Comments (3)
rlane
commented on July 22, 2024
How much performance cost do these options have? The complexity of the masking approach seems high.
from ubpf.
Alan-Jowett
commented on July 22, 2024
Yes, unfortunately there is a cost associated with the lfence. Ideally we would only put them on dependent reads, but tracking that is highly complex.
Goal for this and the constant blinding is to allow low-privilege users to install BPF programs in kernel with out compromising security.
from ubpf.
Alan-Jowett
commented on July 22, 2024
This was done via retpolines instead.
from ubpf.
Related Issues (20)
- MAX_EXT_FUNCS seems to be too small HOT 1
- Missing support for atomic instructions
- ubpf_load fails to validate immediate offset when computing jump targets
- Memory out-of-bound access in the ubpf_fetch_instruction when executing unterminated eBPF program HOT 1
- Incorrect boundary check leading to the out-of-bound memory access HOT 1
- Missing boundary check for load/store in JIT compiler HOT 1
- Incorrect exit implementation in JIT compiler HOT 1
- Incorrect CALL code generation (emit_local_call) in JIT compiler HOT 1
- uBPF interpreter has incorrect behavior for jump with immediate values > 0x7fffffff HOT 2
- uBPF emits wrong instructions for register to register multiplication/division/modulo operations if immediate != 0
- x64 JIT emit wrong jump target when target is at start of byte code
- 32bit ALU operations fail to truncate target register
- Recursive local call causes uBPF JIT to crash HOT 1
- Jump target for PC 0 is wrong
- Crash if call target is not start of a function HOT 1
- Crash on computing required stack size for inner most nested local-call
- Fix code scanning alert - Wrong type of arguments to formatting function
- Fix code scanning alert - Multiplication result converted to larger type
- LE16 fails to truncate register value HOT 2
- Potential dereference of `nullptr` in libfuzzer harness?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ubpf.