From: Alexei Starovoitov <alexei.starovoitov@gmail.com>
To: Andrii Nakryiko <andrii.nakryiko@gmail.com>
Cc: Christian Brauner <brauner@kernel.org>,
viro@kernel.org, bpf <bpf@vger.kernel.org>,
Linux-Fsdevel <linux-fsdevel@vger.kernel.org>,
Amir Goldstein <amir73il@gmail.com>,
"open list:CONTROL GROUP (CGROUP)" <cgroups@vger.kernel.org>,
kvm@vger.kernel.org,
Network Development <netdev@vger.kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH 17/39] bpf: resolve_pseudo_ldimm64(): take handling of a single ldimm64 insn into helper
Date: Thu, 8 Aug 2024 09:51:34 -0700 [thread overview]
Message-ID: <CAADnVQKZW--EOkn5unFybxTKPNw-6rPB+=mY+cy_yUUsXe8R-w@mail.gmail.com> (raw)
In-Reply-To: <CAEf4BzaeFTn41pP_hbcrCTKNZjwt3TPojv0_CYbP=+973YnWiA@mail.gmail.com>
On Wed, Aug 7, 2024 at 8:31 AM Andrii Nakryiko
<andrii.nakryiko@gmail.com> wrote:
>
> On Wed, Aug 7, 2024 at 3:30 AM Christian Brauner <brauner@kernel.org> wrote:
> >
> > On Tue, Aug 06, 2024 at 03:32:20PM GMT, Andrii Nakryiko wrote:
> > > On Mon, Jul 29, 2024 at 10:20 PM <viro@kernel.org> wrote:
> > > >
> > > > From: Al Viro <viro@zeniv.linux.org.uk>
> > > >
> > > > Equivalent transformation. For one thing, it's easier to follow that way.
> > > > For another, that simplifies the control flow in the vicinity of struct fd
> > > > handling in there, which will allow a switch to CLASS(fd) and make the
> > > > thing much easier to verify wrt leaks.
> > > >
> > > > Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
> > > > ---
> > > > kernel/bpf/verifier.c | 342 +++++++++++++++++++++---------------------
> > > > 1 file changed, 172 insertions(+), 170 deletions(-)
> > > >
> > >
> > > This looks unnecessarily intrusive. I think it's best to extract the
> > > logic of fetching and adding bpf_map by fd into a helper and that way
> > > contain fdget + fdput logic nicely. Something like below, which I can
> > > send to bpf-next.
> > >
> > > commit b5eec08241cc0263e560551de91eda73ccc5987d
> > > Author: Andrii Nakryiko <andrii@kernel.org>
> > > Date: Tue Aug 6 14:31:34 2024 -0700
> > >
> > > bpf: factor out fetching bpf_map from FD and adding it to used_maps list
> > >
> > > Factor out the logic to extract bpf_map instances from FD embedded in
> > > bpf_insns, adding it to the list of used_maps (unless it's already
> > > there, in which case we just reuse map's index). This simplifies the
> > > logic in resolve_pseudo_ldimm64(), especially around `struct fd`
> > > handling, as all that is now neatly contained in the helper and doesn't
> > > leak into a dozen error handling paths.
> > >
> > > Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
> > >
> > > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> > > index df3be12096cf..14e4ef687a59 100644
> > > --- a/kernel/bpf/verifier.c
> > > +++ b/kernel/bpf/verifier.c
> > > @@ -18865,6 +18865,58 @@ static bool bpf_map_is_cgroup_storage(struct
> > > bpf_map *map)
> > > map->map_type == BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE);
> > > }
> > >
> > > +/* Add map behind fd to used maps list, if it's not already there, and return
> > > + * its index. Also set *reused to true if this map was already in the list of
> > > + * used maps.
> > > + * Returns <0 on error, or >= 0 index, on success.
> > > + */
> > > +static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd,
> > > bool *reused)
> > > +{
> > > + struct fd f = fdget(fd);
> >
> > Use CLASS(fd, f)(fd) and you can avoid all that fdput() stuff.
>
> That was the point of Al's next patch in the series, so I didn't want
> to do it in this one that just refactored the logic of adding maps.
> But I can fold that in and send it to bpf-next.
+1.
The bpf changes look ok and Andrii's approach is easier to grasp.
