Re: [PATCH bpf-next V2] bpf: add skb->queue_mapping write access from tc clsact

On 02/19/2019 07:53 PM, Jesper Dangaard Brouer wrote: > The skb->queue_mapping already have read access, via __sk_buff->queue_mapping. > > This patch allow BPF tc qdisc clsact write access to the queue_mapping via > tc_cls_act_is_valid_access. Also handle that the value NO_QUEUE_MAPPING > is not

Re: [PATCH bpf-next] bpf: check that BPF programs run with preemption disabled

On 01/31/2019 11:29 PM, Daniel Borkmann wrote: > On 01/29/2019 02:21 AM, Alexei Starovoitov wrote: >> From: Peter Zijlstra >> >> Introduce cant_sleep() macro for annotation of functions that cannot sleep. >> >> Use it in BPF_PROG_RUN to catch execution of BPF p

Re: [PATCH bpf-next 3/9] bpf: add bpf helper bpf_skb_set_ecn

On 02/19/2019 11:52 AM, Daniel Borkmann wrote: [...] > Looking at cg_skb_verifier_ops ... it seems there also a bug in the current > code, namely that if we have a direct packet write, we don't make the skb > writable; at that point skb->data is not private. The cg_skb_is_valid_

[PATCH net] ipvlan: disallow userns cap_net_admin to change global mode/flags

1/32 scope link cilium_host valid_lft forever preferred_lft forever [...] One way to mitigate it is to check CAP_NET_ADMIN permissions of the ipvlan master device's ns, and only then allow to change mode or flags for all devices bound to it. Above two cases are then disallowed after t

Re: linux-next: manual merge of the net-next tree with the bpf tree

On 02/20/2019 01:41 AM, Alexei Starovoitov wrote: > On Tue, Feb 19, 2019 at 4:37 PM Stephen Rothwell > wrote: >> >> Hi all, >> >> Today's linux-next merge of the net-next tree got a conflict in: >> >> tools/testing/selftests/bpf/test_progs.c >> >> between commit: >> >> f6be4d16039b ("selftest

Re: BUG: assuming atomic context at kernel/seccomp.c:LINE

0x101/0x360 kernel/seccomp.c:932 >  syscall_trace_enter+0x5bf/0xe10 arch/x86/entry/common.c:120 >  do_syscall_64+0x479/0x610 arch/x86/entry/common.c:280 >  entry_SYSCALL_64_after_hwframe+0x49/0xbe False positive; bpf-next only. Pushing this out in a bit: >From d56547070162a105ff666f3324e558fa6492aed

[PATCH bpf-next] bpf, seccomp: fix false positive preemption splat for cbpf->ebpf progs

bled") Reported-by: syzbot+8bf19ee2aa580de7a...@syzkaller.appspotmail.com Signed-off-by: Daniel Borkmann --- include/linux/filter.h | 9 - kernel/seccomp.c | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/include/linux/filter.h b/include/linux/filter.h index

Re: [PATCH bpf-next] bpf, seccomp: fix false positive preemption splat for cbpf->ebpf progs

On 02/20/2019 06:07 PM, Alexei Starovoitov wrote: > On Wed, Feb 20, 2019 at 12:06:29PM +0100, Daniel Borkmann wrote: >> In 568f196756ad ("bpf: check that BPF programs run with preemption disabled") >> a check was added for BPF_PROG_RUN() that for every invocation preempt

[PATCH bpf-next v2] bpf, seccomp: fix false positive preemption splat for cbpf->ebpf progs

t;) Reported-by: syzbot+8bf19ee2aa580de7a...@syzkaller.appspotmail.com Signed-off-by: Daniel Borkmann Acked-by: Kees Cook --- v1 -> v2: - More elaborate comment and added SECCOMP_RUN - Added Kees' ACK from earlier v1 patch include/linux/filter.h | 22 +- kernel/s

Re: [PATCH bpf-next v2] bpf, seccomp: fix false positive preemption splat for cbpf->ebpf progs

On 02/21/2019 06:31 AM, Kees Cook wrote: > On Wed, Feb 20, 2019 at 8:03 PM Alexei Starovoitov > wrote: >> >> On Wed, Feb 20, 2019 at 3:59 PM Alexei Starovoitov >> wrote: >>> >>> On Thu, Feb 21, 2019 at 12:01:35AM +0100, Daniel Borkmann wrote: >>&

Re: [PATCH] bpf: test_bpf: turn of preemption in function __run_once

On 02/21/2019 09:44 AM, Anders Roxell wrote: > When running test seccomp_bpf the following splat occurs: > > [ RUN ] > global.secseccomp_bpf.c:2136:global.detect_seccomp_filter_flags:Expected 22 > (22) == (*__errno_location ()) (14) > seccomp_bpf.c:2138:global.detect_seccomp_filter_flags:Fa

Re: [PATCH bpf] Revert "xsk: simplify AF_XDP socket teardown"

On 02/21/2019 01:07 PM, Björn Töpel wrote: > From: Björn Töpel > > This reverts commit e2ce3674883ecba2605370404208c9d4a07ae1c3. > > It turns out that the sock destructor xsk_destruct was needed after > all. The cleanup simplification broke the skb transmit cleanup path, > due to that the umem w

[PATCH] x86, retpolines: raise limit for generating indirect calls from switch-case

