From: Andrii Nakryiko <andrii.nakryiko@gmail.com>
To: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Cc: Andrii Nakryiko <andriin@fb.com>, bpf <bpf@vger.kernel.org>,
Networking <netdev@vger.kernel.org>,
Alexei Starovoitov <ast@fb.com>,
Daniel Borkmann <daniel@iogearbox.net>,
Kernel Team <kernel-team@fb.com>,
"Paul E . McKenney" <paulmck@kernel.org>,
Jonathan Lemon <jonathan.lemon@gmail.com>
Subject: Re: [PATCH v2 bpf-next 1/7] bpf: implement BPF ring buffer and verifier support for it
Date: Fri, 22 May 2020 11:48:09 -0700 [thread overview]
Message-ID: <CAEf4BzZLYtgZg8caSpMkFf4-NJXQHbiTXhwnY7wnq7qDbgA9Gw@mail.gmail.com> (raw)
In-Reply-To: <20200522010722.2lgagrt6cmw6dzmm@ast-mbp.dhcp.thefacebook.com>
On Thu, May 21, 2020 at 6:07 PM Alexei Starovoitov
<alexei.starovoitov@gmail.com> wrote:
>
> On Sun, May 17, 2020 at 12:57:21PM -0700, Andrii Nakryiko wrote:
> > - if (off < 0 || size < 0 || (size == 0 && !zero_size_allowed) ||
> > - off + size > map->value_size) {
> > - verbose(env, "invalid access to map value, value_size=%d off=%d size=%d\n",
> > - map->value_size, off, size);
> > - return -EACCES;
> > - }
> > - return 0;
> > + if (off >= 0 && size_ok && off + size <= mem_size)
> > + return 0;
> > +
> > + verbose(env, "invalid access to memory, mem_size=%u off=%d size=%d\n",
> > + mem_size, off, size);
> > + return -EACCES;
>
> iirc invalid access to map value is one of most common verifier errors that
> people see when they're use unbounded access. Generalizing it to memory is
> technically correct, but it makes the message harder to decipher.
> What is 'mem_size' ? Without context it is difficult to guess that
> it's actually size of map value element.
> Could you make this error message more human friendly depending on
> type of pointer?
yep, sure, better verifier errors are extremely important, I think
>
> > if (err) {
> > - verbose(env, "R%d min value is outside of the array range\n",
> > + verbose(env, "R%d min value is outside of the memory region\n",
> > regno);
> > return err;
> > }
> > @@ -2518,18 +2527,38 @@ static int check_map_access(struct bpf_verifier_env *env, u32 regno,
> > * If reg->umax_value + off could overflow, treat that as unbounded too.
> > */
> > if (reg->umax_value >= BPF_MAX_VAR_OFF) {
> > - verbose(env, "R%d unbounded memory access, make sure to bounds check any array access into a map\n",
> > + verbose(env, "R%d unbounded memory access, make sure to bounds check any memory region access\n",
> > regno);
> > return -EACCES;
> > }
> > - err = __check_map_access(env, regno, reg->umax_value + off, size,
> > + err = __check_mem_access(env, reg->umax_value + off, size, mem_size,
> > zero_size_allowed);
> > - if (err)
> > - verbose(env, "R%d max value is outside of the array range\n",
> > + if (err) {
> > + verbose(env, "R%d max value is outside of the memory region\n",
> > regno);
>
> I'm not that worried about above three generalizations of errors,
> but if you can make it friendly by describing type of memory region
> I think it will be a plus.
I agree, will update
next prev parent reply other threads:[~2020-05-22 18:48 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-17 19:57 [PATCH v2 bpf-next 0/7] BPF ring buffer Andrii Nakryiko
2020-05-17 19:57 ` [PATCH v2 bpf-next 1/7] bpf: implement BPF ring buffer and verifier support for it Andrii Nakryiko
2020-05-19 12:57 ` kbuild test robot
2020-05-19 23:53 ` kbuild test robot
2020-05-22 0:25 ` Paul E. McKenney
2020-05-22 18:46 ` Andrii Nakryiko
2020-05-25 16:01 ` Paul E. McKenney
2020-05-25 18:45 ` Andrii Nakryiko
2020-05-22 1:07 ` Alexei Starovoitov
2020-05-22 18:48 ` Andrii Nakryiko [this message]
2020-05-25 20:34 ` Andrii Nakryiko
2020-05-17 19:57 ` [PATCH v2 bpf-next 2/7] tools/memory-model: add BPF ringbuf MPSC litmus tests Andrii Nakryiko
2020-05-22 0:34 ` Paul E. McKenney
2020-05-22 18:51 ` Andrii Nakryiko
2020-05-25 23:33 ` Andrii Nakryiko
2020-05-26 3:05 ` Paul E. McKenney
2020-05-17 19:57 ` [PATCH v2 bpf-next 3/7] bpf: track reference type in verifier Andrii Nakryiko
2020-05-22 1:13 ` Alexei Starovoitov
2020-05-22 18:53 ` Andrii Nakryiko
2020-05-17 19:57 ` [PATCH v2 bpf-next 4/7] libbpf: add BPF ring buffer support Andrii Nakryiko
2020-05-22 1:15 ` Alexei Starovoitov
2020-05-22 18:56 ` Andrii Nakryiko
2020-05-17 19:57 ` [PATCH v2 bpf-next 5/7] selftests/bpf: add BPF ringbuf selftests Andrii Nakryiko
2020-05-22 1:20 ` Alexei Starovoitov
2020-05-22 18:58 ` Andrii Nakryiko
2020-05-17 19:57 ` [PATCH v2 bpf-next 6/7] bpf: add BPF ringbuf and perf buffer benchmarks Andrii Nakryiko
2020-05-22 1:21 ` Alexei Starovoitov
2020-05-22 19:07 ` Andrii Nakryiko
2020-05-17 19:57 ` [PATCH v2 bpf-next 7/7] docs/bpf: add BPF ring buffer design notes Andrii Nakryiko
2020-05-22 1:23 ` Alexei Starovoitov
2020-05-22 19:08 ` Andrii Nakryiko
2020-05-25 9:59 ` Alban Crequy
2020-05-25 19:12 ` Andrii Nakryiko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAEf4BzZLYtgZg8caSpMkFf4-NJXQHbiTXhwnY7wnq7qDbgA9Gw@mail.gmail.com \
--to=andrii.nakryiko@gmail.com \
--cc=alexei.starovoitov@gmail.com \
--cc=andriin@fb.com \
--cc=ast@fb.com \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jonathan.lemon@gmail.com \
--cc=kernel-team@fb.com \
--cc=netdev@vger.kernel.org \
--cc=paulmck@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).