lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAOuyyO4UWe7+=0bunQgv=yMOsLvC6PmnW6cgzorj19fWY0kgrg@mail.gmail.com>
Date:   Fri, 17 Jul 2020 11:36:49 +0200
From:   Maciej Fijalkowski <maciejromanfijalkowski@...il.com>
To:     Daniel Borkmann <daniel@...earbox.net>
Cc:     Maciej Fijalkowski <maciej.fijalkowski@...el.com>, ast@...nel.org,
        bpf@...r.kernel.org, netdev@...r.kernel.org, bjorn.topel@...el.com,
        magnus.karlsson@...el.com
Subject: Re: [PATCH bpf-next 3/5] bpf: propagate poke descriptors to subprograms

On Thu, Jul 16, 2020 at 11:18 PM Daniel Borkmann <daniel@...earbox.net> wrote:
>
> On 7/16/20 1:36 AM, Maciej Fijalkowski wrote:
> > Previously, there was no need for poke descriptors being present in
> > subprogram's bpf_prog_aux struct since tailcalls were simply not allowed
> > in them. Each subprog is JITed independently so in order to enable
> > JITing such subprograms, simply copy poke descriptors from main program
> > to subprogram's poke tab.
> >
> > Add also subprog's aux struct to the BPF map poke_progs list by calling
> > on it map_poke_track().
> >
> > Signed-off-by: Maciej Fijalkowski <maciej.fijalkowski@...el.com>
> > ---
> >   kernel/bpf/verifier.c | 9 +++++++++
> >   1 file changed, 9 insertions(+)
> >
> > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> > index 6481342b31ba..3b406b2860ef 100644
> > --- a/kernel/bpf/verifier.c
> > +++ b/kernel/bpf/verifier.c
> > @@ -9932,6 +9932,9 @@ static int jit_subprogs(struct bpf_verifier_env *env)
> >               goto out_undo_insn;
> >
> >       for (i = 0; i < env->subprog_cnt; i++) {
> > +             struct bpf_map *map_ptr;
> > +             int j;
> > +
> >               subprog_start = subprog_end;
> >               subprog_end = env->subprog_info[i + 1].start;
> >
> > @@ -9956,6 +9959,12 @@ static int jit_subprogs(struct bpf_verifier_env *env)
> >               func[i]->aux->btf = prog->aux->btf;
> >               func[i]->aux->func_info = prog->aux->func_info;
> >
> > +             for (j = 0; j < prog->aux->size_poke_tab; j++) {
> > +                     bpf_jit_add_poke_descriptor(func[i], &prog->aux->poke_tab[j]);
> > +                     map_ptr = func[i]->aux->poke_tab[j].tail_call.map;
> > +                     map_ptr->ops->map_poke_track(map_ptr, func[i]->aux);
>
> Error checking missing for bpf_jit_add_poke_descriptor() and map_poke_track() ..? It
> must be guaranteed that adding this to the tracker must not fail, otherwise this will
> be a real pain to debug given the prog will never be patched.

My bad, will fix it in v2.

>
> > +             }
> > +
> >               /* Use bpf_prog_F_tag to indicate functions in stack traces.
> >                * Long term would need debug info to populate names
> >                */
> >
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