8,051,192). For clang this option is ignored due to i) not being needed as mentioned and ii) not having above cmdline parameter. Non-retpoline-enabled builds with gcc continue to use the default case-values-threshold setting, so nothing changes here. [0] https://lore.kernel.org/netdev/20190129095754.9390-1-b

Re: [PATCH] x86, retpolines: raise limit for generating indirect calls from switch-case

On 02/21/2019 11:27 PM, Linus Torvalds wrote: > On Thu, Feb 21, 2019 at 2:20 PM Daniel Borkmann wrote: >> >> In case of gcc, this setting is controlled by case-values-threshold >> which has an architecture global default that selects 4 or 5 ( > > Ack. For ret

Re: [PATCH bpf v2] bpf, lpm: fix lookup bug in map_delete_elem

On 02/22/2019 02:19 PM, Alban Crequy wrote: > From: Alban Crequy > > trie_delete_elem() was deleting an entry even though it was not matching > if the prefixlen was correct. This patch adds a check on matchlen. > > Reproducer: > > $ sudo bpftool map create /sys/fs/bpf/mylpm type lpm_trie key 8

Re: [PATCH] samples/bpf: Fix dummy program unloading for xdp_redirect samples

On 02/21/2019 11:47 PM, Martin Lau wrote: > On Thu, Feb 21, 2019 at 05:30:54PM +0100, Maciej Fijalkowski wrote: >> On Thu, 21 Feb 2019 17:05:39 +0100 >> Toke Høiland-Jørgensen wrote: >> >>> The xdp_redirect and xdp_redirect_map sample programs both load a dummy >>> program onto the egress interfac

[PATCH bpf] bpf, doc: add bpf list as secondary entry to maintainers file

Cc for BPF specific topics. Signed-off-by: Daniel Borkmann Acked-by: Alexei Starovoitov --- MAINTAINERS | 14 +- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/MAINTAINERS b/MAINTAINERS index 41ce5f4..d78f371 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -2852,7 +2

Re: [PATCH bpf 0/2] nfp: bpf: fix two ALU32 code-gen bugs

On 02/22/2019 11:36 PM, Jiong Wang wrote: > code-gen for BPF_ALU | BPF_XOR | BPF_K is wrong when imm is -1, also high > 32-bit of 64-bit register should always be cleared. > > This set fixed both bugs. > > Jiong Wang (2): > nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K > nfp: bpf: f

pull-request: bpf 2019-02-23

Töpel (1): Revert "xsk: simplify AF_XDP socket teardown" Daniel Borkmann (2): Merge branch 'bpf-nfp-codegen-fixes' bpf, doc: add bpf list as secondary entry to maintainers file Jiong Wang (2): nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K nfp: b

Re: INFO: task hung in rtnetlink_rcv_msg

On 02/22/2019 10:45 PM, Jakub Kicinski wrote: > On Fri, 22 Feb 2019 12:14:57 -0800, Joe Perches wrote: >> On Fri, 2019-02-22 at 12:01 -0800, Jakub Kicinski wrote: >>> Hi! >>> >>> Seems like something funny is going on with get_maintainer.pl since XDP >>> entry got added. We seem to have been CCed

Re: [PATCH bpf-next 1/4] bpf: enable program stats

On 02/23/2019 01:34 AM, Roman Gushchin wrote: > On Fri, Feb 22, 2019 at 03:36:41PM -0800, Alexei Starovoitov wrote: >> JITed BPF programs are indistinguishable from kernel functions, but unlike >> kernel code BPF code can be changed often. >> Typical approach of "perf record" + "perf report" profil

Re: [PATCH v2 bpf-next 4/9] bpf: add bpf helper bpf_skb_ecn_set_ce

On 02/23/2019 02:06 AM, brakmo wrote: > This patch adds a new bpf helper BPF_FUNC_skb_ecn_set_ce > "int bpf_skb_ecn_set_ce(struct sk_buff *skb)". It is added to > BPF_PROG_TYPE_CGROUP_SKB typed bpf_prog which currently can > be attached to the ingress and egress path. The helper is needed > because

Re: [PATCH v2 bpf-next 4/9] bpf: add bpf helper bpf_skb_ecn_set_ce

On 02/23/2019 08:30 AM, Martin Lau wrote: > On Sat, Feb 23, 2019 at 02:14:26AM +0100, Daniel Borkmann wrote: >> On 02/23/2019 02:06 AM, brakmo wrote: >>> This patch adds a new bpf helper BPF_FUNC_skb_ecn_set_ce >>> "int bpf_skb_ecn_set_ce(struc

Re: [PATCH bpf-next 1/4] bpf: enable program stats

On 02/23/2019 03:38 AM, Alexei Starovoitov wrote: > On Sat, Feb 23, 2019 at 02:06:56AM +0100, Daniel Borkmann wrote: >> >> In general, having some stats and timing info would be useful, but I >> guess people might want to customize it in future even more specifically >

Re: [PATCH bpf] bpf: properly check TCP_CONGESTION optlen

On 02/24/2019 12:11 AM, Alexei Starovoitov wrote: > On Sat, Feb 23, 2019 at 12:48:53PM -0800, Eric Dumazet wrote: >> On 02/23/2019 12:38 PM, Alexei Starovoitov wrote: >>> On Sat, Feb 23, 2019 at 11:07:09AM -0800, Eric Dumazet wrote: If caller of bpf_setsockopt() is silly passing a negative opt

