lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 21 Mar 2019 10:57:32 +0100
From:   Alban Crequy <alban@...volk.io>
To:     Jakub Kicinski <jakub.kicinski@...ronome.com>
Cc:     Alban Crequy <alban.crequy@...il.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        netdev <netdev@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Iago López Galeiras <iago@...volk.io>
Subject: Re: [PATCH bpf-next v1 4/7] tools: bpftool: implement map exec command

On Wed, Mar 20, 2019 at 10:23 PM Jakub Kicinski
<jakub.kicinski@...ronome.com> wrote:
>
> On Wed, 20 Mar 2019 18:33:29 +0100, Alban Crequy wrote:
> > From: Alban Crequy <alban@...volk.io>
> >
> > The map exec commands allows to open an existing map and pass the file
> > descriptor to a child process. This enables applications to use an
> > existing BPF map even when they don't support bpffs.
> >
> > Example of usage:
> >     # bpftool map exec pinned /sys/fs/bpf/foo fd 99 cmd -- readlink /proc/self/fd/99
> >     anon_inode:bpf-map
>
> Would you mind telling us a little more about the use for this feature?
> It seems fairly limited.  If it's about probing objects (finding out if
> they are a map or a program) perhaps we can add a command just for that?

I needed to know the name of the map too. I was preparing a demo based
on python bcc tools (opensnoop) but with added feature that requires
using a pinned map, created and maintained externally. At the moment,
the python API for bcc does not support pinning or using external
maps. Ideally, this should be added in the python API (some discussion
on https://github.com/iovisor/bcc/issues/2223) but meanwhile, I use a
workaround by executing bpftool from the python code.

Arguably, my use case is a temporary hack until we have better support
in python bcc. But other tools implements similar commands to pass
file descriptors between processes: "ip netns exec" and "tc exec bpf".
So I think it could be useful for other scripting use cases.

In my demo, I used the two hacks:
- if the pinned map fd is not given to the python script, re-execute
itself with bpftool:
os.execvp("bpftool", ["bpftool", "map", "exec", "pinned", pin_path,
"fd", "90", "cmd", "--"] + sys.argv)
- once we have the fd 90 (number specified above) of the pinned map in
the python script, overwrite the empty fd created by bcc:
os.dup2(90, 6)
I call dup2() between the bpf map creation and the bpf program
creation. To check which map fd to overwrite, I just call
os.system("bpftool map show fd 6...").


Thanks a lot for the reviews. I'll need some time to address it (maybe
a week or 2).

> (I guess bpftool -f isn't really the cleanest way of getting at that
> info.)
>
> > Documentation and bash completion updated as well.
> >
> > Signed-off-by: Alban Crequy <alban@...volk.io>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