lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 11 Jan 2018 16:47:47 -0800
From:   Jakub Kicinski <jakub.kicinski@...ronome.com>
To:     daniel@...earbox.net, alexei.starovoitov@...il.com, kafai@...com
Cc:     oss-drivers@...ronome.com, netdev@...r.kernel.org,
        francois.theron@...ronome.com,
        Jakub Kicinski <jakub.kicinski@...ronome.com>,
        Jiong Wang <jiong.wang@...ronome.com>
Subject: [RFC bpf-next] bpf: add new jited info fields in bpf_dev_offload and bpf_prog_info

Hi!

Jiong is working on dumping JITed NFP image via bpftool, Francois will be
submitting support for NFP in binutils soon (whoop! :)).

We would appreciate if you could weigh in on the uAPI.  Is it OK to reuse
the existing jited_prog_len/jited_prog_insns or should we add separate
2 new fields (plus the arch name) to avoid confusing old user space?

From: Jiong Wang <jiong.wang@...ronome.com>

For host JIT, there are "jited_len"/"bpf_func" fields in struct bpf_prog
used by all host JIT targets to get jited image and it's length. While for
offload, targets are likely to have different offload mechanisms that these
info are kept in device private data fields.

Therefore, BPF_OBJ_GET_INFO_BY_FD syscall needs an unified way to get JIT
length and contents info for offload targets.

One way is to introduce new callback to parse device private data then fill
those fields in bpf_prog_info. This might be a little heavy, the other way
is to add generic fields which will be initialized by all offload targets.

This patch follows the second approach to introduce two new fields in
struct bpf_dev_offload and teach bpf_prog_get_info_by_fd about them to fill
correct jited_prog_len and jited_prog_insns in bpf_prog_info.

Also, currently userspace tools can't get offload architecture info from
bpf_prog_info. This info is necessary for choosing correct disassembler.

This patch add name info in both bpf_dev_offload and bpf_prog_info so it
could be used by tools to select correct architecture.

The code logic in bpf_prog_offload_info_fill is adjusted slightly. Code
that only applies to offload are centered in bpf_prog_offload_info_fill as
much as possible.

Signed-off-by: Jiong Wang <jiong.wang@...ronome.com>
---
 include/linux/bpf.h            |  3 +++
 include/uapi/linux/bpf.h       |  2 ++
 kernel/bpf/offload.c           | 26 ++++++++++++++++++++++++++
 tools/include/uapi/linux/bpf.h |  2 ++
 4 files changed, 33 insertions(+)

diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 9e03046d1df2..d0cb9735bbba 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -197,6 +197,9 @@ struct bpf_dev_offload {
 	struct list_head	offloads;
 	bool			dev_state;
 	const struct bpf_prog_offload_ops *dev_ops;
+	void			*jited_image;
+	u32			jited_len;
+	char			jited_arch_name[BPF_OFFLOAD_ARCH_NAME_LEN];
 };
 
 struct bpf_prog_aux {
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index 405317f9c064..124560b982df 100644
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -226,6 +226,7 @@ enum bpf_attach_type {
 #define BPF_F_QUERY_EFFECTIVE	(1U << 0)
 
 #define BPF_OBJ_NAME_LEN 16U
+#define BPF_OFFLOAD_ARCH_NAME_LEN 16U
 
 /* Flags for accessing BPF object */
 #define BPF_F_RDONLY		(1U << 3)
@@ -927,6 +928,7 @@ struct bpf_prog_info {
 	__u32 ifindex;
 	__u64 netns_dev;
 	__u64 netns_ino;
+	char offload_arch_name[BPF_OFFLOAD_ARCH_NAME_LEN];
 } __attribute__((aligned(8)));
 
 struct bpf_map_info {
diff --git a/kernel/bpf/offload.c b/kernel/bpf/offload.c
index 040d4e0edf3f..88b4396d19aa 100644
--- a/kernel/bpf/offload.c
+++ b/kernel/bpf/offload.c
@@ -216,9 +216,12 @@ int bpf_prog_offload_info_fill(struct bpf_prog_info *info,
 		.prog	= prog,
 		.info	= info,
 	};
+	struct bpf_prog_aux *aux = prog->aux;
 	struct inode *ns_inode;
 	struct path ns_path;
+	char __user *uinsns;
 	void *res;
+	u32 ulen;
 
 	res = ns_get_path_cb(&ns_path, bpf_prog_offload_info_fill_ns, &args);
 	if (IS_ERR(res)) {
@@ -227,6 +230,29 @@ int bpf_prog_offload_info_fill(struct bpf_prog_info *info,
 		return PTR_ERR(res);
 	}
 
+
+	down_read(&bpf_devs_lock);
+	if (!aux->offload) {
+		up_read(&bpf_devs_lock);
+		return -ENODEV;
+	}
+
+	ulen = info->jited_prog_len;
+	info->jited_prog_len = aux->offload->jited_len;
+	if (info->jited_prog_len & ulen) {
+		uinsns = u64_to_user_ptr(info->jited_prog_insns);
+		ulen = min_t(u32, info->jited_prog_len, ulen);
+		if (copy_to_user(uinsns, aux->offload->jited_image, ulen)) {
+			up_read(&bpf_devs_lock);
+			return -EFAULT;
+		}
+	}
+
+	memcpy(info->offload_arch_name, aux->offload->jited_arch_name,
+	       sizeof(info->offload_arch_name));
+
+	up_read(&bpf_devs_lock);
+
 	ns_inode = ns_path.dentry->d_inode;
 	info->netns_dev = new_encode_dev(ns_inode->i_sb->s_dev);
 	info->netns_ino = ns_inode->i_ino;
diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h
index 4e8c60acfa32..647aee66f4da 100644
--- a/tools/include/uapi/linux/bpf.h
+++ b/tools/include/uapi/linux/bpf.h
@@ -226,6 +226,7 @@ enum bpf_attach_type {
 #define BPF_F_QUERY_EFFECTIVE	(1U << 0)
 
 #define BPF_OBJ_NAME_LEN 16U
+#define BPF_OFFLOAD_ARCH_NAME_LEN 16U
 
 /* Flags for accessing BPF object */
 #define BPF_F_RDONLY		(1U << 3)
@@ -924,6 +925,7 @@ struct bpf_prog_info {
 	__u32 ifindex;
 	__u64 netns_dev;
 	__u64 netns_ino;
+	char offload_arch_name[BPF_OFFLOAD_ARCH_NAME_LEN];
 } __attribute__((aligned(8)));
 
 struct bpf_map_info {
-- 
2.15.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