| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Feb 2020 18:36:50 +0100
From: Daniel Borkmann <daniel@...earbox.net>
To: Quentin Monnet <quentin@...valent.com>,
Michal Rostecki <mrostecki@...nsuse.org>, bpf@...r.kernel.org
Cc: Alexei Starovoitov <ast@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Andrii Nakryiko <andriin@...com>,
Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, Shuah Khan <shuah@...nel.org>,
linux-kselftest@...r.kernel.org
Subject: Re: [PATCH bpf-next v4 0/5] Make probes which emit dmesg warnings
optional
On 2/26/20 6:22 PM, Quentin Monnet wrote:
> 2020-02-26 17:59 UTC+0100 ~ Michal Rostecki <mrostecki@...nsuse.org>
>> Feature probes in bpftool related to bpf_probe_write_user and
>> bpf_trace_printk helpers emit dmesg warnings which might be confusing
>> for people running bpftool on production environments. This patch series
>> addresses that by filtering them out by default and introducing the new
>> positional argument "full" which enables all available probes.
>>
>> The main motivation behind those changes is ability the fact that some
>> probes (for example those related to "trace" or "write_user" helpers)
>> emit dmesg messages which might be confusing for people who are running
>> on production environments. For details see the Cilium issue[0].
>>
>> v1 -> v2:
>> - Do not expose regex filters to users, keep filtering logic internal,
>> expose only the "full" option for including probes which emit dmesg
>> warnings.
>>
>> v2 -> v3:
>> - Do not use regex for filtering out probes, use function IDs directly.
>> - Fix bash completion - in v2 only "prefix" was proposed after "macros",
>> "dev" and "kernel" were not.
>> - Rephrase the man page paragraph, highlight helper function names.
>> - Remove tests which parse the plain output of bpftool (except the
>> header/macros test), focus on testing JSON output instead.
>> - Add test which compares the output with and without "full" option.
>>
>> v3 -> v4:
>> - Use enum to check for helper functions.
>> - Make selftests compatible with older versions of Python 3.x than 3.7.
>>
>> [0] https://github.com/cilium/cilium/issues/10048
>>
>> Michal Rostecki (5):
>> bpftool: Move out sections to separate functions
>> bpftool: Make probes which emit dmesg warnings optional
>> bpftool: Update documentation of "bpftool feature" command
>> bpftool: Update bash completion for "bpftool feature" command
>> selftests/bpf: Add test for "bpftool feature" command
>>
>> .../bpftool/Documentation/bpftool-feature.rst | 19 +-
>> tools/bpf/bpftool/bash-completion/bpftool | 3 +-
>> tools/bpf/bpftool/feature.c | 283 +++++++++++-------
>> tools/testing/selftests/.gitignore | 5 +-
>> tools/testing/selftests/bpf/Makefile | 3 +-
>> tools/testing/selftests/bpf/test_bpftool.py | 178 +++++++++++
>> tools/testing/selftests/bpf/test_bpftool.sh | 5 +
>> 7 files changed, 373 insertions(+), 123 deletions(-)
>> create mode 100644 tools/testing/selftests/bpf/test_bpftool.py
>> create mode 100755 tools/testing/selftests/bpf/test_bpftool.sh
>>
>
> Reviewed-by: Quentin Monnet <quentin@...valent.com>
> (Please keep tags between versions.)
>
> Your change looks good. The tests in patch 5 still pass with Python 3.7.5 (but I have not tried to run with an older version of Python).
Looks better now ...
# ./test_bpftool.sh
test_feature_dev_json (test_bpftool.TestBpftool) ... ok
test_feature_kernel (test_bpftool.TestBpftool) ... ok
test_feature_kernel_full (test_bpftool.TestBpftool) ... ok
test_feature_kernel_full_vs_not_full (test_bpftool.TestBpftool) ... ok
test_feature_macros (test_bpftool.TestBpftool) ... ok
----------------------------------------------------------------------
Ran 5 tests in 0.253s
OK
... applied, thanks!
Powered by blists - more mailing lists