lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250514233931.56961-1-alex-shalimov@yandex-team.ru>
Date: Thu, 15 May 2025 02:39:31 +0300
From: Alexander Shalimov <alex-shalimov@...dex-team.ru>
To: willemdebruijn.kernel@...il.com
Cc: alex-shalimov@...dex-team.ru,
	andrew@...n.ch,
	davem@...emloft.net,
	edumazet@...gle.com,
	jacob.e.keller@...el.com,
	jasowang@...hat.com,
	kuba@...nel.org,
	linux-kernel@...r.kernel.org,
	netdev@...r.kernel.org,
	pabeni@...hat.com
Subject: Re: [PATCH] net/tun: expose queue utilization stats via ethtool

06.05.2025, 22:32, "Willem de Bruijn" <willemdebruijn.kernel@...il.com>:
> Perhaps bpftrace with a kfunc at a suitable function entry point to
> get access to these ring structures.

Thank you for your responses!

Initially, we implemented such monitoring using bpftrace but we were
not satisfied with the need to double-check the structure definitions
in tun.c for each new kernel version.

We attached kprobe to the "tun_net_xmit()" function. This function
gets a "struct net_device" as an argument, which is then explicitly
cast to a tun_struct - "struct tun_struct *tun = netdev_priv(dev)".
However, performing such a cast within bpftrace is difficult because
tun_struct is defined in tun.c - meaning the structure definition
cannot be included directly (not a header file). As a result, we were
forced to add fake "struct tun_struct" and "struct tun_file"
definitions, whose maintenance across kernel versions became
cumbersome (see below). The same problems exists even with kfunc and
btf - we are not able to cast properly netdev to tun_struct.

That’s why we decided to add this functionality directly to the kernel.

Here is an example of bpftrace:

#define NET_DEVICE_TUN_OFFSET 0x900

struct tun_net_device {
    unsigned char padding[NET_DEVICE_TUN_OFFSET]; #such calculation is pain
    struct tun_struct tun;
}

kprobe:tun_net_xmit {
    $skb = (struct sk_buff*) arg0;
    $netdev = $skb->dev;
    $tun_dev = (struct tun_net_device *)arg1;
    $tun = $tun_dev->tun;
   ....
}

Could you please recommend the right way to implement such bpftrace script?
Either better place in kernel for the patch.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