| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201215155715.GA2541@veeam.com>
Date: Tue, 15 Dec 2020 18:57:15 +0300
From: Sergei Shtepa <sergei.shtepa@...am.com>
To: Bob Liu <bob.liu@...cle.com>
CC: Hannes Reinecke <hare@...e.de>, Jens Axboe <axboe@...nel.dk>,
Mike Snitzer <snitzer@...hat.com>, "hch@....de" <hch@....de>,
"johannes.thumshirn@....com" <johannes.thumshirn@....com>,
"koct9i@...il.com" <koct9i@...il.com>,
"ming.lei@...hat.com" <ming.lei@...hat.com>,
"josef@...icpanda.com" <josef@...icpanda.com>,
"steve@....org" <steve@....org>,
"linux-block@...r.kernel.org" <linux-block@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Pavel Tide <Pavel.TIde@...am.com>,
"dm-devel@...hat.com" <dm-devel@...hat.com>
Subject: Re: [PATCH 0/3] block: blk_interposer - Block Layer Interposer
The 12/15/2020 09:51, Bob Liu wrote:
> Hi Folks,
>
> On 12/12/20 12:56 AM, Hannes Reinecke wrote:
> > On 12/11/20 5:33 PM, Jens Axboe wrote:
> >> On 12/11/20 9:30 AM, Mike Snitzer wrote:
> >>> While I still think there needs to be a proper _upstream_ consumer of
> >>> blk_interposer as a condition of it going in.. I'll let others make the
> >>> call.
> >>
> >> That's an unequivocal rule.
> >>
> >>> As such, I'll defer to Jens, Christoph and others on whether your
> >>> minimalist blk_interposer hook is acceptable in the near-term.
> >>
> >> I don't think so, we don't do short term bandaids just to plan on
> >> ripping that out when the real functionality is there. IMHO, the dm
> >> approach is the way to go - it provides exactly the functionality that
> >> is needed in an appropriate way, instead of hacking some "interposer"
> >> into the core block layer.
> >>
> > Which is my plan, too.
> >
> > I'll be working with the Veeam folks to present a joint patchset (including the DM bits) for the next round.
> >
>
> Besides the dm approach, do you think Veeam's original requirement is a good
> use case of "block/bpf: add eBPF based block layer IO filtering"?
> https://lwn.net/ml/bpf/20200812163305.545447-1-leah.rumancik@gmail.com/
>
> Thanks,
> Bob
Hi Bob.
Thank you for your message.
I looked at your patch - it's interesting, but I have a few comments.
1.
#ifdef CONFIG_BPF_IO_FILTER
struct bpf_prog_array __rcu *progs;
struct mutex io_filter_lock;
#endif
For DM and blk-snap to work, it is necessary that there is always
the possibility of interception.
2.
We could get rid of the io_filter_lock lock if we do attach/detach while
the queue is stopped. And __rcu for *progs, can not use either.
3.
int io_filter_bpf_run(struct bio *bio)
{
struct bpf_io_request io_req = {
.sector_start = bio->bi_iter.bi_sector,
.sector_cnt = bio_sectors(bio),
.opf = bio->bi_opf,
};
return BPF_PROG_RUN_ARRAY_CHECK(bio->bi_disk->progs, &io_req, BPF_PROG_RUN);
}
Allows to get little information. It will not allow to work with the bios`s data.
blk_interposer allows to get full access to bio.
For use in the DM, we must also be able to add new bio's.
Summary:
For device-mapper purposes, bpf_io_filter is not suitable.
bpf_io_filter in this form is probably convenient to use for monitoring and
studying the block layer.
For the security task, I would suggest making a separate module and using
blk_interposer to intercept bio requests. This will give more flexible
functionality and better performance.
--
Sergei Shtepa
Veeam Software developer.
Powered by blists - more mailing lists