lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 22 Jul 2022 22:17:57 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     "Paul E. McKenney" <paulmck@...nel.org>, bpf@...r.kernel.org,
        netdev@...r.kernel.org, linux-doc@...r.kernel.org
Cc:     corbet@....net, ast@...nel.org, andrii@...nel.org, kafai@...com,
        songliubraving@...com, yhs@...com, john.fastabend@...il.com,
        kpsingh@...nel.org, kernel-team@...com
Subject: Re: [PATCH bpf 2/2] bpf: Update bpf_design_QA.rst to clarify that
 attaching to functions is not ABI

On 7/22/22 8:06 PM, Paul E. McKenney wrote:
> This patch updates bpf_design_QA.rst to clarify that the ability to
> attach a BPF program to a given function in the kernel does not make
> that function become part of the Linux kernel's ABI.
> 
> Signed-off-by: Paul E. McKenney <paulmck@...nel.org>
> ---
>   Documentation/bpf/bpf_design_QA.rst | 12 ++++++++++++
>   1 file changed, 12 insertions(+)
> 
> diff --git a/Documentation/bpf/bpf_design_QA.rst b/Documentation/bpf/bpf_design_QA.rst
> index 2ed9128cfbec8..46337a60255e9 100644
> --- a/Documentation/bpf/bpf_design_QA.rst
> +++ b/Documentation/bpf/bpf_design_QA.rst
> @@ -279,3 +279,15 @@ cc (congestion-control) implementations.  If any of these kernel
>   functions has changed, both the in-tree and out-of-tree kernel tcp cc
>   implementations have to be changed.  The same goes for the bpf
>   programs and they have to be adjusted accordingly.
> +
> +Q: Attaching to kernel functions is an ABI?

small nit, I'd change to: Attaching to arbitrary kernel functions [...]

Otherwise I think this could be a bit misunderstood, e.g. most of the networking
programs (e.g. XDP, tc, sock_addr) have a fixed framework around them where
attaching programs is part of ABI.

Rest looks good, thanks for writing this up, Paul!

> +-------------------------------------------
> +Q: BPF programs can be attached to many kernel functions.  Do these
> +kernel functions become part of the ABI?
> +
> +A: NO.
> +
> +The kernel function prototypes will change, and BPF programs attaching to
> +them will need to change.  The BPF compile-once-run-everywhere (CO-RE)
> +should be used in order to make it easier to adapt your BPF programs to
> +different versions of the kernel.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