Re: [PATCH v2 bpf-next 4/4] tools/bpftool: recognize bpf_prog_info runtime and runcnt

On 02/23/2019 06:44 PM, Alexei Starovoitov wrote: > $ bpftool p s > 1: kprobe tag a56587d488d216c9 gpl runtime 79786 runcnt 8 > loaded_at 2019-02-22T12:22:51-0800 uid 0 > xlated 352B not jited memlock 4096B > > $ bpftool --json --pretty p s > [{ > "id": 1, > "type"

Re: [PATCH v2] bpf: test_bpf: turn of preemption in function __run_once

On 02/22/2019 09:46 AM, Anders Roxell wrote: > When running BPF test suite the following splat occurs: > > [ 415.930950] test_bpf: #0 TAX jited:0 > [ 415.931067] BUG: assuming atomic context at lib/test_bpf.c:6674 > [ 415.946169] in_atomic(): 0, irqs_disabled(): 0, pid: 11556, name: modprobe >

Re: [PATCH bpf-next] bpf/test_run: fix unkillable BPF_PROG_TEST_RUN for flow dissector

On 02/19/2019 07:54 PM, Stanislav Fomichev wrote: > Syzbot found out that running BPF_PROG_TEST_RUN with repeat=0x > makes process unkillable. The problem is that when CONFIG_PREEMPT is > enabled, we never see need_resched() return true. This is due to the > fact that preempt_enable() (whic

Re: [PATCH bpf-next] selftests/bpf: make sure signal interrupts BPF_PROG_TEST_RUN

On 02/21/2019 08:11 PM, Stanislav Fomichev wrote: > Simple test that I used to reproduce the issue in the previous commit: > Do BPF_PROG_TEST_RUN with max iterations, each program is 4096 simple > move instructions. File alarm in 0.1 second and check that > bpf_prog_test_run is interrupted (i.e. te

Re: [PATCH bpf-next v6 0/3] libbpf: adding AF_XDP support

On 02/21/2019 10:21 AM, Magnus Karlsson wrote: > This patch proposes to add AF_XDP support to libbpf. The main reason > for this is to facilitate writing applications that use AF_XDP by > offering higher-level APIs that hide many of the details of the AF_XDP > uapi. This is in the same vein as libb

Re: [PATCH] bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id()

On 02/26/2019 03:15 PM, zerons wrote: > [ Upstream commit c91951f15978f1a0c6b65f063d30f7ea7bc6fb42 ] Thanks for the fix! What do you mean by "upstream commit" above in this context? > In bpf/syscall.c, bpf_map_get_fd_by_id() use bpf_map_inc_not_zero() to > increase > the refcount, both map->refc

Re: [PATCH bpf-next 1/4] bpf: enable program stats

On 02/26/2019 05:27 AM, Alexei Starovoitov wrote: > On 2/25/19 2:36 AM, Daniel Borkmann wrote: >> >> Not through the stack, but was more thinking something like low-overhead >> kprobes-style extension for a BPF prog where such sequence would be added >> 'inline&

Re: [PATCH] bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id()

On 02/26/2019 03:58 PM, zerons wrote: > On 2/26/19 22:44, Daniel Borkmann wrote: >> On 02/26/2019 03:15 PM, zerons wrote: >>> [ Upstream commit c91951f15978f1a0c6b65f063d30f7ea7bc6fb42 ] >> >> Thanks for the fix! What do you mean by "upstream commit" above

Re: [PATCH] bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id()

On 02/26/2019 06:33 PM, Martin Lau wrote: > On Tue, Feb 26, 2019 at 10:15:37PM +0800, zerons wrote: >> [ Upstream commit c91951f15978f1a0c6b65f063d30f7ea7bc6fb42 ] >> >> In bpf/syscall.c, bpf_map_get_fd_by_id() use bpf_map_inc_not_zero() to >> increase >> the refcount, both map->refcnt and map->us

Re: [PATCH v3 bpf-next 0/4] bpf: per program stats

On 02/25/2019 11:28 PM, Alexei Starovoitov wrote: > Introduce per program stats to monitor the usage BPF > > v2->v3: > - rename to run_time_ns/run_cnt everywhere > > v1->v2: > - fixed u64 stats on 32-bit archs. Thanks Eric > - use more verbose run_time_ns in json output as suggested by Andrii > -

Re: [PATCH V2] samples: bpf: fix: broken sample regarding removed function

On 02/27/2019 08:52 AM, Daniel T. Lee wrote: > Currently, running sample "task_fd_query" and "tracex3" occurs the > following error. On kernel v5.0-rc* this sample will be unavailable > due to the removal of function 'blk_start_request' at commit "a1ce35f". > (function removed, as "Single Queue IO

[PATCH bpf-next v2 4/7] bpf, libbpf: refactor relocation handling

From: Joe Stringer Adjust the code for relocations slightly with no functional changes, so that upcoming patches that will introduce support for relocations into the .data, .rodata and .bss sections can be added independent of these changes. Signed-off-by: Joe Stringer Signed-off-by: Daniel

[PATCH bpf-next v2 7/7] bpf, selftest: test {rd,wr}only flags and direct value access

