lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 21 May 2020 15:39:10 -0700
From:   Andrii Nakryiko <andrii.nakryiko@...il.com>
To:     Martin KaFai Lau <kafai@...com>
Cc:     bpf <bpf@...r.kernel.org>, Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Kernel Team <kernel-team@...com>,
        Networking <netdev@...r.kernel.org>
Subject: Re: [PATCH bpf-next 0/3] bpf: Allow inner map with different max_entries

On Thu, May 21, 2020 at 12:18 PM Martin KaFai Lau <kafai@...com> wrote:
>
> This series allows the outer map to be updated with inner map in different
> size as long as it is safe (meaning the max_entries is not used in the
> verification time during prog load).
>
> Please see individual patch for details.
>

Few thoughts:

1. You describe WHAT, but not necessarily WHY. Can you please
elaborate in descriptions what motivates these changes?
2. IMO, "capabilities" is word that way too strongly correlates with
Linux capabilities framework, it's just confusing. It's also more of a
property of a map type, than what map is capable of, but it's more
philosophical distinction, of course :)
3. I'm honestly not convinced that patch #1 qualifies as a clean up. I
think one specific check for types of maps that are not compatible
with map-in-map is just fine. Instead you are spreading this bit flags
into a long list of maps, most of which ARE compatible. It's just hard
to even see which ones are not compatible. I like current way better.
4. Then for size check change, again, it's really much simpler and
cleaner just to have a special case in check in bpf_map_meta_equal for
cases where map size matters.
5. I also wonder if for those inner maps for which size doesn't
matter, maybe we should set max_elements to zero when setting
inner_meta to show that size doesn't matter? This is minor, though.


> Martin KaFai Lau (3):
>   bpf: Clean up inner map type check
>   bpf: Relax the max_entries check for inner map
>   bpf: selftests: Add test for different inner map size
>
>  include/linux/bpf.h                           | 18 +++++-
>  include/linux/bpf_types.h                     | 64 +++++++++++--------
>  kernel/bpf/btf.c                              |  2 +-
>  kernel/bpf/map_in_map.c                       | 12 ++--
>  kernel/bpf/syscall.c                          | 19 +++++-
>  kernel/bpf/verifier.c                         |  2 +-
>  .../selftests/bpf/prog_tests/btf_map_in_map.c | 12 ++++
>  .../selftests/bpf/progs/test_btf_map_in_map.c | 31 +++++++++
>  8 files changed, 119 insertions(+), 41 deletions(-)
>
> --
> 2.24.1
>

Powered by blists - more mailing lists