It's better to route bpf conversion to CLASS(fd,..) via bpf-next,
so it goes through bpf CI and our other testing.
bpf patches don't seem to depend on newly added CLASS(fd_pos, ...
and fderr, so pretty much independent from other patches.
next prev parent reply other threads:[~2024-08-08 16:51 UTC|newest]
Thread overview: 134+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-30 5:09 [PATCHSET][RFC] struct fd and memory safety Al Viro
2024-07-30 5:15 ` [PATCH 01/39] memcg_write_event_control(): fix a user-triggerable oops viro
2024-07-30 5:15 ` [PATCH 02/39] introduce fd_file(), convert all accessors to it viro
2024-08-07 9:55 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 03/39] struct fd: representation change viro
2024-07-30 18:10 ` Josef Bacik
2024-08-07 10:07 ` Christian Brauner
2024-08-07 10:03 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 04/39] add struct fd constructors, get rid of __to_fd() viro
2024-08-07 10:09 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 05/39] regularize emptiness checks in fini_module(2) and vfs_dedupe_file_range() viro
2024-08-07 10:10 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 06/39] net/socket.c: switch to CLASS(fd) viro
2024-08-07 10:13 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 07/39] introduce struct fderr, convert overlayfs uses to that viro
2024-07-30 5:15 ` [PATCH 08/39] experimental: convert fs/overlayfs/file.c to CLASS(...) viro
2024-07-30 19:10 ` Josef Bacik
2024-07-30 21:12 ` Al Viro
2024-07-31 21:11 ` Josef Bacik
2024-08-07 10:23 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 09/39] timerfd: switch to CLASS(fd, ...) viro
2024-08-07 10:24 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 10/39] get rid of perf_fget_light(), convert kernel/events/core.c to CLASS(fd) viro
2024-08-07 10:25 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 11/39] switch netlink_getsockbyfilp() to taking descriptor viro
2024-08-07 10:26 ` Christian Brauner
2024-07-30 5:15 ` [PATCH 12/39] do_mq_notify(): saner skb freeing on failures viro
2024-07-30 5:15 ` [PATCH 13/39] do_mq_notify(): switch to CLASS(fd, ...) viro
2024-08-07 10:27 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 14/39] simplify xfs_find_handle() a bit viro
2024-07-30 5:16 ` [PATCH 15/39] convert vmsplice() to CLASS(fd, ...) viro
2024-08-07 10:27 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 16/39] convert __bpf_prog_get() " viro
2024-08-06 21:08 ` Andrii Nakryiko
2024-08-07 10:28 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 17/39] bpf: resolve_pseudo_ldimm64(): take handling of a single ldimm64 insn into helper viro
2024-08-06 22:32 ` Andrii Nakryiko
2024-08-07 10:29 ` Christian Brauner
2024-08-07 15:30 ` Andrii Nakryiko
2024-08-08 16:51 ` Alexei Starovoitov [this message]
2024-08-08 20:35 ` Andrii Nakryiko
2024-08-09 1:23 ` Alexei Starovoitov
2024-08-09 17:23 ` Andrii Nakryiko
2024-08-10 3:29 ` Al Viro
2024-08-12 20:05 ` Andrii Nakryiko
2024-08-13 2:06 ` Al Viro
2024-08-13 3:32 ` Andrii Nakryiko
2024-07-30 5:16 ` [PATCH 18/39] bpf maps: switch to CLASS(fd, ...) viro
2024-08-07 10:34 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 19/39] fdget_raw() users: switch to CLASS(fd_raw, ...) viro
2024-08-07 10:35 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 20/39] introduce "fd_pos" class, convert fdget_pos() users to it viro
2024-08-07 10:36 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 21/39] o2hb_region_dev_store(): avoid goto around fdget()/fdput() viro
2024-07-30 5:16 ` [PATCH 22/39] privcmd_ioeventfd_assign(): don't open-code eventfd_ctx_fdget() viro
2024-07-30 5:16 ` [PATCH 23/39] fdget(), trivial conversions viro
2024-08-07 10:37 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 24/39] fdget(), more " viro
2024-08-07 10:39 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 25/39] convert do_preadv()/do_pwritev() viro
2024-08-07 10:39 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 26/39] convert cachestat(2) viro
2024-08-07 10:39 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 27/39] switch spufs_calls_{get,put}() to CLASS() use viro
2024-07-30 5:16 ` [PATCH 28/39] convert spu_run(2) viro
2024-08-07 10:40 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 29/39] convert media_request_get_by_fd() viro
2024-08-07 10:40 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 30/39] convert coda_parse_fd() viro
