| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Mar 2022 19:50:30 +0200
From: Roberto Sassu <roberto.sassu@...wei.com>
To: <corbet@....net>, <viro@...iv.linux.org.uk>, <ast@...nel.org>,
<daniel@...earbox.net>, <andrii@...nel.org>, <kpsingh@...nel.org>,
<shuah@...nel.org>, <mcoquelin.stm32@...il.com>,
<alexandre.torgue@...s.st.com>, <zohar@...ux.ibm.com>
CC: <linux-doc@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>,
<netdev@...r.kernel.org>, <bpf@...r.kernel.org>,
<linux-kselftest@...r.kernel.org>,
<linux-stm32@...md-mailman.stormreply.com>,
<linux-arm-kernel@...ts.infradead.org>,
<linux-integrity@...r.kernel.org>,
<linux-security-module@...r.kernel.org>,
<linux-kernel@...r.kernel.org>,
Roberto Sassu <roberto.sassu@...wei.com>
Subject: [PATCH 15/18] bpf-preload: Generate code of kernel module to preload
Since every function is automatically generated and placed to the light
skeleton, the kernel module for preloading an eBPF program is very small
and with a well-defined structure. The only variable part is the path of
the light skeleton.
Introduce the new 'subcommand' module of the 'gen' bpftool command, which
takes the path of the light skeleton to be included in the #include
directive and generates the code of the kernel module to preload the eBPF
program.
Signed-off-by: Roberto Sassu <roberto.sassu@...wei.com>
---
kernel/bpf/preload/bpf_preload_kern.c | 1 +
kernel/bpf/preload/iterators/Makefile | 7 +++--
.../bpf/bpftool/Documentation/bpftool-gen.rst | 8 +++++
tools/bpf/bpftool/bash-completion/bpftool | 4 +++
tools/bpf/bpftool/gen.c | 31 +++++++++++++++++++
5 files changed, 49 insertions(+), 2 deletions(-)
diff --git a/kernel/bpf/preload/bpf_preload_kern.c b/kernel/bpf/preload/bpf_preload_kern.c
index c6d97872225b..048bca3ba499 100644
--- a/kernel/bpf/preload/bpf_preload_kern.c
+++ b/kernel/bpf/preload/bpf_preload_kern.c
@@ -1,4 +1,5 @@
// SPDX-License-Identifier: GPL-2.0
+/* THIS FILE IS AUTOGENERATED! */
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
#include <linux/init.h>
#include <linux/module.h>
diff --git a/kernel/bpf/preload/iterators/Makefile b/kernel/bpf/preload/iterators/Makefile
index d36a822d3e16..9dcad1c5c44b 100644
--- a/kernel/bpf/preload/iterators/Makefile
+++ b/kernel/bpf/preload/iterators/Makefile
@@ -35,17 +35,20 @@ endif
.PHONY: all clean
-all: iterators.lskel.h
+all: iterators.lskel.h bpf_preload_kern.c
clean:
$(call msg,CLEAN)
$(Q)rm -rf $(OUTPUT) iterators
+bpf_preload_kern.c: iterators.lskel.h $(BPFTOOL)
+ $(call msg,GEN-PRELOAD,$@)
+ $(Q)$(BPFTOOL) gen module iterators/iterators.lskel.h $< > ../$@
+
iterators.lskel.h: $(OUTPUT)/iterators.bpf.o | $(BPFTOOL)
$(call msg,GEN-SKEL,$@)
$(Q)$(BPFTOOL) gen skeleton -L -P $< > $@
-
$(OUTPUT)/iterators.bpf.o: iterators.bpf.c $(BPFOBJ) | $(OUTPUT)
$(call msg,BPF,$@)
$(Q)$(CLANG) -g -O2 -target bpf $(INCLUDES) \
diff --git a/tools/bpf/bpftool/Documentation/bpftool-gen.rst b/tools/bpf/bpftool/Documentation/bpftool-gen.rst
index 74bbefa28212..6d29d2b1e4e2 100644
--- a/tools/bpf/bpftool/Documentation/bpftool-gen.rst
+++ b/tools/bpf/bpftool/Documentation/bpftool-gen.rst
@@ -27,6 +27,7 @@ GEN COMMANDS
| **bpftool** **gen skeleton** *FILE* [**name** *OBJECT_NAME*]
| **bpftool** **gen subskeleton** *FILE* [**name** *OBJECT_NAME*]
| **bpftool** **gen min_core_btf** *INPUT* *OUTPUT* *OBJECT* [*OBJECT*...]
