| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250106081900.1665573-1-houtao@huaweicloud.com>
Date: Mon, 6 Jan 2025 16:18:41 +0800
From: Hou Tao <houtao@...weicloud.com>
To: bpf@...r.kernel.org,
netdev@...r.kernel.org
Cc: Martin KaFai Lau <martin.lau@...ux.dev>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Andrii Nakryiko <andrii@...nel.org>,
Eduard Zingerman <eddyz87@...il.com>,
Song Liu <song@...nel.org>,
Hao Luo <haoluo@...gle.com>,
Yonghong Song <yonghong.song@...ux.dev>,
Daniel Borkmann <daniel@...earbox.net>,
KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...ichev.me>,
Jiri Olsa <jolsa@...nel.org>,
John Fastabend <john.fastabend@...il.com>,
houtao1@...wei.com,
xukuohai@...wei.com
Subject: faom 13cc1d4ee0a231f81951ee87f1e55229907966ee Mon Sep 17 00:00:00 2001
Hi,
The use of migrate_{disable|enable} pair in BPF is mainly due to the
introduction of bpf memory allocator and the use of per-CPU data struct
in its internal implementation. The caller needs to disable migration
before invoking the alloc or free APIs of bpf memory allocator, and
enable migration after the invocation.
The main users of bpf memory allocator are various kind of bpf maps in
which the map values or the special fields in the map values are
allocated by using bpf memory allocator.
At present, the running context for bpf program has already disabled
migration explictly or implictly, therefore, when these maps are
manipulated in bpf program, it is OK to not invoke migrate_disable()
and migrate_enable() pair. Howevers, it is not always the case when
these maps are manipulated through bpf syscall, therefore many
migrate_{disable|enable} pairs are added when the map can either be
manipulated by BPF program or BPF syscall.
The initial idea of reducing the use of migrate_{disable|enable} comes
from Alexei [1]. I turned it into a patch set that archives the goals
through the following three methods:
1. remove unnecessary migrate_{disable|enable} pair
when the BPF syscall path also disables migration, it is OK to remove
the pair. Patch #1~#3 fall into this category, while patch #4~#5 are
partially included.
2. move the migrate_{disable|enable} pair from inner callee to outer
caller
Instead of invoking migrate_disable() in the inner callee, invoking
migrate_disable() in the outer caller to simplify reasoning about when
migrate_disable() is needed. Patch #4~#5 and patch #6~#19 belongs to
this category.
3. add cant_migrate() check in the inner callee
Add cant_migrate() check in the inner callee to ensure the guarantee
that migration is disabled is not broken. Patch #1~#5, #13, #16~#19 also
belong to this category.
Considering the bpf-next CI is broken, the patch set is verified by
using bpf tree. Please check the individual patches for more details.
Comments are always welcome.
[1]: https://lore.kernel.org/bpf/CAADnVQKZ3=F0L7_R_pYqu7ePzpXRwQEN8tCzmFoxjdJHamMOUQ@mail.gmail.com
Hou Tao (19):
bpf: Remove migrate_{disable|enable} from LPM trie
bpf: Remove migrate_{disable|enable} in ->map_for_each_callback
bpf: Remove migrate_{disable|enable} in htab_elem_free
bpf: Remove migrate_{disable|enable} from bpf_cgrp_storage_lock
helpers
bpf: Remove migrate_{disable|enable} from bpf_task_storage_lock
helpers
bpf: Disable migration when destroying inode storage
bpf: Disable migration when destroying sock storage
bpf: Disable migration when cloning sock storage
bpf: Disable migration in bpf_selem_free_rcu
bpf: Disable migration in array_map_free()
bpf: Disable migration in htab_map_free()
bpf: Disable migration for bpf_selem_unlink in
bpf_local_storage_map_free()
bpf: Remove migrate_{disable|enable} in bpf_obj_free_fields()
bpf: Remove migrate_{disable,enable} in bpf_cpumask_release()
bpf: Disable migration before calling ops->map_free()
bpf: Remove migrate_{disable|enable} from bpf_selem_alloc()
bpf: Remove migrate_{disable|enable} from bpf_local_storage_alloc()
bpf: Remove migrate_{disable|enable} from bpf_local_storage_free()
bpf: Remove migrate_{disable|enable} from bpf_selem_free()
kernel/bpf/arraymap.c | 6 ++----
kernel/bpf/bpf_cgrp_storage.c | 15 +++++++-------
kernel/bpf/bpf_inode_storage.c | 9 ++++----
kernel/bpf/bpf_local_storage.c | 38 +++++++++++++++-------------------
kernel/bpf/bpf_task_storage.c | 15 +++++++-------
kernel/bpf/cpumask.c | 2 --
kernel/bpf/hashtab.c | 21 ++++++++-----------
kernel/bpf/helpers.c | 4 ----
kernel/bpf/lpm_trie.c | 24 +++++++--------------
kernel/bpf/range_tree.c | 2 --
kernel/bpf/syscall.c | 12 ++++++++---
net/core/bpf_sk_storage.c | 11 ++++++----
12 files changed, 71 insertions(+), 88 deletions(-)
--
2.29.2
Powered by blists - more mailing lists