| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 20 Jun 2020 00:21:07 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: John Fastabend <john.fastabend@...il.com>,
Andrii Nakryiko <andriin@...com>, bpf <bpf@...r.kernel.org>,
Networking <netdev@...r.kernel.org>,
Alexei Starovoitov <ast@...com>,
Kernel Team <kernel-team@...com>
Subject: Re: [PATCH bpf-next 1/2] bpf: switch most helper return values from
32-bit int to 64-bit long
On 6/19/20 8:41 PM, Andrii Nakryiko wrote:
> On Fri, Jun 19, 2020 at 6:08 AM Daniel Borkmann <daniel@...earbox.net> wrote:
>> On 6/19/20 2:39 AM, John Fastabend wrote:
>>> John Fastabend wrote:
>>>> Andrii Nakryiko wrote:
>>>>> On Thu, Jun 18, 2020 at 11:58 AM John Fastabend
>>>>> <john.fastabend@...il.com> wrote:
>>>
>>> [...]
>>>
>>>>> That would be great. Self-tests do work, but having more testing with
>>>>> real-world application would certainly help as well.
>>>>
>>>> Thanks for all the follow up.
>>>>
>>>> I ran the change through some CI on my side and it passed so I can
>>>> complain about a few shifts here and there or just update my code or
>>>> just not change the return types on my side but I'm convinced its OK
>>>> in most cases and helps in some so...
>>>>
>>>> Acked-by: John Fastabend <john.fastabend@...il.com>
>>>
>>> I'll follow this up with a few more selftests to capture a couple of our
>>> patterns. These changes are subtle and I worry a bit that additional
>>> <<,s>> pattern could have the potential to break something.
>>>
>>> Another one we didn't discuss that I found in our code base is feeding
>>> the output of a probe_* helper back into the size field (after some
>>> alu ops) of subsequent probe_* call. Unfortunately, the tests I ran
>>> today didn't cover that case.
>>>
>>> I'll put it on the list tomorrow and encode these in selftests. I'll
>>> let the mainainers decide if they want to wait for those or not.
>>
>> Given potential fragility on verifier side, my preference would be that we
>> have the known variations all covered in selftests before moving forward in
>> order to make sure they don't break in any way. Back in [0] I've seen mostly
>> similar cases in the way John mentioned in other projects, iirc, sysdig was
>> another one. If both of you could hack up the remaining cases we need to
>> cover and then submit a combined series, that would be great. I don't think
>> we need to rush this optimization w/o necessary selftests.
>
> There is no rush, but there is also no reason to delay it. I'd rather
> land it early in the libbpf release cycle and let people try it in
> their prod environments, for those concerned about such code patterns.
Andrii, define 'delay'. John mentioned above to put together few more
selftests today so that there is better coverage at least, why is that
an 'issue'? I'm not sure how you read 'late in release cycle' out of it,
it's still as early. The unsigned optimization for len <= MAX_LEN is
reasonable and makes sense, but it's still one [specific] variant only.
> I don't have a list of all the patterns that we might need to test.
> Going through all open-source BPF source code to identify possible
> patterns and then coding them up in minimal selftests is a bit too
> much for me, honestly.
I think we're probably talking past each other. John wrote above:
>>> I'll follow this up with a few more selftests to capture a couple of our
>>> patterns. These changes are subtle and I worry a bit that additional
>>> <<,s>> pattern could have the potential to break something.
So submitting this as a full series together makes absolutely sense to me,
so there's maybe not perfect but certainly more confidence that also other
patterns where the shifts optimized out in one case are then appearing in
another are tested on a best effort and run our kselftest suite.
Thanks,
Daniel
Powered by blists - more mailing lists