+| **bpftool** **gen module** *FILE*
| **bpftool** **gen help**
DESCRIPTION
@@ -195,6 +196,13 @@ DESCRIPTION
Check examples bellow for more information how to use it.
+ **bpftool** **gen module** *FILE*
+ Generate the code of a kernel module including the light
+ skeleton of an eBPF program to preload. The only variable part
+ is the path of the light skeleton. All kernel modules call
+ load_skel() and free_objs_and_skel() respectively in the init
+ and fini module entrypoints.
+
**bpftool gen help**
Print short help message.
diff --git a/tools/bpf/bpftool/bash-completion/bpftool b/tools/bpf/bpftool/bash-completion/bpftool
index 6e433e86fb26..82e8716fd3ad 100644
--- a/tools/bpf/bpftool/bash-completion/bpftool
+++ b/tools/bpf/bpftool/bash-completion/bpftool
@@ -1019,6 +1019,10 @@ _bpftool()
_filedir
return 0
;;
+ module)
+ _filedir
+ return 0
+ ;;
*)
[[ $prev == $object ]] && \
COMPREPLY=( $( compgen -W 'object skeleton subskeleton help min_core_btf' -- "$cur" ) )
diff --git a/tools/bpf/bpftool/gen.c b/tools/bpf/bpftool/gen.c
index af939183f57a..77ab78884285 100644
--- a/tools/bpf/bpftool/gen.c
+++ b/tools/bpf/bpftool/gen.c
@@ -1898,6 +1898,35 @@ static int do_object(int argc, char **argv)
return err;
}
+static int do_module(int argc, char **argv)
+{
+ const char *skeleton_file;
+
+ if (!REQ_ARGS(1)) {
+ usage();
+ return -1;
+ }
+
+ skeleton_file = GET_ARG();
+
+ codegen("\
+ \n\
+ // SPDX-License-Identifier: GPL-2.0 \n\
+ /* THIS FILE IS AUTOGENERATED! */ \n\
+ #define pr_fmt(fmt) KBUILD_MODNAME \": \" fmt \n\
+ #include <linux/init.h> \n\
+ #include <linux/module.h> \n\
+ #include <linux/bpf_preload.h> \n\
+ #include \"%s\" \n\
+ \n\
+ late_initcall(load_skel); \n\
+ module_exit(free_objs_and_skel); \n\
+ MODULE_LICENSE(\"GPL\"); \n\
+ ", skeleton_file);
+
+ return 0;
+}
+
static int do_help(int argc, char **argv)
{
if (json_output) {
@@ -1910,6 +1939,7 @@ static int do_help(int argc, char **argv)
" %1$s %2$s skeleton FILE [name OBJECT_NAME]\n"
" %1$s %2$s subskeleton FILE [name OBJECT_NAME]\n"
" %1$s %2$s min_core_btf INPUT OUTPUT OBJECT [OBJECT...]\n"
+ " %1$s %2$s module SKELETON_FILE\n"
" %1$s %2$s help\n"
"\n"
" " HELP_SPEC_OPTIONS " |\n"
@@ -2508,6 +2538,7 @@ static const struct cmd cmds[] = {
{ "skeleton", do_skeleton },
{ "subskeleton", do_subskeleton },
{ "min_core_btf", do_min_core_btf},
+ { "module", do_module},
{ "help", do_help },
{ 0 }
};
--
2.32.0
Powered by blists - more mailing lists