lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5a43d42d-375d-4a90-b5ee-8e8ed239cefd@linux.dev>
Date: Tue, 22 Jul 2025 17:37:03 -0700
From: Martin KaFai Lau <martin.lau@...ux.dev>
To: Jakub Sitnicki <jakub@...udflare.com>
Cc: Alexei Starovoitov <ast@...nel.org>, Andrii Nakryiko <andrii@...nel.org>,
 Arthur Fabre <arthur@...hurfabre.com>, Daniel Borkmann
 <daniel@...earbox.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Jesper Dangaard Brouer <hawk@...nel.org>,
 Jesse Brandeburg <jbrandeburg@...udflare.com>,
 Joanne Koong <joannelkoong@...il.com>, Lorenzo Bianconi
 <lorenzo@...nel.org>, Toke Høiland-Jørgensen
 <thoiland@...hat.com>, Yan Zhai <yan@...udflare.com>,
 kernel-team@...udflare.com, netdev@...r.kernel.org,
 Stanislav Fomichev <sdf@...ichev.me>, bpf@...r.kernel.org
Subject: Re: [PATCH bpf-next v3 01/10] bpf: Add dynptr type for skb metadata

On 7/21/25 3:52 AM, Jakub Sitnicki wrote:
> @@ -21788,12 +21798,17 @@ static void specialize_kfunc(struct bpf_verifier_env *env,
>   	if (offset)
>   		return;
>   
> -	if (func_id == special_kfunc_list[KF_bpf_dynptr_from_skb]) {
> +	if (func_id == special_kfunc_list[KF_bpf_dynptr_from_skb] ||
> +	    func_id == special_kfunc_list[KF_bpf_dynptr_from_skb_meta]) {

I don't think this check is needed. The skb_meta is writable to tc.

>   		seen_direct_write = env->seen_direct_write;
>   		is_rdonly = !may_access_direct_pkt_data(env, NULL, BPF_WRITE);

is_rdonly is always false here.

>   
> -		if (is_rdonly)
> -			*addr = (unsigned long)bpf_dynptr_from_skb_rdonly;
> +		if (is_rdonly) {
> +			if (func_id == special_kfunc_list[KF_bpf_dynptr_from_skb])
> +				*addr = (unsigned long)bpf_dynptr_from_skb_rdonly;
> +			else if (func_id == special_kfunc_list[KF_bpf_dynptr_from_skb_meta])
> +				*addr = (unsigned long)bpf_dynptr_from_skb_meta_rdonly;
> +		}

[ ... ]

> +int bpf_dynptr_from_skb_meta_rdonly(struct __sk_buff *skb, u64 flags,

so I suspect this is never used and not needed now. Please check.
It can be revisited in the future when other hooks are supported. It will be a 
useful comment in the commit message.

> +				    struct bpf_dynptr *ptr__uninit)
> +{
> +	return dynptr_from_skb_meta(skb, flags, ptr__uninit, true);
> +}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