27;, bad access 1 OK #914/p XDP pkt read, pkt_data <= pkt_meta', bad access 2 OK Summary: 1352 PASSED, 1 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann --- tools/include/linux/filter.h | 19 +- tools/testing/selftests/bpf/test_verifier.c | 40 - .../selfte

[PATCH bpf-next v2 0/7] BPF support for global data

lot! v1 -> v2: - Instead of 32-bit static data, implement full global data support. [0] https://patchwork.ozlabs.org/cover/1040290/ [1] http://vger.kernel.org/lpc-bpf2018.html#session-3 Daniel Borkmann (5): bpf: implement lookup-free direct value access bpf: add program sid

[PATCH bpf-next v2 1/7] bpf: implement lookup-free direct value access

for libbpf library. Signed-off-by: Daniel Borkmann --- include/linux/bpf.h | 6 +++ include/linux/bpf_verifier.h | 4 ++ include/uapi/linux/bpf.h | 6 ++- kernel/bpf/arraymap.c | 33 ++ kernel/bpf/core.c | 3 +- k

[PATCH bpf-next v2 6/7] bpf, selftest: test global data/bss/rodata sections

Daniel Borkmann. Signed-off-by: Joe Stringer Signed-off-by: Daniel Borkmann --- tools/testing/selftests/bpf/bpf_helpers.h | 2 +- .../selftests/bpf/progs/test_global_data.c| 61 +++ tools/testing/selftests/bpf/test_progs.c | 50 +++ 3 files changed, 112

[PATCH bpf-next v2 3/7] bpf, obj: allow . char as part of the name

Trivial addition to allow '.' aside from '_' as "special" characters in the object name. Used to name maps from loader side as ".bss", ".data", ".rodata". Signed-off-by: Daniel Borkmann --- kernel/bpf/syscall.c | 6 +++--- 1 file chang

[PATCH bpf-next v2 2/7] bpf: add program side {rd,wr}only support

a map values from verifier side. Signed-off-by: Daniel Borkmann --- include/linux/bpf.h | 18 ++ include/uapi/linux/bpf.h | 10 +- kernel/bpf/arraymap.c | 2 +- kernel/bpf/hashtab.c | 2 +- kernel/bpf/local_storage.c| 2 +- kerne

[PATCH bpf-next v2 5/7] bpf, libbpf: support global data/bss/rodata sections

, but this could be done in a subsequent step. Based upon recent fix in LLVM, commit c0db6b6bd444 ("[BPF] Don't fail for static variables"). Joint work with Joe Stringer. [0] LPC 2018, BPF track, "ELF relocation for static data in BPF", http://vger.kernel.org/lpc-

Re: [PATCH bpf-next] bpf: add missing entries to bpf_helpers.h

On 02/27/2019 05:08 PM, Willem de Bruijn wrote: > From: Willem de Bruijn > > This header defines the BPF functions enumerated in uapi/linux.bpf.h > in a callable format. Expand to include all registered functions. > > Signed-off-by: Willem de Bruijn Applied, thanks!

Re: [PATCH bpf-next] selftests/bpf: use __bpf_constant_htons in test_prog.c for flow dissector

On 02/27/2019 08:15 PM, Stanislav Fomichev wrote: > Older GCC (<4.8) isn't smart enough to optimize !__builtin_constant_p() > branch in bpf_htons. > > I recently fixed it for pkt_v4 and pkt_v6 in commit a0517a0f7ef23 > ("selftests/bpf: use __bpf_constant_htons in test_prog.c"), but later > added a

Re: [PATCH bpf-next v2 0/5] samples: bpf: continue effort to get rid of bpf_load

On 02/28/2019 04:04 AM, Jakub Kicinski wrote: > Hi! > > This set is next part of a quest to get rid of the bpf_load > ELF loader. It fixes some minor issues with the samples and > starts the conversion. > > First patch fixes ping invocations, ping localhost defaults > to IPv6 on modern setups. N

Re: [PATCH v3] tools/libbpf: signedness bug in btf_dedup_ref_type()

On 02/28/2019 07:06 PM, Dan Carpenter wrote: > The "ref_type_id" variable needs to be signed for the error handling > to work. > > Fixes: d5caef5b5655 ("btf: add BTF types deduplication algorithm") > Signed-off-by: Dan Carpenter > Acked-by: Andrii Nakryiko Applied, thanks!

Re: [PATCH bpf-next v2 5/7] bpf, libbpf: support global data/bss/rodata sections

On 03/01/2019 12:41 AM, Stanislav Fomichev wrote: > On 03/01, Daniel Borkmann wrote: >> This work adds BPF loader support for global data sections >> to libbpf. This allows to write BPF programs in more natural >> C-like way by being able to define global variables and const &

Re: [PATCH bpf-next 3/4] bpf: fix formatting, typos, reflow comments in syscall.c, verifier.c

On 02/28/2019 11:40 PM, Song Liu wrote: > On Thu, Feb 28, 2019 at 10:59 AM Andrii Nakryiko wrote: >> >> Fix few formatting errors. Fix few typos and reflow long descriptive >> comments for more even text fill. >> >> Signed-off-by: Andrii Nakryiko > > I think we should not change the code for for

Re: [PATCH bpf-next 3/4] bpf: fix formatting, typos, reflow comments in syscall.c, verifier.c

