bpf: write back the verifier log buffer as it gets filled - BMC/Intel-BMC/linux.git - Intel OpenBMC Linux kernel source tree (mirror)

diff options

author	Jakub Kicinski <jakub.kicinski@netronome.com>	2017-10-09 20:30:15 +0300
committer	David S. Miller <davem@davemloft.net>	2017-10-10 22:30:16 +0300
commit	a2a7d5701052542cd2260e7659b12443e0a74733 (patch)
tree	f879063be29de0e6d7435759db62f0157c7773ff /virt
parent	d66f2b91f95b56e31772b9faa0d036cd2e53cb02 (diff)
download	linux-a2a7d5701052542cd2260e7659b12443e0a74733.tar.xz

bpf: write back the verifier log buffer as it gets filled

Verifier log buffer can be quite large (up to 16MB currently). As Eric Dumazet points out if we allow multiple verification requests to proceed simultaneously, malicious user may use the verifier as a way of allocating large amounts of unswappable memory to OOM the host. Switch to a strategy of allocating a smaller buffer (1024B) and writing it out into the user buffer after every print. While at it remove the old BUG_ON(). This is in preparation of the global verifier lock removal. Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by: Simon Horman <simon.horman@netronome.com> Acked-by: Alexei Starovoitov <ast@kernel.org> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to 'virt')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: