| Message ID | 20211029203624.1367572-1-cascardo@canonical.com |
|---|---|
| Headers | show |
| Series | BPF tests on i386 | expand |
Acked-by: Tim Gardner <tim.gardner@canonical.com> LGTM, only affects testing. On 10/29/21 2:36 PM, Thadeu Lima de Souza Cascardo wrote: > BugLink: https://bugs.launchpad.net/bugs/1788578 > BugLink: https://bugs.launchpad.net/bugs/1934414 > > These two bugs are related to BPF tests on i386. > > The first one requires a change on how some narrow/unaligned context access > is allowed. It could lead to BPF programs causing processor exceptions on > some architectures, though it shouldn't. > > The second one only changes the tests. I verified at least i386 and amd64, > and they are all fine there. > > The second bug required a lot of backport, because we didn't want to > required kernel BPF verifier changes that could introduce regressions, or > worse, potential vulnerabilities because of incomplete backports. > > Those would be: > > commit cc8b0b92a1699bc32f7fec71daa2bfc90de43a4d "bpf: introduce function > calls (function boundaries)", which would open a big can of worms we don't > want to do. > > commit 5e581dad4fec0e6d062740dc35b8dc248b39d224 "bpf: make unknown opcode > handling more robust". Though it might add more robustness, it changes the > table in the interpreter, so I decided not to backport it now, and fixup > the error messages in test_verifier, instead. > > Cascardo. > > > Alexei Starovoitov (1): > selftests/bpf: make test_verifier run most programs > > Daniel Borkmann (3): > bpf: add couple of test cases for div/mod by zero > bpf: add further test cases around div/mod and others > bpf: fix context access in tracing progs on 32 bit archs > > include/linux/filter.h | 30 +- > kernel/bpf/verifier.c | 3 +- > kernel/trace/bpf_trace.c | 10 +- > lib/test_bpf.c | 8 +- > tools/testing/selftests/bpf/test_verifier.c | 358 +++++++++++++++++++- > 5 files changed, 397 insertions(+), 12 deletions(-) >
On 29.10.21 22:36, Thadeu Lima de Souza Cascardo wrote: > BugLink: https://bugs.launchpad.net/bugs/1788578 > BugLink: https://bugs.launchpad.net/bugs/1934414 > > These two bugs are related to BPF tests on i386. > > The first one requires a change on how some narrow/unaligned context access > is allowed. It could lead to BPF programs causing processor exceptions on > some architectures, though it shouldn't. > > The second one only changes the tests. I verified at least i386 and amd64, > and they are all fine there. > > The second bug required a lot of backport, because we didn't want to > required kernel BPF verifier changes that could introduce regressions, or > worse, potential vulnerabilities because of incomplete backports. > > Those would be: > > commit cc8b0b92a1699bc32f7fec71daa2bfc90de43a4d "bpf: introduce function > calls (function boundaries)", which would open a big can of worms we don't > want to do. > > commit 5e581dad4fec0e6d062740dc35b8dc248b39d224 "bpf: make unknown opcode > handling more robust". Though it might add more robustness, it changes the > table in the interpreter, so I decided not to backport it now, and fixup > the error messages in test_verifier, instead. > > Cascardo. > > > Alexei Starovoitov (1): > selftests/bpf: make test_verifier run most programs > > Daniel Borkmann (3): > bpf: add couple of test cases for div/mod by zero > bpf: add further test cases around div/mod and others > bpf: fix context access in tracing progs on 32 bit archs > > include/linux/filter.h | 30 +- > kernel/bpf/verifier.c | 3 +- > kernel/trace/bpf_trace.c | 10 +- > lib/test_bpf.c | 8 +- > tools/testing/selftests/bpf/test_verifier.c | 358 +++++++++++++++++++- > 5 files changed, 397 insertions(+), 12 deletions(-) > Awesome, thanks a lot Thadeu for these backports! Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> Thanks
On 29.10.21 22:36, Thadeu Lima de Souza Cascardo wrote: > BugLink: https://bugs.launchpad.net/bugs/1788578 > BugLink: https://bugs.launchpad.net/bugs/1934414 > > These two bugs are related to BPF tests on i386. > > The first one requires a change on how some narrow/unaligned context access > is allowed. It could lead to BPF programs causing processor exceptions on > some architectures, though it shouldn't. > > The second one only changes the tests. I verified at least i386 and amd64, > and they are all fine there. > > The second bug required a lot of backport, because we didn't want to > required kernel BPF verifier changes that could introduce regressions, or > worse, potential vulnerabilities because of incomplete backports. > > Those would be: > > commit cc8b0b92a1699bc32f7fec71daa2bfc90de43a4d "bpf: introduce function > calls (function boundaries)", which would open a big can of worms we don't > want to do. > > commit 5e581dad4fec0e6d062740dc35b8dc248b39d224 "bpf: make unknown opcode > handling more robust". Though it might add more robustness, it changes the > table in the interpreter, so I decided not to backport it now, and fixup > the error messages in test_verifier, instead. > > Cascardo. > > > Alexei Starovoitov (1): > selftests/bpf: make test_verifier run most programs > > Daniel Borkmann (3): > bpf: add couple of test cases for div/mod by zero > bpf: add further test cases around div/mod and others > bpf: fix context access in tracing progs on 32 bit archs > > include/linux/filter.h | 30 +- > kernel/bpf/verifier.c | 3 +- > kernel/trace/bpf_trace.c | 10 +- > lib/test_bpf.c | 8 +- > tools/testing/selftests/bpf/test_verifier.c | 358 +++++++++++++++++++- > 5 files changed, 397 insertions(+), 12 deletions(-) > Applied to bionic:linux. Thanks, Kleber