lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 14 Aug 2021 09:21:01 +0900
From:   Kuniyuki Iwashima <kuniyu@...zon.co.jp>
To:     <andrii.nakryiko@...il.com>
CC:     <andrii@...nel.org>, <ast@...nel.org>, <benh@...zon.com>,
        <bpf@...r.kernel.org>, <daniel@...earbox.net>,
        <davem@...emloft.net>, <john.fastabend@...il.com>, <kafai@...com>,
        <kpsingh@...nel.org>, <kuba@...nel.org>, <kuni1840@...il.com>,
        <kuniyu@...zon.co.jp>, <netdev@...r.kernel.org>,
        <songliubraving@...com>, <yhs@...com>
Subject: Re: [PATCH v5 bpf-next 3/4] selftest/bpf: Implement sample UNIX domain socket iterator program.

From:   Andrii Nakryiko <andrii.nakryiko@...il.com>
Date:   Fri, 13 Aug 2021 16:25:53 -0700
> On Thu, Aug 12, 2021 at 9:46 AM Kuniyuki Iwashima <kuniyu@...zon.co.jp> wrote:
> >
> > The iterator can output almost the same result compared to /proc/net/unix.
> > The header line is aligned, and the Inode column uses "%8lu" because "%5lu"
> > can be easily overflown.
> >
> >   # cat /sys/fs/bpf/unix
> >   Num               RefCount Protocol Flags    Type St Inode    Path
> 
> It's totally my OCD, but why the column name is not aligned with
> values? I mean the "Inode" column. It's left aligned, but values
> (numbers) are right-aligned? I'd fix that while applying, but I can't
> apply due to selftests failures, so please take a look.

Ah, honestly, I've felt something strange about the column... will fix it!


> 
> 
> >   ffff963c06689800: 00000002 00000000 00010000 0001 01    18697 private/defer
> >   ffff963c7c979c00: 00000002 00000000 00000000 0001 01   598245 @Hello@...ld@
> >
> >   # cat /proc/net/unix
> >   Num       RefCount Protocol Flags    Type St Inode Path
> >   ffff963c06689800: 00000002 00000000 00010000 0001 01 18697 private/defer
> >   ffff963c7c979c00: 00000002 00000000 00000000 0001 01 598245 @Hello@...ld@
> >
> > Note that this prog requires the patch ([0]) for LLVM code gen.  Thanks to
> > Yonghong Song for analysing and fixing.
> >
> > [0] https://reviews.llvm.org/D107483
> >
> > Signed-off-by: Kuniyuki Iwashima <kuniyu@...zon.co.jp>
> > Acked-by: Yonghong Song <yhs@...com>
> > ---
> 
> This selftests breaks test_progs-no_alu32 ([0], the error log is super
> long and can freeze browser; it looks like an infinite loop and BPF
> verifier just keeps reporting it until it runs out of 1mln
> instructions or something). Please check what's going on there, I
> can't land it as it is right now.
> 
>   [0] https://github.com/kernel-patches/bpf/runs/3326071112?check_suite_focus=true#step:6:124288
> 
> 
> >  tools/testing/selftests/bpf/README.rst        | 38 +++++++++
> >  .../selftests/bpf/prog_tests/bpf_iter.c       | 16 ++++
> >  tools/testing/selftests/bpf/progs/bpf_iter.h  |  8 ++
> >  .../selftests/bpf/progs/bpf_iter_unix.c       | 77 +++++++++++++++++++
> >  .../selftests/bpf/progs/bpf_tracing_net.h     |  4 +
> >  5 files changed, 143 insertions(+)
> >  create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_unix.c
> >
> 
> [...]
> 
> > +                       /* The name of the abstract UNIX domain socket starts
> > +                        * with '\0' and can contain '\0'.  The null bytes
> > +                        * should be escaped as done in unix_seq_show().
> > +                        */
> > +                       int i, len;
> > +
> 
> no_alu32 variant probably isn't happy about using int for this, it
> probably does << 32, >> 32 dance and loses track of actual value in
> the loop. You can try using u64 instead.

