lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <0e46d001-a137-97bc-262c-e864cf3f90b8@opensuse.org>
Date:   Wed, 26 Feb 2020 13:17:10 +0100
From:   Michal Rostecki <mrostecki@...nsuse.org>
To:     Quentin Monnet <quentin@...valent.com>, bpf@...r.kernel.org
Cc:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        Andrii Nakryiko <andriin@...com>,
        Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, Shuah Khan <shuah@...nel.org>,
        linux-kselftest@...r.kernel.org
Subject: Re: [PATCH bpf-next v3 0/5] bpftool: Make probes which emit dmesg
 warnings optional

On 2/26/20 12:17 PM, Quentin Monnet wrote:
> 2020-02-25 20:44 UTC+0100 ~ Michal Rostecki <mrostecki@...nsuse.org>
>> Feature probes in bpftool related to bpf_probe_write_user and
>> bpf_trace_printk helpers emit dmesg warnings which might be confusing
>> for people running bpftool on production environments. This patch series
>> addresses that by filtering them out by default and introducing the new
>> positional argument "full" which enables all available probes.
>>
>> The main motivation behind those changes is ability the fact that some
>> probes (for example those related to "trace" or "write_user" helpers)
>> emit dmesg messages which might be confusing for people who are running
>> on production environments. For details see the Cilium issue[0].
>>
>> v1 -> v2:
>> - Do not expose regex filters to users, keep filtering logic internal,
>> expose only the "full" option for including probes which emit dmesg
>> warnings.
>>
>> v2 -> v3:
>> - Do not use regex for filtering out probes, use function IDs directly.
>> - Fix bash completion - in v2 only "prefix" was proposed after "macros",
>>    "dev" and "kernel" were not.
>> - Rephrase the man page paragraph, highlight helper function names.
>> - Remove tests which parse the plain output of bpftool (except the
>>    header/macros test), focus on testing JSON output instead.
>> - Add test which compares the output with and without "full" option.
>>
>> [0] https://github.com/cilium/cilium/issues/10048
>>
>> Michal Rostecki (5):
>>    bpftool: Move out sections to separate functions
>>    bpftool: Make probes which emit dmesg warnings optional
>>    bpftool: Update documentation of "bpftool feature" command
>>    bpftool: Update bash completion for "bpftool feature" command
>>    selftests/bpf: Add test for "bpftool feature" command
>>
>>   .../bpftool/Documentation/bpftool-feature.rst |  19 +-
>>   tools/bpf/bpftool/bash-completion/bpftool     |   3 +-
>>   tools/bpf/bpftool/feature.c                   | 283 +++++++++++-------
>>   tools/testing/selftests/.gitignore            |   5 +-
>>   tools/testing/selftests/bpf/Makefile          |   3 +-
>>   tools/testing/selftests/bpf/test_bpftool.py   | 179 +++++++++++
>>   tools/testing/selftests/bpf/test_bpftool.sh   |   5 +
>>   7 files changed, 374 insertions(+), 123 deletions(-)
>>   create mode 100644 tools/testing/selftests/bpf/test_bpftool.py
>>   create mode 100755 tools/testing/selftests/bpf/test_bpftool.sh
>>
> 
> This version looks good to me, thanks!
> 
> Reviewed-by: Quentin Monnet <quentin@...valent.com>
> 
> (Please keep Acked-by/Reviewed-by tags between versions if there are no
> significant changes, here for patch 1.)

Sorry, I will do that next time.

> That's a lot of tests now that we don't have the regex and filtering is
> very straightforward, but it does not hurt. I checked and they all pass
> on my system.

I know that those tests were necessary with the regex implementation and
now they may seem to be an overkill. But on the other hand, I think that
having selftests for bpftool in general is a good thing, so I didn't
want throw them away despite the easier implementation of my patches. I
might follow up with some more tests covering the other subcommands in
future.

Cheers,
Michal

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