lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 16 Aug 2022 15:00:56 -0700
From:   Andrii Nakryiko <andrii.nakryiko@...il.com>
To:     Hao Luo <haoluo@...gle.com>
Cc:     linux-kernel@...r.kernel.org, bpf@...r.kernel.org,
        netdev@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>,
        Andrii Nakryiko <andrii@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <martin.lau@...ux.dev>,
        Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
        KP Singh <kpsingh@...nel.org>,
        John Fastabend <john.fastabend@...il.com>,
        Stanislav Fomichev <sdf@...gle.com>,
        Yosry Ahmed <yosryahmed@...gle.com>,
        Jiri Olsa <jolsa@...nel.org>
Subject: Re: [PATCH bpf-next] libbpf: allow disabling auto attach

On Tue, Aug 16, 2022 at 2:49 PM Hao Luo <haoluo@...gle.com> wrote:
>
> Add libbpf APIs for disabling auto-attach for individual functions.
> This is motivated by the use case of cgroup iter [1]. Some iter
> types require their parameters to be non-zero, therefore applying
> auto-attach on them will fail. With these two new APIs, Users who
> want to use auto-attach and these types of iters can disable
> auto-attach for them and perform manual attach.
>
> [1] https://lore.kernel.org/bpf/CAEf4BzZ+a2uDo_t6kGBziqdz--m2gh2_EUwkGLDtMd65uwxUjA@mail.gmail.com/
>
> Signed-off-by: Hao Luo <haoluo@...gle.com>
> ---
>  tools/lib/bpf/libbpf.c | 16 ++++++++++++++++
>  tools/lib/bpf/libbpf.h |  2 ++
>  2 files changed, 18 insertions(+)
>
> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> index aa05a99b913d..25f654d25b46 100644
> --- a/tools/lib/bpf/libbpf.c
> +++ b/tools/lib/bpf/libbpf.c
> @@ -417,6 +417,7 @@ struct bpf_program {
>
>         int fd;
>         bool autoload;
> +       bool autoattach;
>         bool mark_btf_static;
>         enum bpf_prog_type type;
>         enum bpf_attach_type expected_attach_type;
> @@ -755,6 +756,8 @@ bpf_object__init_prog(struct bpf_object *obj, struct bpf_program *prog,
>                 prog->autoload = true;
>         }
>
> +       prog->autoattach = true;
> +
>         /* inherit object's log_level */
>         prog->log_level = obj->log_level;
>
> @@ -8314,6 +8317,16 @@ int bpf_program__set_autoload(struct bpf_program *prog, bool autoload)
>         return 0;
>  }
>
> +bool bpf_program__autoattach(const struct bpf_program *prog)
> +{
> +       return prog->autoattach;
> +}
> +
> +void bpf_program__set_autoattach(struct bpf_program *prog, bool autoattach)
> +{
> +       prog->autoattach = autoattach;
> +}
> +
>  const struct bpf_insn *bpf_program__insns(const struct bpf_program *prog)
>  {
>         return prog->insns;
> @@ -12349,6 +12362,9 @@ int bpf_object__attach_skeleton(struct bpf_object_skeleton *s)
>                 if (!prog->autoload)
>                         continue;
>
> +               if (!prog->autoattach)
> +                       continue;
> +

nit: I'd combine as if (!prog->autoload || !prog->autoattach), they
are very coupled in this sense

>                 /* auto-attaching not supported for this program */
>                 if (!prog->sec_def || !prog->sec_def->prog_attach_fn)
>                         continue;
> diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h
> index 61493c4cddac..88a1ac34b12a 100644
> --- a/tools/lib/bpf/libbpf.h
> +++ b/tools/lib/bpf/libbpf.h
> @@ -260,6 +260,8 @@ LIBBPF_API const char *bpf_program__name(const struct bpf_program *prog);
>  LIBBPF_API const char *bpf_program__section_name(const struct bpf_program *prog);
>  LIBBPF_API bool bpf_program__autoload(const struct bpf_program *prog);
>  LIBBPF_API int bpf_program__set_autoload(struct bpf_program *prog, bool autoload);
> +LIBBPF_API bool bpf_program__autoattach(const struct bpf_program *prog);
> +LIBBPF_API void bpf_program__set_autoattach(struct bpf_program *prog, bool autoattach);

please add these APIs to libbpf.map as well

it would be also nice to have a simple test validating that skeleton's
auto-attach doesn't attach program (no link will be created) if
bpf_program__set_autoattach(false) is called before. Can you please
add that as well?

>
>  struct bpf_insn;
>
> --
> 2.37.1.595.g718a3a8f04-goog
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