Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754269AbdHUVXy (ORCPT ); Mon, 21 Aug 2017 17:23:54 -0400 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:55425 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753923AbdHUVXv (ORCPT ); Mon, 21 Aug 2017 17:23:51 -0400 Subject: Re: [PATCH v3 net-next] bpf/verifier: track liveness for pruning To: Daniel Borkmann , Edward Cree , , Alexei Starovoitov References: <89ff34f7-84ee-0e0a-3766-5b4d046189bf@fb.com> <5d4e12aa-6861-a176-a8cf-a766bbca0a7a@fb.com> <599B4231.3080405@iogearbox.net> <128a84cd-234d-f505-95e2-7561db974981@solarflare.com> <599B49DB.6010008@iogearbox.net> CC: , , iovisor-dev From: Alexei Starovoitov Message-ID: <2c636ee7-ba60-b506-9d37-1fe405c31076@fb.com> Date: Mon, 21 Aug 2017 14:23:29 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <599B49DB.6010008@iogearbox.net> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [2620:10d:c090:200::6:8186] X-ClientProxiedBy: MWHPR22CA0042.namprd22.prod.outlook.com (2603:10b6:300:69::28) To BL2PR15MB0962.namprd15.prod.outlook.com (2603:10b6:201:15::24) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4cc6bbc3-c69c-4758-7079-08d4e8dae088 X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(300000503095)(300135400095)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095);SRVR:BL2PR15MB0962; X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0962;3:f98evgzmxzrrgXSzsp6ZBEt5LwkMIK7TS69xAkrce8ucKTf0x/KAYIjic7bYf5mtoyUrXzbC++sR4qLpoexidC1u52XdJb2f2rl1FZuW1RKwhVCrd6jRmijpVuD6yh+wJ+EnwMSaF7uLoEZk1UIh65xaT4fqEU18lxrqAa31qdcfJEdO/SFyrf1o1NdSYDCT7MTOfqsk0c90m46ucVZbYEgJ6+pvXNbMFzWPKpMjdFyvnfj9QbSjHivriFh4AC/w;25:kEAPZhl7Us3vATowRoyTg/KEOEW69dZCRf0yhiwE30eOWuN4BCEpJv1yulLdHBY5+QbMclK1Us+EnzQVLCUdGFSXn+HK5s+Qalz31Fi/gcrjaoRI+nRgPFO0hLLlaHXsGT+iUlmsNFCpLLKQQjroxA0HktVM1mHAvP7Q928wteJIvZm5iX1wP2ohB5ZERdLKxXoJ/AaXHPp+kOVLZjT7NcK8um+Erx1PTjNaDnyvN2Ukbs8Ps3sytyIYov3DOJ7r/dfJCTtLbVAtWat2ILD8rvS1gxkdw0zMolmMr+ItuF04kwORuYFE86MHXhBSuHLr7hLldWpa9QJf62PFhYqZLA==;31:6imGqGcfL/xJOmyMJZ09KEVeomD6xei5P59WwoMnlPCE90bIV9Yromo6zI9417IxlqOVbHMtEWbZGUXWkq7mTakD5Nfj2YuJY8azDU11XxzO79Ia7bZ40T+MQtiIa6kaAyBDbD21gxJq1UObquHVHOkn+Bi/SYbJ7b0LovJiR3c9LLtY9FCrnWk1SevMd1eO08fJjkNBmu8yOT8QMUTvhw7dqeoflUNW21LEJTOzlUs= X-MS-TrafficTypeDiagnostic: BL2PR15MB0962: