Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id ADFD1C636D6 for ; Thu, 9 Feb 2023 21:13:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229958AbjBIVNF (ORCPT ); Thu, 9 Feb 2023 16:13:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55628 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229930AbjBIVNC (ORCPT ); Thu, 9 Feb 2023 16:13:02 -0500 Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2B93A5A900 for ; Thu, 9 Feb 2023 13:12:57 -0800 (PST) Received: by mail-pf1-x42f.google.com with SMTP id o75so2185989pfg.12 for ; Thu, 09 Feb 2023 13:12:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=in-reply-to:content-disposition:mime-version:references:subject:cc :to:from:date:message-id:from:to:cc:subject:date:message-id:reply-to; bh=AqSTz/L2alBL8Zj/w06cTvAyC9XT2IgrPGAqFADFHi0=; b=KdS+mAi5gsRaVPGoK617ANR5OX6QG8JRM3peX4uIGjprw1lEV7xVqfHIsOrhTS3Sn7 0JXXR72Jw3pkEk0FkcSWenr1w/jcYTbv29RMz55f4gnS4ENmATbGo7QXBczxBPJNb9x0 mBTc5Epwdz2sAdll0YC93N+M6LZmJgURKGETU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:subject:cc :to:from:date:message-id:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=AqSTz/L2alBL8Zj/w06cTvAyC9XT2IgrPGAqFADFHi0=; b=KSB9sUA/GcDJt7Co/FpalHlR+LUxTxyIpfDT9eaFPQBPTFIHeE4A/O5eWQBtl6K6ZQ YxL93R7SW0+M/QGUXa05/F0ZC3k4omwjPe5Xyt7dbIaCvCTlOSRUDfwIFOhfL/sTK8IT 7Bge9enE7GkhpW/sgVbvQw/ytx96oxS1YEMoF/Rh6jnTV/H80a/EDKekz6VIrsRp7Hao T73E0KHgqZwRLh0IDsivkgbP4VIy8F6zd0C8Rei9RahRvV5Udh5J4m73TKnax1Mkmekr 1xPmyZINW2j5gVvbH+3GhtTuje3geJ89fBhZYOBeB8wNYm3r9b3h9Oxpe1y3g4i6/j5u 5OhQ== X-Gm-Message-State: AO0yUKXQ0oVzNU56lkVFYxGdvl7oxxZBuOrWN3qyJ/h79GzYMG/bZofE XA1bENTO8gZDVHWQM99NGNKg+A== X-Google-Smtp-Source: AK7set/jpeO1CmdqClAOg42qN1DNmiq4fZbFjASTnEdfDr6YLfdRrL2Nv+VwLEIAjZL9+aVp7XiVvg== X-Received: by 2002:aa7:96b0:0:b0:5a8:65dd:2be with SMTP id g16-20020aa796b0000000b005a865dd02bemr1797059pfk.1.1675977176664; Thu, 09 Feb 2023 13:12:56 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id z9-20020aa791c9000000b0059416691b64sm1961431pfa.19.2023.02.09.13.12.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 09 Feb 2023 13:12:56 -0800 (PST) Message-ID: <63e561d8.a70a0220.250aa.3eb9@mx.google.com> X-Google-Original-Message-ID: <202302091310.@keescook> Date: Thu, 9 Feb 2023 13:12:55 -0800 From: Kees Cook To: Alexei Starovoitov Cc: Andrii Nakryiko , Alexei Starovoitov , Stanislav Fomichev , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Hao Luo , Jiri Olsa , Mykola Lysenko , Shuah Khan , Haowen Bai , bpf , "open list:KERNEL SELFTEST FRAMEWORK" , "David S. Miller" , Jakub Kicinski , Jesper Dangaard Brouer , Nathan Chancellor , Nick Desaulniers , Tom Rix , LKML , Network Development , clang-built-linux , linux-hardening@vger.kernel.org Subject: Re: [PATCH] bpf: Deprecate "data" member of bpf_lpm_trie_key References: <20230209192337.never.690-kees@kernel.org> <63e5521a.170a0220.297d7.3a80@mx.google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 09, 2023 at 12:50:28PM -0800, Alexei Starovoitov wrote: > On Thu, Feb 9, 2023 at 12:05 PM Kees Cook wrote: > > > > On Thu, Feb 09, 2023 at 11:52:10AM -0800, Andrii Nakryiko wrote: > > > Do we need to add a new type to UAPI at all here? We can make this new > > > struct internal to kernel code (e.g. struct bpf_lpm_trie_key_kern) and > > > point out that it should match the layout of struct bpf_lpm_trie_key. > > > User-space can decide whether to use bpf_lpm_trie_key as-is, or if > > > just to ensure their custom struct has the same layout (I see some > > > internal users at Meta do just this, just make sure that they have > > > __u32 prefixlen as first member). > > > > The uses outside the kernel seemed numerous enough to justify a new UAPI > > struct (samples, selftests, etc). It also paves a single way forward > > when the userspace projects start using modern compiler options (e.g. > > systemd is usually pretty quick to adopt new features). > > I don't understand how the new uapi struct bpf_lpm_trie_key_u8 helps. > cilium progs and progs/map_ptr_kern.c > cannot do s/bpf_lpm_trie_key/bpf_lpm_trie_key_u8/. > They will fail to build, so they're stuck with bpf_lpm_trie_key. Right -- I'm proposing not changing bpf_lpm_trie_key. I'm proposing _adding_ bpf_lpm_trie_key_u8 for new users who will be using modern compiler options (i.e. where "data[0]" is nonsense). > Can we do just > struct bpf_lpm_trie_key_kern { > __u32 prefixlen; > __u8 data[]; > }; > and use it in the kernel? Yeah, I can do that if that's preferred, but it leaves userspace hanging when they eventually trip over this in their code when they enable -fstrict-flex-arrays=3 too. > What is the disadvantage? It seemed better to give a working example of how to migrate this code. Regardless, I can just make this specific to the kernel code if that's what's wanted. -- Kees Cook