On 03/01/2019 01:27 AM, Daniel Borkmann wrote: > On 02/28/2019 11:40 PM, Song Liu wrote: >> On Thu, Feb 28, 2019 at 10:59 AM Andrii Nakryiko wrote: >>> >>> Fix few formatting errors. Fix few typos and reflow long descriptive >>> comments for more even text

Re: [PATCH v2 bpf-next 0/5] btf_dedup algorithm and test fixes

On 03/01/2019 12:31 AM, Andrii Nakryiko wrote: > This patchset fixes a bug in btf_dedup() algorithm, which under specific hash > collision causes infinite loop. It also exposes ability to tune BTF > deduplication table size, with double purpose of allowing applications to > adjust size according to

Re: [PATCH bpf-next v2 2/7] bpf: add program side {rd,wr}only support

On 03/01/2019 04:51 AM, Jakub Kicinski wrote: > On Fri, 1 Mar 2019 00:18:24 +0100, Daniel Borkmann wrote: >> This work adds two new map creation flags BPF_F_RDONLY_PROG >> and BPF_F_WRONLY_PROG in order to allow for read-only or >> write-only BPF maps from a BPF program side

Re: [PATCH bpf-next v2 3/7] bpf, obj: allow . char as part of the name

On 03/01/2019 06:52 AM, Andrii Nakryiko wrote: > On Thu, Feb 28, 2019 at 3:31 PM Daniel Borkmann wrote: >> >> Trivial addition to allow '.' aside from '_' as "special" characters >> in the object name. Used to name maps from loader side as

Re: [PATCH bpf-next v2 1/7] bpf: implement lookup-free direct value access

On 03/01/2019 06:46 AM, Andrii Nakryiko wrote: > On Thu, Feb 28, 2019 at 3:31 PM Daniel Borkmann wrote: >> >> This generic extension to BPF maps allows for directly loading an >> address residing inside a BPF map value as a single BPF ldimm64 >> instruction. >

Re: [PATCH bpf-next v2 5/7] bpf, libbpf: support global data/bss/rodata sections

On 03/01/2019 07:53 AM, Andrii Nakryiko wrote: > On Thu, Feb 28, 2019 at 3:31 PM Daniel Borkmann wrote: >> >> This work adds BPF loader support for global data sections >> to libbpf. This allows to write BPF programs in more natural >> C-like way by being able to define

Re: SOCKET_FILTER regression - eBPF can't subtract when attached from unprivileged user

On 03/01/2019 12:39 PM, Arthur Fabre wrote: > I can reproduce this on 4.19.0-3-amd64 both with, and without the JIT enabled. > > Dumping the "root" and "non-root" programs with bpftool, > the subtraction instructions differ: > > "non-root": >0: (85) call bpf_ktime_get_ns#74944 >1: (bf) r7

Re: SOCKET_FILTER regression - eBPF can't subtract when attached from unprivileged user

On 03/01/2019 12:39 PM, Arthur Fabre wrote: > I can reproduce this on 4.19.0-3-amd64 both with, and without the JIT enabled. > > Dumping the "root" and "non-root" programs with bpftool, > the subtraction instructions differ: > > "non-root": >0: (85) call bpf_ktime_get_ns#74944 >1: (bf) r7

Re: SOCKET_FILTER regression - eBPF can't subtract when attached from unprivileged user

> > On Fri, Mar 1, 2019 at 3:04 PM Daniel Borkmann wrote: >> >> On 03/01/2019 12:39 PM, Arthur Fabre wrote: >>> I can reproduce this on 4.19.0-3-amd64 both with, and without the JIT >>> enabled. >>> >>> Dumping the "root" and "non

Re: [PATCH bpf-next v2 1/7] bpf: implement lookup-free direct value access

On 03/01/2019 06:18 PM, Yonghong Song wrote: > On 2/28/19 3:18 PM, Daniel Borkmann wrote: >> This generic extension to BPF maps allows for directly loading an >> address residing inside a BPF map value as a single BPF ldimm64 >> instruction. >> >> The idea is simil

Re: [PATCH bpf-next v2 5/7] bpf, libbpf: support global data/bss/rodata sections

On 03/01/2019 07:11 PM, Yonghong Song wrote: > On 2/28/19 3:18 PM, Daniel Borkmann wrote: [...] >> @@ -1412,6 +1568,24 @@ bpf_program__relocate(struct bpf_program *prog, >> struct bpf_object *obj) >>

Re: [PATCH bpf-next v2 6/7] bpf, selftest: test global data/bss/rodata sections

On 03/01/2019 08:13 PM, Andrii Nakryiko wrote: > On Thu, Feb 28, 2019 at 3:32 PM Daniel Borkmann wrote: >> From: Joe Stringer >> >> Add tests for libbpf relocation of static variable references >> into the .data, .rodata and .bss sections of the ELF. Tests with &

Re: [PATCH bpf-next v2 5/7] bpf, libbpf: support global data/bss/rodata sections

On 03/01/2019 08:19 PM, Yonghong Song wrote: > On 3/1/19 11:10 AM, Andrii Nakryiko wrote: >> On Fri, Mar 1, 2019 at 10:58 AM Yonghong Song wrote: >>> On 3/1/19 10:48 AM, Andrii Nakryiko wrote: >>>> On Fri, Mar 1, 2019 at 10:31 AM Yonghong Song wrote: >>>