X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0962;20:Af/caFbypHRsBbQSCGXgZGTq5ZRcQmBChI4qFqOCrEIXbaccNdS4ZXTJF0Sv5Yzs/wcs9cmMGq6q7ftuqY5jlEAGbHU/MmdA6atvsgdnb1ROGtpVLY1sE5lO8j4TMRoKN+AKrKYyQQ5AOKJ/2i/JlJ5miH2xng5kDZowQC6e2Al0w6fwgDH0qLUY67WmXC01H2rhGaB2/EtGyAwtJsyDK3g+YLlOLP+3t9VTnhwceBWX2YMpPY48Wqv7z811SkbEPZvzzIPaKUtYcsmSe/4z1zG9we++AtIW6VuLx9hu9iLjb///cKHHKNcqgO9oddkGykF5v8dOkfFn5u9y0i1sxsaOl5QERqytFxlnpFtOQz2AHobqjjJxtxubccegHEIf4MhUvySGkbGrj1gAMphJiT/s/jk8AYv2qfh5DwKYJDHZXIT/vRAUOKMQuGdsEC5l3Lmk0qYg88/e89U9TVLWbHhpBKm/ZYnE0VZ17P25xOB74jwJGFBeGFt42r3ScN0w;4:b+bSSsYFxOrjitGdSas7blvGe55DBxW397mfop+UHYS8CEc8R1MFuWvYb0Rj+c4mskq3wOBQutwll2JkaS/shUzCncF8rcAxrhmcKlmbLIPRZtbg7dcKtI9+ODzu7mXWK+yffhGQ75bZA0iLrOpVBNmhxRwdg5PERWk0bOrKR1s3GrL8kdizTtzZ+KM03y991IxNR9rjAe+cym+eYAaYnxpfQdgPtmbpS1JvDNeZDjBb+dQWEV16BPH2xdH0zBsw X-Exchange-Antispam-Report-Test: UriScan:; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(100000703101)(100105400095)(93006095)(93001095)(6041248)(20161123562025)(20161123560025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123555025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:BL2PR15MB0962;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:BL2PR15MB0962; X-Forefront-PRVS: 040655413E X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(7370300001)(4630300001)(6009001)(377454003)(199003)(189002)(24454002)(6116002)(81166006)(8676002)(54356999)(76176999)(50986999)(7350300001)(6666003)(189998001)(81156014)(101416001)(25786009)(42186005)(93886005)(50466002)(1706002)(97736004)(105586002)(230700001)(106356001)(86362001)(478600001)(2906002)(2950100002)(83506001)(36756003)(68736007)(5660300001)(47776003)(7736002)(65826007)(53936002)(33646002)(65956001)(305945005)(65806001)(23676002)(53546010)(6486002)(64126003)(31686004)(229853002)(6246003)(4001350100001)(31696002)(4326008)(42262002);DIR:OUT;SFP:1102;SCL:1;SRVR:BL2PR15MB0962;H:[IPv6:2620:10d:c082:1055:1980:fe71:b585:9fe0];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTDJQUjE1TUIwOTYyOzIzOnBlYWVqQ1ZVVit4SnFQZnNrT1FzZ3VjRFIr?= =?utf-8?B?Q0JJTGlvVDNIdzlEb3RadlludXc2aVZ6b1hCY2JBWGhMbTBNNEkzNk9wWmRL?= =?utf-8?B?djN6aFFnZm02Sm5UWkdjSmhEVUYrZ0QxaXlYK0pGaW44NUE0cXFMLzFPSzNN?= =?utf-8?B?MjdaektLU0FidDZNbVdDRnlYZkJvWlZkT1BCV1lPR25HaDBnNCtoNFdzZzRY?= =?utf-8?B?K3NHWVFiNXVGMUViVlpTT2p3WHNxMEVMT2tkU3BGRmJLeXBRWG9iMFhycFZQ?= =?utf-8?B?R1RvdkZPb2RjdUVJUytXRHc0VEoxSFNCN0RyVWlPYzg0bVFBKzBQUHcwd2Jw?= =?utf-8?B?cDVmTDVoc0NDZjZKdVBoQWFGZHR5WmNReWQ1R0VVT0pQb0xNbFZOV0MvSk85?= =?utf-8?B?NElOTWVPWXZaSS9XcXZ0dFhYeStLODRkRTN4eGFkTGNKSkV1WFI5UmNTZVVp?= =?utf-8?B?TDhHdVA0WFRTdHo3MGlOS3NoanpYTW4zb0NFMGtlZXNWVmkvZlhDSFUyb25l?= =?utf-8?B?YkcwZXZwOXJiaEdmRjM1amdTRHpKeXl0dzA5ZVBuenZSQ0JZd29oWmlYRmpq?= =?utf-8?B?dmxQVGNRQmU1NER1VEMvQSsxckpEL1c0R0lMTk9WM0VKZGNZRHhkQlRnL09s?= =?utf-8?B?d1IzUW5VNnh6N0I0VGcxb21OL3RaT2E1OVFCTlRHUGpaQ0tjVnVZeGRLSThK?= =?utf-8?B?Y3daZy9mdFFRUU5RUW5aenRYYnRudk9jOEdFODNlUWxsN2hMclo0NXloK3ZS?= =?utf-8?B?dVhQTHpCbUJCNnhuNWxnWVg0M1pVZXdJbm9HQktjWmxlcU5MYVhaS2dtbDl0?= =?utf-8?B?cGFSMVpSMFQzVjVpU29RK1pxdWpNYVhWOHZ5bys5NzBNMGtVc3dHNHpKZlk3?