Re: [PATCH] bpf: Replace bpf_lpm_trie_key 0-length array with flexible array

From: Kees Cook
Date: Thu Feb 09 2023 - 12:48:24 EST

Next message: Jacob Pan: "[PATCH v3] iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode"
Previous message: Michael Kelley (LINUX): "RE: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted"
In reply to: Alexei Starovoitov: "Re: [PATCH] bpf: Replace bpf_lpm_trie_key 0-length array with flexible array"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Feb 09, 2023 at 08:55:23AM -0800, Alexei Starovoitov wrote:
> On Thu, Feb 9, 2023 at 8:36 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> > This approach is, perhaps, the best way to go? Besides the selftest,
> > what things in userspace consumes struct bpf_lpm_trie_key?
>
> Plenty of bpf progs use it:
> https://github.com/cilium/cilium/blob/master/bpf/lib/common.h#L352

Thanks for the pointer! Yeah, it seems the "data" member is not
directly used, but is expected to be there for static initializers and
offsetof() use. For example:

cilium:
struct egress_gw_policy_key in_key = {
.lpm_key = { 32 + 24, {} },
.saddr = CLIENT_IP,
.daddr = EXTERNAL_SVC_IP & 0Xffffff,
};

systemd:
ipv6_map_fd = bpf_map_new(
BPF_MAP_TYPE_LPM_TRIE,
offsetof(struct bpf_lpm_trie_key, data) + sizeof(uint32_t)*4,
sizeof(uint64_t),
...

All the others searches in Debian I could find were just copies of UAPI
headers:
https://codesearch.debian.net/search?q=struct+bpf_lpm_trie_key&literal=1&perpkg=1

--
Kees Cook

Next message: Jacob Pan: "[PATCH v3] iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode"
Previous message: Michael Kelley (LINUX): "RE: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted"
In reply to: Alexei Starovoitov: "Re: [PATCH] bpf: Replace bpf_lpm_trie_key 0-length array with flexible array"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]