From: Yonghong Song <yonghong.song@linux.dev>
To: Eduard Zingerman <eddyz87@gmail.com>,
bpf@vger.kernel.org, ast@kernel.org
Cc: andrii@kernel.org, daniel@iogearbox.net, martin.lau@linux.dev,
kernel-team@fb.com, kuniyu@amazon.com
Subject: Re: [PATCH bpf-next 1/3] selftests/bpf: update tcp_custom_syncookie to use scalar packet offset
Date: Mon, 12 Feb 2024 15:58:49 -0800 [thread overview]
Message-ID: <1837f55d-687e-470c-9911-dfe5d11a4f09@linux.dev> (raw)
In-Reply-To: <20240212143832.28838-2-eddyz87@gmail.com>
On 2/12/24 6:38 AM, Eduard Zingerman wrote:
> The next commit in a series fixes bug in bpf_loop() handling.
> That change makes tcp_custom_syncookie test too complex to verify.
>
> This commit updates tcp_custom_syncookie.c:tcp_parse_option() to use
> explicit packet offset (ctx->off) for packet access instead of ever
> moving pointer (ctx->ptr), this reduces verification complexity:
> - the tcp_parse_option() is passed as a callback to bpf_loop();
> - suppose a checkpoint is created each time at function entry;
> - the ctx->ptr is tracked by verifier as PTR_TO_PACKET;
> - the ctx->ptr is incremented in tcp_parse_option(),
> thus umax_value field tracked for it is incremented as well;
> - on each next iteration of tcp_parse_option()
> checkpoint from a previous iteration can't be reused
> for state pruning, because PTR_TO_PACKET registers are
> considered equivalent only if old->umax_value >= cur->umax_value;
> - on the other hand, the ctx->off is a SCALAR,
> subject to widen_imprecise_scalars();
> - it's exact bounds are eventually forgotten and it is tracked as
> unknown scalar at entry to tcp_parse_option();
> - hence checkpoints created at the start of the function eventually
> converge.
>
> The change is similar to one applied in [0] to xdp_synproxy_kern.c.
>
> [0] commit 977bc146d4eb ("selftests/bpf: track tcp payload offset as scalar in xdp_synproxy")
>
> Signed-off-by: Eduard Zingerman <eddyz87@gmail.com>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
next prev parent reply other threads:[~2024-02-12 23:59 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-12 14:38 [PATCH bpf-next 0/3] check bpf_func_state->callback_depth when pruning states Eduard Zingerman
2024-02-12 14:38 ` [PATCH bpf-next 1/3] selftests/bpf: update tcp_custom_syncookie to use scalar packet offset Eduard Zingerman
2024-02-12 23:58 ` Yonghong Song [this message]
2024-02-12 14:38 ` [PATCH bpf-next 2/3] bpf: check bpf_func_state->callback_depth when pruning states Eduard Zingerman
2024-02-13 1:20 ` Yonghong Song
2024-02-13 14:21 ` Eduard Zingerman
2024-02-13 18:14 ` Eduard Zingerman
2024-02-14 17:42 ` Yonghong Song
2024-02-16 14:27 ` Eduard Zingerman
2024-02-20 0:25 ` Yonghong Song
2024-02-20 17:13 ` Eduard Zingerman
2024-02-12 14:38 ` [PATCH bpf-next 3/3] selftests/bpf: test case for callback_depth states pruning logic Eduard Zingerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1837f55d-687e-470c-9911-dfe5d11a4f09@linux.dev \
--to=yonghong.song@linux.dev \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=kernel-team@fb.com \
--cc=kuniyu@amazon.com \
--cc=martin.lau@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.