= =?utf-8?B?RUxZL3BBc3p2cWY5dXJDZ2MvSEx6N2tsR1VMYnozazBFQVcvMHA2YUFhVlZW?= =?utf-8?B?QmkrRFdVaWJEcEZ1NXlucVE0ZEEyN3JzUWVXd2RramhXZnd3c010QjYxbU1z?= =?utf-8?B?L3R4Q0dqNHdxSzc5QmJVMUFTWnZEYjQrVkFPeWFZVjM0VjFCZHNrUGVna0l1?= =?utf-8?B?WFFjbnJzTExuUmQyZURFWmNCS0x6d2hmUy9jdHdob25UYkJtKzA4MEc0YUI0?= =?utf-8?B?VVVLczRUVGs5MDd5cEtheTVWSzc1UHg1YWE4Skd3dUcrK1JiVy9hOHlZWlVC?= =?utf-8?B?dXB3OEZQVHVsYVg2RFlZOUFPSk5ydHNXN09SblA1M3BJdkoxVGxoS1NxcGZT?= =?utf-8?B?NnFNS3V2cWdLNndVWitkZjJGM1lsWHVpQ3dyV1BYUW1McWhqVXROQktsTGxI?= =?utf-8?B?RklMQXVtbzMySXVjTUR0RDczcXAyajhOYlh5UnlHclR1a2dneE92YUY3ME44?= =?utf-8?B?Zmt2MlFPM3ByQlBKaHVNQU9OVCt6STY3andEeVlsaGZ2R1pyYnhpbWxiNVJC?= =?utf-8?B?NGRMenFRZTBCWDFVYUJwVWppMzF0N2ZnWmxiajlpK2plbHFZUTdRZDA2OTB5?= =?utf-8?B?OXRXYkkwL3JzRnUrSVlOcUFyQ3ZIQ2FpN3BTUzJqVWNITGxVYmI2SDJUOUVz?= =?utf-8?B?cjU2dUZFeWp0RVZwMU5FN0p6Y0JkS2o4RHRGTFIvNGdKVWhRS1dQT2JBSTJ0?= =?utf-8?B?TXp6Zys0aDlqclc4VHNhb2E4cGJHM0d2VGdBRVMvS3J6MzdsVGE5cVRoZnEz?= =?utf-8?B?OFdxNTkyejRyajFRdjRKaHNGUXJBTlA1RmtXcXZucDJoRUs1QjhDQ2MwQ3ZX?= =?utf-8?Q?OVhsIOqZC6JKML2jjQjgHl9O8w5x3x0sW6bsI=3D?= X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0962;6:6gtd7tw58gE6BEDfUe0E++cVXPgWQ7/SiLTpISEc3MOfnS3EIuZ7w5o4pA3SUVxhGo1Q8QW4BsXVrfh10u/B67ZnJpgo1KxOkeJoMkLszOxQJogwrOvriGkKP6+98yhbH9C+MNUKzO9suUu017XXbgCfOduBPYRs5tArqKk7eemGEcCMFh4LFoj6Uq/gWzWq3oyS4QYpvCPBrxmo8E36nnRwOWeV4nubYTJrZhITxhSVjddUlEwUsArubsQBE9tzJ6N8wFt8RcK63hMHsmmZy5l3tUk5C75NzKr5rEavxBwjukgKJqZadDtqVnJZn+7HZXNP+4zNv26fD/NdNG56NQ==;5:MjJkF+sr2kNPFdGFEQ/jEGSQ28t/nfkdVSg0ZEc8Sa8iUO2IcjCwiLaEPHhrEvctVwhckaHzdF9OeREODvswOG4eVcje0TpXAbOk6pc/SaDg3CfyYGpGINs9J3hYvl45XgKCVQHls3oynu4JWkoQyg==;24:a+oGXcC8/yPQQoLFF/wAWaWqzS4Bzl4yras9GByxsKVUES/b3BX82H/MouYR9BbMG3QKANhz0D+wmJVYIb2cXr9uRVUwAtnml3wl8RgQ0JM=;7:ep/omra+MxUP0qpfUOeSn6WmE7lGzGD4mfGrKa3rTJpmtd0Q4scb+HA/R5if0wjClRPemapp18hbMvcuHOunJFsUKm15L02c/T9go4DVb5IH9owufBf2SnyeavNsbatDKW2Xk2/Y5eR+8gBtLzWqJIN59oulP5nQnTvX4Pr8JgxYOKWJj4LN3QC9kM7N48JeYEADzs2DW+U3DdAMXumjJwEbh+3t4BiPXgcr8CmdHWQ= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0962;20:vEBoii1wlEXd/NTBbmtu/ypX5RWqVPOcB0Dx5kAtqEGEx3Jxpi4fYL+1LXkZtXB9Mrv/8loyOp50L6NYypWAdqbq4F+OOLyju2MiPvZwWdYL45O7StIeFXg9y2Totvizhe8mlmnVD7DcP7OU4jjacOu2gg2D81mdZZhqF1PiSlo= X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Aug 2017 21:23:32.4728 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2PR15MB0962 X-OriginatorOrg: fb.com X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-08-21_14:,, signatures=0 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2856 Lines: 62 On 8/21/17 2:00 PM, Daniel Borkmann wrote: > On 08/21/2017 10:44 PM, Edward Cree wrote: >> On 