Sorry, I missed the no_alu32 test.
Changing int to __u64 fixed the error, thanks!


> 
> > +                       len = unix_sk->addr->len - sizeof(short);
> > +
> > +                       BPF_SEQ_PRINTF(seq, " @");
> > +
> > +                       /* unix_mkname() tests this upper bound. */
> > +                       if (len < sizeof(struct sockaddr_un))
> > +                               for (i = 1; i < len; i++)
> 
> if you move above if inside the loop to break out of the loop, does it
> change how Clang generates code?
> 
> for (i = 1; i < len i++) {
>     if (i >= sizeof(struct sockaddr_un))
>         break;
>     BPF_SEQ_PRINTF(...);
> }

Yes, but there seems little defference.
Which is preferable?

---8<---
before (for inside if) <- -> after (if inside loop)
      96:	07 08 00 00 fe ff ff ff	r8 += -2			  |	; 			for (i = 1; i < len; i++) {
; 			if (len < sizeof(struct sockaddr_un))		  |	      97:	bf 81 00 00 00 00 00 00	r1 = r8
      97:	25 08 10 00 6d 00 00 00	if r8 > 109 goto +16 <LBB0_21>	  |	      98:	07 01 00 00 fc ff ff ff	r1 += -4
; 				for (i = 1; i < len; i++)		  |	      99:	25 01 12 00 6b 00 00 00	if r1 > 107 goto +18 <LBB0_21>
      98:	a5 08 0f 00 02 00 00 00	if r8 < 2 goto +15 <LBB0_21>	  |	     100:	07 08 00 00 fe ff ff ff	r8 += -2
      99:	b7 09 00 00 01 00 00 00	r9 = 1				  |	     101:	b7 09 00 00 01 00 00 00	r9 = 1
     100:	05 00 16 00 00 00 00 00	goto +22 <LBB0_18>		  |	     102:	b7 06 00 00 02 00 00 00	r6 = 2
									  |	     103:	05 00 17 00 00 00 00 00	goto +23 <LBB0_17>
...
     111:	85 00 00 00 7e 00 00 00	call 126			  |	     113:	b4 05 00 00 08 00 00 00	w5 = 8
; 				for (i = 1; i < len; i++)		  |	     114:	85 00 00 00 7e 00 00 00	call 126
     112:	07 09 00 00 01 00 00 00	r9 += 1				  |	; 			for (i = 1; i < len; i++) {
     113:	ad 89 09 00 00 00 00 00	if r9 < r8 goto +9 <LBB0_18>	  |	     115:	25 08 02 00 6d 00 00 00	if r8 > 109 goto +2 <LBB0_21>
									  >	     116:	07 09 00 00 01 00 00 00	r9 += 1
									  >	; 			for (i = 1; i < len; i++) {
									  >	     117:	ad 89 09 00 00 00 00 00	if r9 < r8 goto +9 <LBB0_17>
---8<---


> 
> 
> > +                                       BPF_SEQ_PRINTF(seq, "%c",
> > +                                                      unix_sk->addr->name->sun_path[i] ?:
> > +                                                      '@');
> > +               }
> > +       }
> > +
> > +       BPF_SEQ_PRINTF(seq, "\n");
> > +
> > +       return 0;
> > +}
> > diff --git a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
> > index 3af0998a0623..eef5646ddb19 100644
> > --- a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
> > +++ b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
> > @@ -5,6 +5,10 @@
> >  #define AF_INET                        2
> >  #define AF_INET6               10
> >
> > +#define __SO_ACCEPTCON         (1 << 16)
> > +#define UNIX_HASH_SIZE         256
> > +#define UNIX_ABSTRACT(unix_sk) (unix_sk->addr->hash < UNIX_HASH_SIZE)
> > +
> >  #define SOL_TCP                        6
> >  #define TCP_CONGESTION         13
> >  #define TCP_CA_NAME_MAX                16
> > --
> > 2.30.2
> >

Powered by blists - more mailing lists