lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 02 Dec 2023 02:20:15 +0200
From: Eduard Zingerman <eddyz87@...il.com>
To: Daniel Xu <dxu@...uu.xyz>, Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: ast@...nel.org, daniel@...earbox.net, shuah@...nel.org,
 andrii@...nel.org,  steffen.klassert@...unet.com,
 antony.antony@...unet.com,  alexei.starovoitov@...il.com,
 yonghong.song@...ux.dev, mykolal@...com,  martin.lau@...ux.dev,
 song@...nel.org, john.fastabend@...il.com,  kpsingh@...nel.org,
 sdf@...gle.com, haoluo@...gle.com, jolsa@...nel.org, 
 linux-kernel@...r.kernel.org, bpf@...r.kernel.org, 
 linux-kselftest@...r.kernel.org, devel@...ux-ipsec.org,
 netdev@...r.kernel.org
Subject: Re: [PATCH ipsec-next v3 5/9] libbpf: selftests: Add verifier tests
 for CO-RE bitfield writes

On Fri, 2023-12-01 at 17:10 -0700, Daniel Xu wrote:
[...]
> > > +SEC("tc")
> > > +__description("single CO-RE bitfield roundtrip")
> > > +__btf_path("btf__core_reloc_bitfields.bpf.o")
> > > +__success __failure_unpriv
> > 
> > do we want __failure_unpriv at all? Is this failure related to
> > *bitfield* logic at all?
> 
> Oh, I pre-emptively added it. From the docs, I thought __failure_unpriv
> meant "don't try to load this as an unprivileged used cuz it'll fail".
> And since I used the tc hook, I figured it'd fail.

Actually it means:
"try to load as unprivileged user and expect failure,
 report error on successful load".

In general, the meaning of "___xxx" and "___xxx_unpriv" annotations
is identical, except first instructs to run the test in privileged mode,
while second instructs to run test in unprivileged mode:
- if only annotations w/o "*_unpriv" suffix are present the test would
  be executed as privileged;
- if only annotations with "*_unpriv" suffix are present the test would
  be executed as unprivileged;
- if both kinds of annotations are present the test would be executed
  in both modes.

[...]

Powered by blists - more mailing lists