From: Alexei Starovoitov <alexei.starovoitov@gmail.com>
To: John Fastabend <john.fastabend@gmail.com>
Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>,
Tom Herbert <tom@herbertland.com>, Thomas Graf <tgraf@suug.ch>,
Linux Kernel Network Developers <netdev@vger.kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
"David S. Miller" <davem@davemloft.net>
Subject: Re: bpf bounded loops. Was: [flamebait] xdp
Date: Fri, 2 Dec 2016 16:20:16 -0800 [thread overview]
Message-ID: <20161203002015.GB58522@ast-mbp> (raw)
In-Reply-To: <5841CE97.3050302@gmail.com>
On Fri, Dec 02, 2016 at 11:42:15AM -0800, John Fastabend wrote:
> >> As far as pattern search for DNS packets...
> >> it was requested by Cloudflare guys back in March:
> >> https://github.com/iovisor/bcc/issues/471
> >> and it is useful for several tracing use cases as well.
> >> Unfortunately no one had time to implement it yet.
> >
> > The string operations you proposed on the other hand, which would count
> > as one eBPF instructions, would give a lot more flexibility and allow
> > more cycles to burn, but don't help parsing binary protocols like IPv6
> > extension headers.
these are two separate things. we need pattern search regardless
of bounded loops. bpf program shouldn't be doing any complicated
algorithms. The main reasons to have loops are:
- speed up execution (smaller I-cache footprint)
- avoid forcing compiler to unroll loops (easier for users)
- support loops where unroll is not possible (like example below)
> My rough thinking on this was the verifier had to start looking for loop
> invariants and to guarantee termination. Sounds scary in general but
> LLVM could put these in some normal form for us and the verifier could
> only accept decreasing loops, the invariants could be required to be
> integers, etc. By simplifying the loop enough the problem becomes
> tractable.
yep. I think what Hannes was proposing earlier is straighforward
to implement for a compiler guy. The following:
for (int i = 0; i < (var & 0xff); i++)
sum += map->value[i]; /* map value_size >= 0xff */
is obviously bounded and dataflow analysis can easily prove
that all memory operations are valid.
Static analysis tools do way way more than this.
> I think this would be better than new instructions and/or multiple
> verifiers.
agree that it's better than new instructions that would have
required JIT changes. Though there are pros to new insns too :)
next prev parent reply other threads:[~2016-12-03 0:20 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-01 9:11 [flamebait] xdp, well meaning but pointless Florian Westphal
2016-12-01 13:42 ` Hannes Frederic Sowa
2016-12-01 14:58 ` Thomas Graf
2016-12-01 15:52 ` Hannes Frederic Sowa
2016-12-01 16:28 ` Thomas Graf
2016-12-01 20:44 ` Hannes Frederic Sowa
2016-12-01 21:12 ` Tom Herbert
2016-12-01 21:27 ` Hannes Frederic Sowa
2016-12-01 21:51 ` Tom Herbert
2016-12-02 10:24 ` Jesper Dangaard Brouer
2016-12-02 11:54 ` Hannes Frederic Sowa
2016-12-02 16:59 ` Tom Herbert
2016-12-02 18:12 ` Hannes Frederic Sowa
2016-12-02 19:56 ` Stephen Hemminger
2016-12-02 20:19 ` Tom Herbert
2016-12-02 18:39 ` bpf bounded loops. Was: [flamebait] xdp Alexei Starovoitov
2016-12-02 19:25 ` Hannes Frederic Sowa
2016-12-02 19:42 ` John Fastabend
2016-12-02 19:50 ` Hannes Frederic Sowa
2016-12-03 0:20 ` Alexei Starovoitov [this message]
2016-12-03 9:11 ` Sargun Dhillon
2016-12-02 19:42 ` Hannes Frederic Sowa
2016-12-02 23:34 ` Alexei Starovoitov
2016-12-04 16:05 ` [flamebait] xdp Was: " Hannes Frederic Sowa
2016-12-06 3:05 ` Alexei Starovoitov
2016-12-06 5:08 ` Tom Herbert
2016-12-06 6:04 ` Alexei Starovoitov
2016-12-05 16:40 ` Edward Cree
2016-12-05 16:50 ` Hannes Frederic Sowa
2016-12-05 16:54 ` Edward Cree
2016-12-06 11:35 ` Hannes Frederic Sowa
2016-12-01 16:06 ` [flamebait] xdp, well meaning but pointless Florian Westphal
2016-12-01 16:19 ` David Miller
2016-12-01 16:51 ` Florian Westphal
2016-12-01 17:20 ` Hannes Frederic Sowa
[not found] ` <CALx6S35R_ZStV=DbD-7Gf_y5xXqQq113_6m5p-p0GQfv46v0Ow@mail.gmail.com>
2016-12-01 18:02 ` Tom Herbert
2016-12-02 17:22 ` Jesper Dangaard Brouer
2016-12-03 16:19 ` Willem de Bruijn
2016-12-03 19:48 ` John Fastabend
2016-12-05 11:04 ` Jesper Dangaard Brouer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161203002015.GB58522@ast-mbp \
--to=alexei.starovoitov@gmail.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=hannes@stressinduktion.org \
--cc=john.fastabend@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
--cc=tom@herbertland.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).