From: Thomas Gleixner <tglx@linutronix.de>
To: Dmitrii Banshchikov <me@ubique.spb.ru>, bpf@vger.kernel.org
Cc: Dmitrii Banshchikov <me@ubique.spb.ru>,
ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org,
kafai@fb.com, songliubraving@fb.com, yhs@fb.com,
john.fastabend@gmail.com, kpsingh@kernel.org,
netdev@vger.kernel.org, rdna@fb.com,
syzbot+43fd005b5a1b4d10781e@syzkaller.appspotmail.com
Subject: Re: [PATCH bpf v2 1/2] bpf: Forbid bpf_ktime_get_coarse_ns and bpf_timer_* in tracing progs
Date: Tue, 16 Nov 2021 03:02:03 +0100 [thread overview]
Message-ID: <87o86k6ep0.ffs@tglx> (raw)
In-Reply-To: <20211113142227.566439-2-me@ubique.spb.ru>
Dmitrii.
On Sat, Nov 13 2021 at 18:22, Dmitrii Banshchikov wrote:
> Use of bpf_ktime_get_coarse_ns() and bpf_timer_* helpers in tracing
> progs may result in locking issues.
"may result in locking issues"? There is no 'may'. This is simply a matter
of fact that this can and will result in deadlocks. Please spell it out.
It's a bug, so what. Why do you need to whitewash it?
.
> @@ -4632,6 +4632,9 @@ union bpf_attr {
> * system boot, in nanoseconds. Does not include time the system
> * was suspended.
> *
> + * Tracing programs cannot use **bpf_ktime_get_coarse_ns**\() (but
> + * this may change in the future).
Sorry no. This is a bug fix and there is no place for 'may change in the
future' nonsense. It's simply not possible right now and unless you have
a plan to make this work backed up by actual patches this comment is
worse than wishful thinking.
> + *
> * See: **clock_gettime**\ (**CLOCK_MONOTONIC_COARSE**)
> * Return
> * Current *ktime*.
> @@ -4804,6 +4807,9 @@ union bpf_attr {
> * All other bits of *flags* are reserved.
> * The verifier will reject the program if *timer* is not from
> * the same *map*.
> + *
> + * Tracing programs cannot use **bpf_timer_init**\() (but this may
> + * change in the future).
This is even worse than the above because it cannot happen ever. Please
stop this nonsensical wishful thinking crap. It does not add any value,
it just adds confusion.
Timers will have to take spinlocks no matter what even if the kernel has
been reimplemented in BPF someday. Tracing happens at any arbitrary
place which includes places inisde locked sections. So what are you
hallucinating about?
I completely understand that you are all enthused about the "unlimited"
power of BPF, but please take a step back and understand that BPF has
very well defined limitations as any other instrumentation facility has.
That said, I agree with the code changes but I vehemently NAK comments
which are built on wishful thinking or worse.
Thanks,
tglx
next prev parent reply other threads:[~2021-11-16 2:04 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-13 14:22 [PATCH bpf v2 0/2] Forbid bpf_ktime_get_coarse_ns and bpf_timer_* in tracing progs Dmitrii Banshchikov
2021-11-13 14:22 ` [PATCH bpf v2 1/2] bpf: " Dmitrii Banshchikov
2021-11-16 2:02 ` Thomas Gleixner [this message]
2021-11-16 4:44 ` Alexei Starovoitov
2021-11-13 14:22 ` [PATCH bpf v2 2/2] selftests/bpf: Add tests for restricted helpers Dmitrii Banshchikov
2021-11-14 18:38 ` [PATCH bpf v2 0/2] Forbid bpf_ktime_get_coarse_ns and bpf_timer_* in tracing progs Alexei Starovoitov
2021-11-16 2:18 ` Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o86k6ep0.ffs@tglx \
--to=tglx@linutronix.de \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=kpsingh@kernel.org \
--cc=me@ubique.spb.ru \
--cc=netdev@vger.kernel.org \
--cc=rdna@fb.com \
--cc=songliubraving@fb.com \
--cc=syzbot+43fd005b5a1b4d10781e@syzkaller.appspotmail.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.