From: Daniel Borkmann <dborkman@redhat.com>
To: Alexei Starovoitov <ast@plumgrid.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Ingo Molnar <mingo@kernel.org>,
Linus Torvalds <torvalds@linuxfoundation.org>,
Andy Lutomirski <luto@amacapital.net>,
Steven Rostedt <rostedt@goodmis.org>,
Hannes Frederic Sowa <hannes@stressinduktion.org>,
Chema Gonzalez <chema@google.com>,
Eric Dumazet <edumazet@google.com>,
Peter Zijlstra <a.p.zijlstra@chello.nl>,
Pablo Neira Ayuso <pablo@netfilter.org>,
"H. Peter Anvin" <hpa@zytor.com>,
Andrew Morton <akpm@linuxfoundation.org>,
Kees Cook <keescook@chromium.org>,
linux-api@vger.kernel.org, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v11 net-next 00/12] eBPF syscall, verifier, testsuite
Date: Wed, 10 Sep 2014 11:21:01 +0200 [thread overview]
Message-ID: <541017FD.1030308@redhat.com> (raw)
In-Reply-To: <1410325808-3657-1-git-send-email-ast@plumgrid.com>
On 09/10/2014 07:09 AM, Alexei Starovoitov wrote:
....
> BPF(2) Linux Programmer's Manual BPF(2)
...
> union bpf_attr {
> struct { /* anonymous struct used by BPF_MAP_CREATE command */
> enum bpf_map_type map_type;
> __u32 key_size; /* size of key in bytes */
> __u32 value_size; /* size of value in bytes */
> __u32 max_entries; /* max number of entries in a map */
> };
>
> struct { /* anonymous struct used by BPF_MAP_*_ELEM commands */
> int map_fd;
> void *key;
> union {
> void *value;
> void *next_key;
> };
When you pass in these structs with pointers in it to other user space
buffers, how do you handle this with mixed 32/64 bit user/kernel space?
As an example, for the current way to load BPF although we export ...
struct sock_fprog {
unsigned short len;
struct sock_filter __user *filter;
};
... through uapi, we still need to handle this via compat_sock_fprog
to take care of different pointer sizes via compat_uptr_t :
#ifdef CONFIG_COMPAT
struct compat_sock_fprog {
u16 len;
compat_uptr_t filter;
};
#endif
Perhaps I'm missing something, but I think, that would currently break in
your syscall handler, no?
> };
>
> struct { /* anonymous struct used by BPF_PROG_LOAD command */
> enum bpf_prog_type prog_type;
> __u32 insn_cnt;
> const struct bpf_insn *insns;
> const char *license;
> __u32 log_level; /* verbosity level of eBPF verifier */
> __u32 log_size; /* size of user buffer */
> void *log_buf; /* user supplied buffer */
> };
> };
next prev parent reply other threads:[~2014-09-10 9:21 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-10 5:09 [PATCH v11 net-next 00/12] eBPF syscall, verifier, testsuite Alexei Starovoitov
2014-09-10 5:09 ` Alexei Starovoitov
2014-09-10 5:09 ` [PATCH v11 net-next 01/12] bpf: introduce BPF syscall and maps Alexei Starovoitov
2014-09-10 5:09 ` [PATCH v11 net-next 02/12] bpf: enable bpf syscall on x64 and i386 Alexei Starovoitov
2014-09-10 5:09 ` [PATCH v11 net-next 03/12] bpf: add lookup/update/delete/iterate methods to BPF maps Alexei Starovoitov
2014-09-10 5:10 ` [PATCH v11 net-next 04/12] bpf: expand BPF syscall with program load/unload Alexei Starovoitov
[not found] ` <1410325808-3657-5-git-send-email-ast-uqk4Ao+rVK5Wk0Htik3J/w@public.gmane.org>
2014-09-10 8:04 ` Daniel Borkmann
2014-09-10 8:04 ` Daniel Borkmann
2014-09-10 17:19 ` Alexei Starovoitov
2014-09-10 5:10 ` [PATCH v11 net-next 05/12] bpf: handle pseudo BPF_CALL insn Alexei Starovoitov
2014-09-10 5:10 ` [PATCH v11 net-next 06/12] bpf: verifier (add docs) Alexei Starovoitov
2014-09-10 5:10 ` [PATCH v11 net-next 07/12] bpf: verifier (add ability to receive verification log) Alexei Starovoitov
2014-09-10 5:10 ` [PATCH v11 net-next 08/12] bpf: handle pseudo BPF_LD_IMM64 insn Alexei Starovoitov
2014-09-10 5:10 ` [PATCH v11 net-next 09/12] bpf: verifier (add branch/goto checks) Alexei Starovoitov
