From: Daniel Borkmann <daniel@iogearbox.net>
To: Eduard Zingerman <eddyz87@gmail.com>,
bpf@vger.kernel.org, ast@kernel.org
Cc: andrii@kernel.org, martin.lau@linux.dev, kernel-team@fb.com,
yonghong.song@linux.dev
Subject: Re: [PATCH bpf-next v1 1/2] bpf: force checkpoint when jmp history is too long
Date: Mon, 21 Oct 2024 09:53:36 +0200 [thread overview]
Message-ID: <6c0b5c4d-e88a-4cec-8bb6-14fa5b76c56f@iogearbox.net> (raw)
In-Reply-To: <c42181ab5af3f78818db2b77a59d4aa7f3b8338f.camel@gmail.com>
On 10/18/24 6:47 PM, Eduard Zingerman wrote:
> On Fri, 2024-10-18 at 13:03 +0200, Daniel Borkmann wrote:
> [...]
>
>> Impressive that syzbot was able to generate this, and awesome analysis
>> as well as fix.
>
> Thank you for taking a look. I was a bit surprised by syzbot
> generating such program as well, but I guess this is an instance of
> infinite monkey theorem...
>
>> I guess we should also add :
>>
>> Reported-by: syzbot+7e46cdef14bf496a3ab4@syzkaller.appspotmail.com
>
> Yes, we can do that. I was hesitant to add it because original report
> was about a bug in mm/slub.c.
Ok, but as you mentioned the program was derived from this syzbot report,
so for reference, I think it's ok to mention it.
>> Can we also add a Fixes tag so that this can eventually be picked up
>> by stable? bpf tree would be the appropriate target, no?
>
> The fixes tag can be:
>
> Fixes: 2589726d12a1 ("bpf: introduce bounded loops")
Thanks!
> But I'm a bit hesitant if this really a bug, maybe just add:
>
> Cc: stable@vger.kernel.org
If we have a proper Fixes tag, then stable will pick it up anyway, but ...
> For an example of problematic program consider the code below,
> w/o this patch the example is processed by verifier for ~15 minutes,
> before failing to allocate big-enough chunk for jmp_history.
... would qualify for bpf tree imho.
Thanks,
Daniel
next prev parent reply other threads:[~2024-10-21 7:53 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-18 2:03 [PATCH bpf-next v1 1/2] bpf: force checkpoint when jmp history is too long Eduard Zingerman
2024-10-18 2:03 ` [PATCH bpf-next v1 2/2] selftests/bpf: test with a very short loop Eduard Zingerman
2024-10-18 11:05 ` Daniel Borkmann
2024-10-18 11:03 ` [PATCH bpf-next v1 1/2] bpf: force checkpoint when jmp history is too long Daniel Borkmann
2024-10-18 16:47 ` Eduard Zingerman
2024-10-21 7:53 ` Daniel Borkmann [this message]
2024-10-21 20:23 ` Andrii Nakryiko
2024-10-22 2:03 ` Alexei Starovoitov
2024-10-22 3:19 ` Andrii Nakryiko
2024-10-22 2:18 ` Alexei Starovoitov
2024-10-22 2:27 ` Eduard Zingerman
2024-10-22 2:53 ` Alexei Starovoitov
2024-10-22 5:38 ` Eduard Zingerman
2024-10-23 2:52 ` Eduard Zingerman
2024-10-23 17:31 ` Andrii Nakryiko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6c0b5c4d-e88a-4cec-8bb6-14fa5b76c56f@iogearbox.net \
--to=daniel@iogearbox.net \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=eddyz87@gmail.com \
--cc=kernel-team@fb.com \
--cc=martin.lau@linux.dev \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox