From: Alexei Starovoitov <alexei.starovoitov@gmail.com>
To: Daniel Borkmann <daniel@iogearbox.net>
Cc: "Maciej Fijalkowski" <maciej.fijalkowski@intel.com>,
"Alexei Starovoitov" <ast@kernel.org>, bpf <bpf@vger.kernel.org>,
"Network Development" <netdev@vger.kernel.org>,
"Björn Töpel" <bjorn.topel@intel.com>,
"Karlsson, Magnus" <magnus.karlsson@intel.com>
Subject: Re: [PATCH v7 bpf-next 7/7] selftests: bpf: add dummy prog for bpf2bpf with tailcall
Date: Tue, 15 Sep 2020 08:48:19 -0700 [thread overview]
Message-ID: <CAADnVQJoCXa90Pvkm5xyNAR3cHGx+0YO58hHOnq+LsiQuJMBiQ@mail.gmail.com> (raw)
In-Reply-To: <5bf5a63c-7607-a24d-7e14-e41caa84bfc3@iogearbox.net>
On Tue, Sep 15, 2020 at 8:03 AM Daniel Borkmann <daniel@iogearbox.net> wrote:
>
> On 9/15/20 6:39 AM, Alexei Starovoitov wrote:
> > On Fri, Sep 11, 2020 at 08:59:27PM +0200, Maciej Fijalkowski wrote:
> >> On Thu, Sep 03, 2020 at 12:51:14PM -0700, Alexei Starovoitov wrote:
> >>> On Wed, Sep 02, 2020 at 10:08:15PM +0200, Maciej Fijalkowski wrote:
> [...]
> >>> Could you add few more tests to exercise the new feature more thoroughly?
> >>> Something like tailcall3.c that checks 32 limit, but doing tail_call from subprog.
> >>> And another test that consume non-trival amount of stack in each function.
> >>> Adding 'volatile char arr[128] = {};' would do the trick.
> >>
> >> Yet another prolonged silence from my side, but not without a reason -
> >> this request opened up a Pandora's box.
> >
> > Great catch and thanks to our development practices! As a community we should
> > remember this lesson and request selftests more often than not.
>
> +1, speaking of pandora ... ;-) I recently noticed that we also have the legacy
> ld_abs/ld_ind instructions. Right now check_ld_abs() gates them by bailing out
> if env->subprog_cnt > 1, but that doesn't solve everything given the prog itself
> may not have bpf2bpf calls, but it could get tail-called out of a subprog. We
> need to reject such cases (& add selftests for it), otherwise this would be a
> verifier bypass given they may implicitly exit the program (and then mismatch
> the return type that the verifier was expecting).
Good point. I think it's easier to allow ld_abs though.
The comment in check_ld_abs() is obsolete after gen_ld_abs() was added.
The verifier needs to check that subprog that is doing ld_abs or tail_call
has 'int' return type and check_reference_leak() doesn't error before
ld_abs and before bpf_tail_call.
In that sense doing bpf_tail_call from subprog has the same issues as ld_abs
(reference leaks and int return requirement)
next prev parent reply other threads:[~2020-09-15 22:40 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-02 20:08 [PATCH v7 bpf-next 0/7] bpf: tailcalls in BPF subprograms Maciej Fijalkowski
2020-09-02 20:08 ` [PATCH v7 bpf-next 1/7] bpf, x64: use %rcx instead of %rax for tail call retpolines Maciej Fijalkowski
2020-09-02 20:08 ` [PATCH v7 bpf-next 2/7] bpf: propagate poke descriptors to subprograms Maciej Fijalkowski
2020-09-02 20:08 ` [PATCH v7 bpf-next 3/7] bpf: rename poke descriptor's 'ip' member to 'tailcall_target' Maciej Fijalkowski
2020-09-02 20:08 ` [PATCH v7 bpf-next 4/7] bpf, x64: rework pro/epilogue and tailcall handling in JIT Maciej Fijalkowski
2020-09-02 20:08 ` [PATCH v7 bpf-next 5/7] bpf: limit caller's stack depth 256 for subprogs with tailcalls Maciej Fijalkowski
2020-09-03 19:45 ` Alexei Starovoitov
2020-09-02 20:08 ` [PATCH v7 bpf-next 6/7] bpf: allow for tailcalls in BPF subprograms for x64 JIT Maciej Fijalkowski
2020-09-02 20:08 ` [PATCH v7 bpf-next 7/7] selftests: bpf: add dummy prog for bpf2bpf with tailcall Maciej Fijalkowski
2020-09-03 19:51 ` Alexei Starovoitov
[not found] ` <20200911185927.GA2543@ranger.igk.intel.com>
2020-09-15 4:39 ` Alexei Starovoitov
2020-09-15 15:03 ` Daniel Borkmann
2020-09-15 15:48 ` Alexei Starovoitov [this message]
2020-09-15 16:10 ` Daniel Borkmann
[not found] ` <20200915174551.GA3728@ranger.igk.intel.com>
2020-09-15 18:02 ` Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAADnVQJoCXa90Pvkm5xyNAR3cHGx+0YO58hHOnq+LsiQuJMBiQ@mail.gmail.com \
--to=alexei.starovoitov@gmail.com \
--cc=ast@kernel.org \
--cc=bjorn.topel@intel.com \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=maciej.fijalkowski@intel.com \
--cc=magnus.karlsson@intel.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.