lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <93a9ff59-79d1-34ac-213e-1586fd0d04ef@iogearbox.net>
Date:   Thu, 16 Jul 2020 23:16:13 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Maciej Fijalkowski <maciej.fijalkowski@...el.com>, ast@...nel.org
Cc:     bpf@...r.kernel.org, netdev@...r.kernel.org, bjorn.topel@...el.com,
        magnus.karlsson@...el.com
Subject: Re: [PATCH bpf-next 3/5] bpf: propagate poke descriptors to
 subprograms

On 7/16/20 1:36 AM, Maciej Fijalkowski wrote:
> Previously, there was no need for poke descriptors being present in
> subprogram's bpf_prog_aux struct since tailcalls were simply not allowed
> in them. Each subprog is JITed independently so in order to enable
> JITing such subprograms, simply copy poke descriptors from main program
> to subprogram's poke tab.
> 
> Add also subprog's aux struct to the BPF map poke_progs list by calling
> on it map_poke_track().
> 
> Signed-off-by: Maciej Fijalkowski <maciej.fijalkowski@...el.com>
> ---
>   kernel/bpf/verifier.c | 9 +++++++++
>   1 file changed, 9 insertions(+)
> 
> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index 6481342b31ba..3b406b2860ef 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c
> @@ -9932,6 +9932,9 @@ static int jit_subprogs(struct bpf_verifier_env *env)
>   		goto out_undo_insn;
>   
>   	for (i = 0; i < env->subprog_cnt; i++) {
> +		struct bpf_map *map_ptr;
> +		int j;
> +
>   		subprog_start = subprog_end;
>   		subprog_end = env->subprog_info[i + 1].start;
>   
> @@ -9956,6 +9959,12 @@ static int jit_subprogs(struct bpf_verifier_env *env)
>   		func[i]->aux->btf = prog->aux->btf;
>   		func[i]->aux->func_info = prog->aux->func_info;
>   
> +		for (j = 0; j < prog->aux->size_poke_tab; j++) {
> +			bpf_jit_add_poke_descriptor(func[i], &prog->aux->poke_tab[j]);
> +			map_ptr = func[i]->aux->poke_tab[j].tail_call.map;
> +			map_ptr->ops->map_poke_track(map_ptr, func[i]->aux);

Error checking missing for bpf_jit_add_poke_descriptor() and map_poke_track() ..? It
must be guaranteed that adding this to the tracker must not fail, otherwise this will
be a real pain to debug given the prog will never be patched.

> +		}
> +
>   		/* Use bpf_prog_F_tag to indicate functions in stack traces.
>   		 * Long term would need debug info to populate names
>   		 */
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