Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA9FFC6379F for ; Thu, 9 Feb 2023 22:01:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229716AbjBIWBn (ORCPT ); Thu, 9 Feb 2023 17:01:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48310 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230039AbjBIWBg (ORCPT ); Thu, 9 Feb 2023 17:01:36 -0500 Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4E43C66EF6; Thu, 9 Feb 2023 14:01:28 -0800 (PST) Received: by mail-ej1-x631.google.com with SMTP id hx15so10686181ejc.11; Thu, 09 Feb 2023 14:01:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=12EmLmXNPxVlBwqhOstyYyPyvkcnUa7HgYnHDTPPtNE=; b=VlJ35ScMfjK5cUQAGBmGVcnTAuHtfwb/ke2H1l8NFfViNicrUGiQh7hbu/EqVgOJ/5 VLgvb9npmAszqdK3H8E4DdfhEQNHVxHGbCdUO+63RdFECF3TBh7o/6pOOvhxj8EjoQkC 6zZwCQgwSB9LMqPOgywPSKeefXjNV2A6bwgojpyZ/3k9gBRL870oaTNprn/WE0dwkxKv 539yOjP8uezXZe8sTutqBHz2ASYxJzRVQ70Ma53irQRAjyW9oS3U3u8orouGlgHFORSi iZhfr5++lvrlYhacDuhkF/oVvFyZbilzrTFJGx/SeSvRJUvdh9sdEbv0msMn5/gUsOtP IPyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=12EmLmXNPxVlBwqhOstyYyPyvkcnUa7HgYnHDTPPtNE=; b=OkoCU7+ycY3jo/Cb2AuCOb+xvNjuS9Z6YK8CstegsLn59JXrDfHoFsd4zC6Trq8lrN w0p1B1gDgILAZJVmdaiQ06Kvul+KYPeN08ZCka/q+6DfHPG1LVBy4o8TWhhS58CcWtaj coR+K6v18RPhXe8XZmj9AKhj6Gl/eoEm/EJfgQOmizQ0TLJ3wrcMGmck7TEgDRoZwTf7 DlC7QT7N9xUn9UhYe75CMGdUVnrmcBuNvCV24zkafXphxc/ebSNPbtuYqxb3vxMrpQ+t ZAtszslnMWvTDbQ23tnS8iedQwp06SnBC9HnmSLV5VpVrWg/WaJQmKLZDU35wiUkRT+S A8Qg== X-Gm-Message-State: AO0yUKXWKxSsaQy6UB/BIaxXkQiJZ+aQghiJSlVF3k562Awp6FldFDUX Admu8fo3R+81LhpkYzfcp2R+gb4J8tsf26MKff8= X-Google-Smtp-Source: AK7set+ng9pmkzKqIxaS7qA6X4EwNgcgxsLiahOVc2y/+PRfgUFnkEXjaeRFkczOkKCB8xLLHVP05GF+ZrJsP4YTQ1o= X-Received: by 2002:a17:906:eb8f:b0:878:786e:8c39 with SMTP id mh15-20020a170906eb8f00b00878786e8c39mr2945087ejb.105.1675980086713; Thu, 09 Feb 2023 14:01:26 -0800 (PST) MIME-Version: 1.0 References: <20230209192337.never.690-kees@kernel.org> <63e5521a.170a0220.297d7.3a80@mx.google.com> <63e561d8.a70a0220.250aa.3eb9@mx.google.com> In-Reply-To: <63e561d8.a70a0220.250aa.3eb9@mx.google.com> From: Alexei Starovoitov Date: Thu, 9 Feb 2023 14:01:15 -0800 Message-ID: Subject: Re: [PATCH] bpf: Deprecate "data" member of bpf_lpm_trie_key To: Kees Cook Cc: Andrii Nakryiko , Alexei Starovoitov , Stanislav Fomichev , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Hao Luo , Jiri Olsa , Mykola Lysenko , Shuah Khan , Haowen Bai , bpf , "open list:KERNEL SELFTEST FRAMEWORK" , "David S. Miller" , Jakub Kicinski , Jesper Dangaard Brouer , Nathan Chancellor , Nick Desaulniers , Tom Rix , LKML , Network Development , clang-built-linux , linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 9, 2023 at 1:12 PM Kees Cook wrote: > > On Thu, Feb 09, 2023 at 12:50:28PM -0800, Alexei Starovoitov wrote: > > On Thu, Feb 9, 2023 at 12:05 PM Kees Cook wrote: > > > > > > On Thu, Feb 09, 2023 at 11:52:10AM -0800, Andrii Nakryiko wrote: > > > > Do we need to add a new type to UAPI at all here? We can make this new > > > > struct internal to kernel code (e.g. struct bpf_lpm_trie_key_kern) and > > > > point out that it should match the layout of struct bpf_lpm_trie_key. > > > > User-space can decide whether to use bpf_lpm_trie_key as-is, or if > > > > just to ensure their custom struct has the same layout (I see some > > > > internal users at Meta do just this, just make sure that they have > > > > __u32 prefixlen as first member). > > > > > > The uses outside the kernel seemed numerous enough to justify a new UAPI > > > struct (samples, selftests, etc). It also paves a single way forward > > > when the userspace projects start using modern compiler options (e.g. > > > systemd is usually pretty quick to adopt new features). > > > > I don't understand how the new uapi struct bpf_lpm_trie_key_u8 helps. > > cilium progs and progs/map_ptr_kern.c > > cannot do s/bpf_lpm_trie_key/bpf_lpm_trie_key_u8/. > > They will fail to build, so they're stuck with bpf_lpm_trie_key. > > Right -- I'm proposing not changing bpf_lpm_trie_key. I'm proposing > _adding_ bpf_lpm_trie_key_u8 for new users who will be using modern > compiler options (i.e. where "data[0]" is nonsense). > > > Can we do just > > struct bpf_lpm_trie_key_kern { > > __u32 prefixlen; > > __u8 data[]; > > }; > > and use it in the kernel? > > Yeah, I can do that if that's preferred, but it leaves userspace hanging > when they eventually trip over this in their code when they enable > -fstrict-flex-arrays=3 too. > > > What is the disadvantage? > > It seemed better to give a working example of how to migrate this code. I understand and agree with intent, but I'm still missing how you're going to achieve this migration. bpf_lpm_trie_key_u8 doesn't provide a migration path to cilium progs and pretty much all bpf progs that use LPM map. Sure, one can change the user space part, like you did in test_lpm_map.c, but it doesn't address the full scope. imo half way is worse than not doing it.