Re: [PATCH bpf-next v2 5/7] bpf, libbpf: support global data/bss/rodata sections

On 03/01/2019 09:25 PM, Yonghong Song wrote: > On 3/1/19 12:06 PM, Daniel Borkmann wrote: >> On 03/01/2019 08:19 PM, Yonghong Song wrote: >>> On 3/1/19 11:10 AM, Andrii Nakryiko wrote: >>>> On Fri, Mar 1, 2019 at 10:58 AM Yonghong Song wrote: >>>>&

[PATCH bpf] bpf: fix sanitation rewrite in case of non-pointers

ur Fabre Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/netdev/cajpywtjqp34ck20ilm5ymumz9kxqodu1-+bzrgmagglubwz...@mail.gmail.com/T/ --- [ Test case will be routed via bpf-next to avoid useless merge churn due to test_verifier rework in bpf-next. ] kernel/bpf/verifier.c | 3

[PATCH bpf-next] bpf: add test cases for non-pointer sanitiation logic

Add two additional tests for further asserting the BPF_ALU_NON_POINTER logic with cases that were missed previously. Signed-off-by: Daniel Borkmann Cc: Marek Majkowski Cc: Arthur Fabre --- .../selftests/bpf/verifier/value_ptr_arith.c | 44 ++- 1 file changed, 43 insertions

Re: [PATCH] MIPS: eBPF: Fix icache flush end address

remove the bogus > multiplication, and use braces to remove the need for a set of brackets > whilst also making it obvious that the target field is a pointer. > > Signed-off-by: Paul Burton > Fixes: b6bd53f9c4e8 ("MIPS: Add missing file for eBPF JIT.") > Cc: Alexei Star

Re: [PATCH bpf] bpf: fix sanitation rewrite in case of non-pointers

On 03/02/2019 12:18 AM, Song Liu wrote: > On Fri, Mar 1, 2019 at 1:06 PM Daniel Borkmann wrote: >> >> Marek reported that he saw an issue with the below snippet in that >> timing measurements where off when loaded as unpriv while results >> were reasonabl

Re: [PATCH bpf-next] bpf: add test cases for non-pointer sanitiation logic

On 03/02/2019 12:22 AM, Song Liu wrote: > On Fri, Mar 1, 2019 at 1:10 PM Daniel Borkmann wrote: >> >> Add two additional tests for further asserting the >> BPF_ALU_NON_POINTER logic with cases that were missed >> previously. >> >> Signed-off-by: Daniel

Re: [PATCH net] bpf: fix u64_stats_init() usage in bpf_prog_alloc()

On 03/01/2019 11:33 PM, Eric Dumazet wrote: > We need to iterate through all possible cpus. > > Fixes: 492ecee892c2 ("bpf: enable program stats") > Signed-off-by: Eric Dumazet > Reported-by: Guenter Roeck > Tested-by: Guenter Roeck Applied, thanks! Issue is only in bpf-next, not net, therefore

Re: [PATCH v2 bpf-next 0/3] bpf docs typo, wording and formatting fixes

On 03/01/2019 02:12 AM, Andrii Nakryiko wrote: > A bunch of BPF-related docs typo, wording and formatting fixes. > > v1->v2: > - split off non-documentation changes into separate patchset > > Andrii Nakryiko (3): > docs/btf: fix typos, improve wording > docs/btf: reflow text to fill up to 78

Re: [PATCH bpf-next v2 0/7] selftests: bpf: break up test_progs

On 03/01/2019 12:24 AM, Stanislav Fomichev wrote: > Recently we had linux-next bpf/bpf-next conflict when we added new > functionality to the test_progs.c at the same location. Let's split > test_progs.c the same way we recently split test_verifier.c. > > I follow the same patten we did in commit

Re: [PATCH bpf-next] selftests/bpf: set unlimited RLIMIT_MEMLOCK for test_sock_fields

On 03/01/2019 07:18 AM, Yonghong Song wrote: > This is to avoid permission denied error. A lot of systems > may have a much lower number, e.g., 64KB, for RLIMIT_MEMLOCK, > which may not be sufficient for the test to run successfully. > > Fixes: e0b27b3f97b8 ("bpf: Add test_sock_fields for skb->sk

Re: [PATCH bpf-next] bpf: add test cases for non-pointer sanitiation logic

On 03/02/2019 01:04 AM, Song Liu wrote: > On Fri, Mar 1, 2019 at 3:27 PM Daniel Borkmann wrote: >> On 03/02/2019 12:22 AM, Song Liu wrote: >>> On Fri, Mar 1, 2019 at 1:10 PM Daniel Borkmann wrote: [...] > > I see, so the *2 comes from > > BPF_ALU64_REG(BPF_A

Re: [PATCH bpf-next] samples/bpf: silence compiler warning for xdpsock_user.c

On 03/01/2019 07:19 AM, Yonghong Song wrote: > Compiling xdpsock_user.c with 4.8.5, I hit the following > compilation warning: > HOSTCC samples/bpf/xdpsock_user.o > /data/users/yhs/work/net-next/samples/bpf/xdpsock_user.c: In function > ‘main’: > /data/users/yhs/work/net-next/samples/bpf/

