Re: [PATCH v2 net-next 1/2] bpf: allow extended BPF programs access skb fields

[Daniel Borkmann]

On 03/14/2015 04:55 PM, Alexei Starovoitov wrote:
...
> so from there I saw two options: either copy paste all
> build_bug_on and have the same *insn=... and build_bug_on in
> two places or consolidate them in single helper function.
> Obviously single helper function is a preferred method.
> I'm not sure what are you still arguing about.

I'm repeating myself here, but fair enough. To me the v1
code in sk_filter_convert_ctx_access() was more sound. So
taking out the ifindex issue, that's 4 BUILD_BUG_ON()s in
addition.

I actually think the current filter code is in a reasonable
shape. convert_bpf_extensions() is full of BPF to eBPF
conversions, so going over convert_bpf_extensions() some of
them would now use convert_skb_access(), some other ``skb
accesses''use macros directly in place, the reading-flow of
this code now is inconsistent to me and it would have been
more sound if that's just left as is in convert_bpf_extensions().

I'm all for consolidating code, don't get me wrong, but I
think this exception would be better for above sake. That's
all I'm trying to say. I understand you're of exact opposite
opinion, so I guess it's pointless for me to comment any
further on this.

Thanks,
Daniel
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/