21/08/17 21:27, Daniel Borkmann wrote: >>> On 08/21/2017 08:36 PM, Edward Cree wrote: >>>> On 19/08/17 00:37, Alexei Starovoitov wrote: >>> [...] >>>> I'm tempted to just rip out env->varlen_map_value_access and always >>>> check >>>> the whole thing, because honestly I don't know what it was meant >>>> to do >>>> originally or how it can ever do any useful pruning. While >>>> drastic, it >>>> does cause your test case to pass. >>> >>> Original intention from 484611357c19 ("bpf: allow access into map >>> value arrays") was that it wouldn't potentially make pruning worse >>> if PTR_TO_MAP_VALUE_ADJ was not used, meaning that we wouldn't need >>> to take reg state's min_value and max_value into account for state >>> checking; this was basically due to min_value / max_value is being >>> adjusted/tracked on every alu/jmp ops for involved regs (e.g. >>> adjust_reg_min_max_vals() and others that mangle them) even if we >>> have the case that no actual dynamic map access is used throughout >>> the program. To give an example on net tree, the bpf_lxc.o prog's >>> section increases from 36,386 to 68,226 when >>> env->varlen_map_value_access >>> is always true, so it does have an effect. Did you do some checks >>> on this on net-next? >> I tested with the cilium progs and saw no change in insn count. I >> suspect that for the normal case I already killed this optimisation >> when I did my unification patch, it was previously about ignoring >> min/max values on all regs (including scalars), whereas on net-next >> it only ignores them on map_value pointers; in practice this is >> useless because we tend to still have the offset scalar sitting in >> a register somewhere. (Come to think of it, this may have been >> behind a large chunk of the #insn increase that my patches caused.) > > Yeah, this would seem plausible. > >> Since we use umax_value in find_good_pkt_pointers() now (to check >> against MAX_PACKET_OFF and ensure our reg->range is really ok), we >> can't just stop caring about all min/max values just because we >> haven't done any variable map accesses. >> I don't see a way around this. > > Agree, was thinking the same. If there's not really a regression in > terms of complexity, then lets kill the flag. +1 diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 2489e67b65f6..908d13b2a2aa 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -3582,7 +3582,7 @@ static int do_check(struct bpf_verifier_env *env) init_reg_state(regs); state->parent = NULL; insn_idx = 0; - env->varlen_map_value_access = false; + env->varlen_map_value_access = true; makes _zero_ difference on cilium*.o tests, so let's just kill that workaround.