Re: [PATCH bpf-next v2 5/7] bpf, libbpf: support global data/bss/rodata sections

On 03/02/2019 01:23 AM, Yonghong Song wrote: > On 2/28/19 4:19 PM, Daniel Borkmann wrote: >> On 03/01/2019 12:41 AM, Stanislav Fomichev wrote: >>> On 03/01, Daniel Borkmann wrote: >>>> This work adds BPF loader support for global data sections >>>> to li

Re: [PATCH v3 bpf-next 1/2] bpf: Fix bpf_tcp_sock and bpf_sk_fullsock issue related to bpf_sk_release

On 03/02/2019 09:21 PM, Martin Lau wrote: > On Sat, Mar 02, 2019 at 10:03:03AM -0800, Alexei Starovoitov wrote: >> On Sat, Mar 02, 2019 at 08:10:10AM -0800, Martin KaFai Lau wrote: >>> Lorenz Bauer [thanks!] reported that a ptr returned by bpf_tcp_sock(sk) >>> can still be accessed after bpf_sk_rel

bpf-next is CLOSED

>From this point onwards please only submit bug fixes targeted to bpf tree given the merge window. We will send out the last bpf-next PR to David today. Thanks everyone, Daniel

pull-request: bpf-next 2019-03-04

w text to fill up to 78 characters docs/bpf: minor casing/punctuation fixes Dan Carpenter (1): tools/libbpf: signedness bug in btf_dedup_ref_type() Daniel Borkmann (6): Merge branch 'bpf-libbpf-af-xdp' Merge branch 'bpf-prog-stats' Merge branch 

Re: BUG: unable to handle kernel paging request in bpf_prog_kallsyms_add

On 03/04/2019 08:45 AM, Dmitry Vyukov wrote: > On Mon, Sep 10, 2018 at 10:31 AM syzbot > wrote: >> >> Hello, >> >> syzbot found the following crash on: >> >> HEAD commit:f6f3bac08ff9 tools/bpf: bpftool: add net support >> git tree: bpf-next >> console output: https://syzkaller.appspot.co

Re: [PATCH bpf-next v2 1/7] bpf: implement lookup-free direct value access

On 03/04/2019 07:03 AM, Andrii Nakryiko wrote: > On Thu, Feb 28, 2019 at 3:31 PM Daniel Borkmann wrote: [...] >> @@ -6664,8 +6669,10 @@ static int replace_map_fd_with_map_ptr(struct >> bpf_verifier_env *env) >> } >> >> if (

[PATCH bpf] bpf: fix replace_map_fd_with_map_ptr's ldimm64 second imm field

y and consistency, the few insn->{src_reg,imm} occurrences are rewritten into insn[0].{src_reg,imm}. Add a test case to the BPF selftest suite as well. Fixes: 0246e64d9a5f ("bpf: handle pseudo BPF_LD_IMM64 insn") Signed-off-by: Daniel Borkmann --- [ Needs to wait until bpf tree has everyth

Re: "A call to built-in function '__stack_chk_fail' is not supported." when building BPF samples/tools

On 03/05/2019 12:18 AM, Hazrael wrote: > Hello, > > I guess I'm taking risks by asking this here, as the problem > I have is definitely more likely to come from my setup, but > after many research I don't know where to seek help. No worries, completely fine to ask. > So here it goes : when I try

Re: static bpf vars. Was: [PATCH bpf-next v2 5/7] bpf, libbpf: support global data/bss/rodata sections

On 03/05/2019 03:28 AM, Alexei Starovoitov wrote: > On Fri, Mar 01, 2019 at 09:06:35PM +0100, Daniel Borkmann wrote: > > Overall I think the patches and direction is great. > Thanks a lot for working on it. > More thoughts below: Okay, thanks! >> By the way, from LLVM

Re: [PATCH bpf] bpf: fix sanitation rewrite in case of non-pointers

On 03/05/2019 03:12 PM, Jakub Sitnicki wrote: [...] > Could you please queue it for -stable which has d3bd7413e0ca ("bpf: fix > sanitation of alu op with pointer / scalar type from different paths")? Already done here yesterday morning: https://lore.kernel.org/stable/40b25ec1c31e234cf7eee75d62083

Re: [PATCH v3 bpf-next 0/3] bpf: add bpf_progenyof helper

On 03/05/2019 11:47 PM, Javier Honduvilla Coto wrote: > Hi all, > > This patch add the bpf_progenyof helper which receives a PID and returns > 1 if the process currently being executed is in the process hierarchy, > including itself or 0 if not. > > This is very useful in tracing programs when we

Re: [PATCH] bpf: fix sysctl.c warning

On 03/04/2019 09:34 PM, Arnd Bergmann wrote: > When CONFIG_BPF_SYSCALL or CONFIG_SYSCTL is disabled, we get > a warning about an unused function: > > kernel/sysctl.c:3331:12: error: 'proc_dointvec_minmax_bpf_stats' defined but > not used [-Werror=unused-function] > static int proc_dointvec_minma

Re: [PATCH bpf] bpf: only test gso type on gso packets

On 03/06/2019 08:35 PM, Willem de Bruijn wrote: > From: Willem de Bruijn > > BPF can adjust gso only for tcp bytestreams. Fail on other gso types. > > But only on gso packets. It does not touch this field if !gso_size. > > Fixes: b90efd225874 ("bpf: only adjust gso_size on bytestream protocols"

Re: [PATCH][bpf-next] bpf: hbm: fix spelling mistake "deault" -> "default"

On 03/05/2019 06:31 PM, Colin King wrote: > From: Colin Ian King > > There are a couple of typos, fix these. > > Signed-off-by: Colin Ian King Applied, thanks!

