From: Eduard Zingerman <eddyz87@gmail.com>
To: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Cc: bpf <bpf@vger.kernel.org>, Alexei Starovoitov <ast@kernel.org>,
Andrii Nakryiko <andrii@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Martin KaFai Lau <martin.lau@linux.dev>,
Kernel Team <kernel-team@fb.com>,
Yonghong Song <yonghong.song@linux.dev>,
"Jose E. Marchesi" <jose.marchesi@oracle.com>
Subject: Re: [bpf-next v3 02/12] bpf: no_caller_saved_registers attribute for helper calls
Date: Mon, 22 Jul 2024 11:42:07 -0700 [thread overview]
Message-ID: <cf862f584ac053f6485e3dc2e57598f0ede582e6.camel@gmail.com> (raw)
In-Reply-To: <CAADnVQLp=NVoPPn0_mUvQEVuXMr6YB-WmY0pQoFMrOY=+H2Ydw@mail.gmail.com>
On Fri, 2024-07-19 at 19:00 -0700, Alexei Starovoitov wrote:
[...]
> > It is possible to move remove_nocsr_spills_fills() before
> > check_max_stack_depth(), but check_stack_access_within_bounds() would
> > still report errors for nocsr stack slots, because
> > check_nocsr_stack_contract() and check_stack_access_within_bounds()
> > are both invoked during main verification pass and contract validation
> > is not yet finished.
>
> Agree that it's a half measure, but it's still better than doing it
> after check_max_stack_depth().
>
> We can also allow check_stack_access_within_bounds() to go above 512
> for nocsr pattern. If spill/fill is later removed then great,
> if not then it's not a big deal to go slightly above 512 especially
> considering that private stack is coming in soon.
Ok, I'm going to update check_stack_slot_within_bounds() to allow
access for up to 512+48 (to account for all 6 nocsr registers)
if accessing instruction is a spill/fill marked as nocsr pattern.
It is a speculative thing, because nocsr contract might be found void
at some later point during program verification.
However check_max_stack_depth_subprog() would still catch access below
-512 if nocsr spills are not removed. So, the worst case -- error
report for stack usage would be less user friendly.
Don't think any other uses of MAX_BPF_STACK need an update,
as all the rest seem to deal with registers representing stack pointers.
next prev parent reply other threads:[~2024-07-22 18:42 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-15 23:01 [bpf-next v3 00/12] no_caller_saved_registers attribute for helper calls Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 01/12] bpf: add a get_helper_proto() utility function Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 02/12] bpf: no_caller_saved_registers attribute for helper calls Eduard Zingerman
2024-07-16 1:51 ` Alexei Starovoitov
2024-07-16 5:34 ` Eduard Zingerman
2024-07-20 2:00 ` Alexei Starovoitov
2024-07-22 18:42 ` Eduard Zingerman [this message]
2024-07-15 23:01 ` [bpf-next v3 03/12] bpf, x86, riscv, arm: no_caller_saved_registers for bpf_get_smp_processor_id() Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 04/12] selftests/bpf: extract utility function for BPF disassembly Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 05/12] selftests/bpf: print correct offset for pseudo calls in disasm_insn() Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 06/12] selftests/bpf: no need to track next_match_pos in struct test_loader Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 07/12] selftests/bpf: extract test_loader->expect_msgs as a data structure Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 08/12] selftests/bpf: allow checking xlated programs in verifier_* tests Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 09/12] selftests/bpf: __arch_* macro to limit test cases to specific archs Eduard Zingerman
2024-07-15 23:01 ` [bpf-next v3 10/12] selftests/bpf: test no_caller_saved_registers spill/fill removal Eduard Zingerman
2024-07-15 23:02 ` [bpf-next v3 11/12] bpf: do check_nocsr_stack_contract() for ARG_ANYTHING helper params Eduard Zingerman
2024-07-16 2:00 ` Alexei Starovoitov
2024-07-16 10:03 ` Eduard Zingerman
2024-07-16 18:15 ` Eduard Zingerman
2024-07-20 1:54 ` Alexei Starovoitov
2024-07-20 1:58 ` Eduard Zingerman
2024-07-15 23:02 ` [bpf-next v3 12/12] selftests/bpf: check nocsr contract for bpf_probe_read_kernel() Eduard Zingerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cf862f584ac053f6485e3dc2e57598f0ede582e6.camel@gmail.com \
--to=eddyz87@gmail.com \
--cc=alexei.starovoitov@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jose.marchesi@oracle.com \
--cc=kernel-team@fb.com \
--cc=martin.lau@linux.dev \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox