cilium is already aiming to use
> bpftool checks and eventually drop all its custom checks.
> 
> Examples of outputs:
> 
> # bpftool feature probe
> [...]
> Scanning miscellaneous eBPF features...
> Large complexity limit and maximum program size (1M) is available
> 
> # bpftool feature probe macros
> [...]
> /*** eBPF misc features ***/
> #define HAVE_HAVE_LARGE_INSN_LIMIT
> 
> # bpftool feature probe -j | jq '.["misc"]'
> {
>   "have_large_insn_limit": true
> }
> 
> v1 -> v2:
> - Test for 'BPF_MAXINSNS + 1' number of total insns.
> - Remove info about current 1M limit from probe's description.
> 
> v2 -> v3:
> - Remove the "complexity" word from probe's description.

Series looks good to me, thanks!

Reviewed-by: Quentin Monnet <quentin.monnet@...ronome.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