Re: [PATCH net] xsk: fix potential crash in xsk_diag_put_umem()

/xsk_diag.c:113 [inline] > RIP: 0010:xsk_diag_dump+0xdcb/0x13a0 net/xdp/xsk_diag.c:143 [...] > > Fixes: a36b38aa2af6 ("xsk: add sock_diag interface for AF_XDP") > Signed-off-by: Eric Dumazet > Reported-by: syzbot > Cc: Björn Töpel > Cc: Daniel Borkmann > Cc: Magnus Karlsson Applied, thanks!

Re: [PATCH net-next (fix) 0/2] fix GSO bpf_lwt_ip_encap

On 03/05/2019 01:27 AM, Peter Oskolkov wrote: > This is a small fix and a test. Sent to net-next because > the offending patch is not in net yet. > > Peter Oskolkov (2): > net: fix GSO in bpf_lwt_push_ip_encap > selftests/bpf: test that GSO works in lwt_ip_encap > > net/core/lwt_bpf.c

Re: [PATCH bpf] selftests: bpf: test_progs: initialize duration in singal_pending test

On 03/07/2019 12:25 AM, Stanislav Fomichev wrote: > CHECK macro implicitly uses duration. We call CHECK() a couple of times > before duration is initialized from bpf_prog_test_run(). > Explicitly set duration to 0 to avoid compiler warnings. > > Fixes: 740f8a657221 ("selftests/bpf: make sure signa

Re: [PATCH bpf 1/2] selftests: bpf: fix compilation with out-of-tree $(OUTPUT)

On 03/06/2019 08:59 PM, Stanislav Fomichev wrote: > A bunch of related changes lumped together: > * Create prog_tests and verifier output directories; these don't exist with > out-of-tree $(OUTPUT) > * Add missing -I (via separate TEST_{PROGS,VERIFIER}_CFLAGS) for the main tree > ($(PWD) != $(O

Re: [PATCH bpf] bpf: Stop the psock parser before canceling its work

On 03/07/2019 11:35 AM, Jakub Sitnicki wrote: > We might have never enabled (started) the psock's parser, in which case it > will not get stopped when destroying the psock. This leads to a warning > when trying to cancel parser's work from psock's deferred destructor: > > [ 405.325769] WARNING: C

Re: [PATCH v3 bpf]: libbpf: fixing leak when kernel does not support btf

On 03/08/2019 06:18 AM, Nikita V. Shirokov wrote: > we could end up in situation when we have object file w/ all btf > info but kernel does not support btf yet. in this situation currently > libbpf just set obj->btf to NULL w/o freeing it first. > this patch if fixing it by making sure to run btf__

Re: [PATCH bpf 1/2] xsk: fix to reject invalid flags in xsk_bind

On 03/08/2019 12:06 PM, Björn Töpel wrote: > On Fri, 8 Mar 2019 at 11:46, Maciej Fijalkowski > wrote: [...] So maybe check here also that only one particular flag is set by doing: if (hweight32(flags & (XDP_SHARED_UMEM | XDP_COPY | XDP_ZEROCOPY)) > 1) return -EINVAL; >>

Re: [PATCH V3] bpf: fix warning about using plain integer as NULL

On 03/08/2019 07:45 AM, Bo YU wrote: > Sparse warning below: > > sudo make C=2 CF=-D__CHECK_ENDIAN__ M=net/bpf/ > CHECK net/bpf//test_run.c > net/bpf//test_run.c:19:77: warning: Using plain integer as NULL pointer > ./include/linux/bpf-cgroup.h:295:77: warning: Using plain integer as NULL > poi

Re: [PATCH v3 bpf]: libbpf: fixing leak when kernel does not support btf

On 03/08/2019 05:45 PM, Martin Lau wrote: > On Fri, Mar 08, 2019 at 05:18:14AM +, Nikita V. Shirokov wrote: >> we could end up in situation when we have object file w/ all btf >> info but kernel does not support btf yet. in this situation currently >> libbpf just set obj->btf to NULL w/o freein

pull-request: bpf 2019-03-09

n Ian King (1): bpf: hbm: fix spelling mistake "deault" -> "default" Daniel Borkmann (1): bpf: fix replace_map_fd_with_map_ptr's ldimm64 second imm field Eric Dumazet (1): xsk: fix potential crash in xsk_diag_put_umem() Jakub Sitnicki (1):

Re: 979d63d50c0c0f7bc537bf821e056cc9fe5abd38 bpf: prevent out of bounds speculation on pointer arithmetic

Hi Jason, On 03/11/2019 10:18 AM, Jason Yan wrote: > Hi, Daniel & Greg > > This patch (979d63d50c0c bpf: prevent out of bounds speculation on pointer > arithmetic) was assigned a CVE (CVE-2019-7308) with a high score: > > CVSS v3.0 Severity and Metrics: > Base Score: 9.8 CRITICAL > > And this

<    3   4   5   6   7   8   9   10   11   12   >