2014-09-10 5:10 ` [PATCH v11 net-next 11/12] net: filter: move eBPF instruction macros Alexei Starovoitov
[not found] ` <1410325808-3657-12-git-send-email-ast-uqk4Ao+rVK5Wk0Htik3J/w@public.gmane.org>
2014-09-10 11:24 ` Daniel Borkmann
2014-09-10 11:24 ` Daniel Borkmann
[not found] ` <54103506.1030501-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-09-10 18:16 ` Alexei Starovoitov
2014-09-10 18:16 ` Alexei Starovoitov
2014-09-11 6:29 ` Daniel Borkmann
2014-09-11 6:45 ` Alexei Starovoitov
2014-09-10 5:10 ` [PATCH v11 net-next 12/12] bpf: mini eBPF library, test stubs and verifier testsuite Alexei Starovoitov
[not found] ` <1410325808-3657-13-git-send-email-ast-uqk4Ao+rVK5Wk0Htik3J/w@public.gmane.org>
2014-09-10 11:35 ` Daniel Borkmann
2014-09-10 11:35 ` Daniel Borkmann
[not found] ` <54103776.3080706-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-09-10 18:08 ` Alexei Starovoitov
2014-09-10 18:08 ` Alexei Starovoitov
[not found] ` <CAMEtUuzEQu30WiYprRcDBogJxxrDeNhvn=kF+z8cVvhR-vjTQg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-09-17 7:16 ` Daniel Borkmann
2014-09-17 7:16 ` Daniel Borkmann
2014-09-17 16:17 ` Alexei Starovoitov
[not found] ` <CAMEtUuzaCEX9RKDBMnQBZSHdTjjidp81myfSVVi4qQqtSGgtmw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-09-17 21:59 ` Daniel Borkmann
2014-09-17 21:59 ` Daniel Borkmann
2014-09-17 22:16 ` Alexei Starovoitov
[not found] ` <1410325808-3657-1-git-send-email-ast-uqk4Ao+rVK5Wk0Htik3J/w@public.gmane.org>
2014-09-10 5:10 ` [PATCH v11 net-next 10/12] bpf: verifier (add verifier core) Alexei Starovoitov
2014-09-10 5:10 ` Alexei Starovoitov
2014-09-10 8:19 ` [PATCH v11 net-next 00/12] eBPF syscall, verifier, testsuite Daniel Borkmann
2014-09-10 8:19 ` Daniel Borkmann
2014-09-10 17:28 ` Alexei Starovoitov
2014-09-10 9:03 ` Daniel Borkmann
[not found] ` <541013CE.6020307-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-09-10 17:32 ` Alexei Starovoitov
2014-09-10 17:32 ` Alexei Starovoitov
[not found] ` <CAMEtUuwrHX4ENK9cZ0C+XVB=wkMz1=wLphX_GVLvd8pyJKMXeQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-09-11 19:47 ` Daniel Borkmann
2014-09-11 19:47 ` Daniel Borkmann
[not found] ` <5411FC42.3070505-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-09-11 20:33 ` Alexei Starovoitov
2014-09-11 20:33 ` Alexei Starovoitov
[not found] ` <CAMEtUuziPptHxtw_7fkOdR-paB+8BatNmRPoo3txP8wOp9D6Tw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-09-11 21:54 ` Andy Lutomirski
2014-09-11 21:54 ` Andy Lutomirski
[not found] ` <CALCETrWCEwscbbfX7wAW-A+VQ5Y92igD36BmTXqFra04Qdwk0Q-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-09-11 22:29 ` Alexei Starovoitov
2014-09-11 22:29 ` Alexei Starovoitov
2014-09-12 1:17 ` Andy Lutomirski
2014-09-12 1:29 ` Alexei Starovoitov
2014-09-12 22:40 ` Alexei Starovoitov
2014-09-10 9:21 ` Daniel Borkmann [this message]
2014-09-10 17:48 ` Alexei Starovoitov
2014-09-10 18:22 ` Andy Lutomirski
[not found] ` <CALCETrVBb_uQZpodv67XSTGVU40y6+9Ktw=3zAJgGV2mNJ=_0A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-09-10 20:21 ` Alexei Starovoitov
2014-09-10 20:21 ` Alexei Starovoitov
2014-09-11 19:54 ` Daniel Borkmann
[not found] ` <5411FDE1.3060302-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-09-11 20:35 ` Alexei Starovoitov
2014-09-11 20:35 ` Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=541017FD.1030308@redhat.com \
--to=dborkman@redhat.com \
--cc=a.p.zijlstra@chello.nl \
--cc=akpm@linuxfoundation.org \
--cc=ast@plumgrid.com \
--cc=chema@google.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=hannes@stressinduktion.org \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=rostedt@goodmis.org \
--cc=torvalds@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.