2024-08-07 10:41 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 31/39] convert cifs_ioctl_copychunk() viro
2024-08-07 10:41 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 32/39] convert vfs_dedupe_file_range() viro
2024-08-07 10:42 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 33/39] convert do_select() viro
2024-08-07 10:42 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 34/39] do_pollfd(): convert to CLASS(fd) viro
2024-08-07 10:43 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 35/39] convert bpf_token_create() viro
2024-08-06 22:42 ` Andrii Nakryiko
2024-08-10 3:46 ` Al Viro
2024-08-12 20:06 ` Andrii Nakryiko
2024-08-07 10:44 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 36/39] assorted variants of irqfd setup: convert to CLASS(fd) viro
2024-08-07 10:46 ` Christian Brauner
2024-08-10 3:53 ` Al Viro
2024-07-30 5:16 ` [PATCH 37/39] memcg_write_event_control(): switch " viro
2024-08-07 10:47 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 38/39] css_set_fork(): switch to CLASS(fd_raw, ...) viro
2024-08-07 10:47 ` Christian Brauner
2024-07-30 5:16 ` [PATCH 39/39] deal with the last remaing boolean uses of fd_file() viro
2024-08-07 10:48 ` Christian Brauner
2024-07-30 7:13 ` [PATCH 01/39] memcg_write_event_control(): fix a user-triggerable oops Michal Hocko
2024-07-30 7:18 ` Al Viro
2024-07-30 7:37 ` Michal Hocko
2024-07-30 5:17 ` [PATCHSET][RFC] struct fd and memory safety Al Viro
2024-07-30 20:02 ` Josef Bacik
2024-07-31 0:43 ` Al Viro
2024-08-06 17:58 ` Jason Gunthorpe
2024-08-06 18:56 ` Al Viro
2024-08-07 10:51 ` Christian Brauner
2024-11-02 5:02 ` [PATCHSET v3] " Al Viro
2024-11-02 5:07 ` [PATCH v3 01/28] net/socket.c: switch to CLASS(fd) Al Viro
2024-11-02 5:08 ` [PATCH v3 02/28] regularize emptiness checks in fini_module(2) and vfs_dedupe_file_range() Al Viro
2024-11-02 5:08 ` [PATCH v3 03/28] timerfd: switch to CLASS(fd) Al Viro
2024-11-02 5:08 ` [PATCH v3 04/28] get rid of perf_fget_light(), convert kernel/events/core.c " Al Viro
2024-11-02 5:08 ` [PATCH v3 05/28] switch netlink_getsockbyfilp() to taking descriptor Al Viro
2024-11-02 5:08 ` [PATCH v3 06/28] do_mq_notify(): saner skb freeing on failures Al Viro
2024-11-02 5:08 ` [PATCH v3 07/28] do_mq_notify(): switch to CLASS(fd) Al Viro
2024-11-02 5:08 ` [PATCH v3 08/28] simplify xfs_find_handle() a bit Al Viro
2024-11-02 5:08 ` [PATCH v3 09/28] convert vmsplice() to CLASS(fd) Al Viro
2024-11-02 5:08 ` [PATCH v3 10/28] fdget_raw() users: switch to CLASS(fd_raw) Al Viro
2024-11-02 5:08 ` [PATCH v3 11/28] introduce "fd_pos" class, convert fdget_pos() users to it Al Viro
2024-11-02 5:08 ` [PATCH v3 12/28] o2hb_region_dev_store(): avoid goto around fdget()/fdput() Al Viro
2024-11-02 5:08 ` [PATCH v3 13/28] privcmd_ioeventfd_assign(): don't open-code eventfd_ctx_fdget() Al Viro
2024-11-02 5:08 ` [PATCH v3 14/28] fdget(), trivial conversions Al Viro
2024-11-11 17:22 ` Francesco Lavra
2024-11-02 5:08 ` [PATCH v3 15/28] fdget(), more " Al Viro
2024-11-02 5:08 ` [PATCH v3 16/28] convert do_preadv()/do_pwritev() Al Viro
2024-11-02 5:08 ` [PATCH v3 17/28] convert cachestat(2) Al Viro
2024-11-02 5:08 ` [PATCH v3 18/28] switch spufs_calls_{get,put}() to CLASS() use Al Viro
2024-11-02 5:08 ` [PATCH v3 19/28] convert spu_run(2) Al Viro
2024-11-02 5:08 ` [PATCH v3 20/28] convert media_request_get_by_fd() Al Viro
2024-11-02 5:08 ` [PATCH v3 21/28] convert cifs_ioctl_copychunk() Al Viro
2024-11-02 5:08 ` [PATCH v3 22/28] convert vfs_dedupe_file_range() Al Viro
2024-11-02 5:08 ` [PATCH v3 23/28] convert do_select() Al Viro
2024-11-02 5:08 ` [PATCH v3 24/28] do_pollfd(): convert to CLASS(fd) Al Viro
2024-11-02 5:08 ` [PATCH v3 25/28] assorted variants of irqfd setup: " Al Viro
2024-11-02 5:08 ` [PATCH v3 26/28] memcg_write_event_control(): switch " Al Viro
2024-11-02 5:08 ` [PATCH v3 27/28] css_set_fork(): switch to CLASS(fd_raw, ...) Al Viro
2024-11-02 5:08 ` [PATCH v3 28/28] deal with the last remaing boolean uses of fd_file() Al Viro
2024-11-02 12:21 ` [PATCH v3 01/28] net/socket.c: switch to CLASS(fd) Simon Horman
2024-11-03 6:31 ` Al Viro
2024-11-06 10:03 ` Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAADnVQKZW--EOkn5unFybxTKPNw-6rPB+=mY+cy_yUUsXe8R-w@mail.gmail.com' \
--to=alexei.starovoitov@gmail.com \
--cc=amir73il@gmail.com \
--cc=andrii.nakryiko@gmail.com \
--cc=bpf@vger.kernel.org \
--cc=brauner@kernel.org \
--cc=cgroups@vger.kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).