lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAM_iQpVAhOOP_PRsvL37J1WwOxHKmLEnRXVBYag1nNccHN7PYw@mail.gmail.com>
Date:   Thu, 20 May 2021 13:44:21 -0700
From:   Cong Wang <xiyou.wangcong@...il.com>
To:     Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc:     John Fastabend <john.fastabend@...il.com>,
        Linux Kernel Network Developers <netdev@...r.kernel.org>,
        bpf <bpf@...r.kernel.org>, Cong Wang <cong.wang@...edance.com>,
        Jiang Wang <jiang.wang@...edance.com>,
        Daniel Borkmann <daniel@...earbox.net>,
        Jakub Sitnicki <jakub@...udflare.com>,
        Lorenz Bauer <lmb@...udflare.com>
Subject: Re: [Patch bpf] selftests/bpf: Retry for EAGAIN in udp_redir_to_connected()

On Thu, May 20, 2021 at 1:14 PM Andrii Nakryiko
<andrii.nakryiko@...il.com> wrote:
>
> Bugs do happen though, so if you can detect some error condition
> instead of having an infinite loop, then do it.

You both are underestimating the problem. There are two different things
to consider here:

1) Kernel bugs: This is known unknown, we certainly do not know
how many bugs we have, otherwise they would have been fixed
already. So we can not predict the consequence of the bug either,
assuming a bug could only cause packet drop is underestimated.

2) Configurations: For instance, firewall rules. If the selftests are run
in a weird firewall setup which drops all UDP packets, there is nothing
we can do in the test itself. If we have to detect this, then we would
have to detect netem cases too where packets can be held indefinitely
or reordered arbitrarily. The possibilities here are too many to detect,
hence I argue the selftests should setup its own non-hostile environment,
which has nothing to do with any specific program.

This is why I ask you to draw a boundary: what we can assume and
what we can't. My boundary is obviously clear: we just assume the
environment is non-hostile and we can't predict any kernel bugs,
nor their consequences.

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