| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Nov 2018 22:52:23 +0100
From: Daniel Borkmann <daniel@...earbox.net>
To: "Nikita V. Shirokov" <tehnerd@...nerd.com>,
Alexei Starovoitov <ast@...nel.org>
Cc: netdev@...r.kernel.org, Wang Nan <wangnan0@...wei.com>
Subject: Re: [RFC PATCH bpf-next] libbpf: make bpf_object__open default to
UNSPEC
[ +Wang ]
On 11/22/2018 07:03 AM, Nikita V. Shirokov wrote:
> currently by default libbpf's bpf_object__open requires
> bpf's program to specify version in a code because of two things:
> 1) default prog type is set to KPROBE
> 2) KPROBE requires (in kernel/bpf/syscall.c) version to be specified
>
> in this RFC i'm proposing change default to UNSPEC and also changing
> logic of libbpf that it would reflect what we have today in kernel
> (aka only KPROBE type requires for version to be explicitly set).
>
> reason for change:
> currently only libbpf requires by default version to be
> explicitly set. it would be really hard for mainteiners of other custom
> bpf loaders to migrate to libbpf (as they dont control user's code
> and migration to the new loader (libbpf) wont be transparent for end
> user).
>
> what is going to be broken after this change:
> if someone were relying on default to be KPROBE for bpf_object__open
> his code will stop to work. however i'm really doubtfull that anyone
> is using this for kprobe type of programs (instead of, say, bcc or
> other tracing frameworks)
>
> other possible solutions (for discussion, would require more machinery):
> add another function like bpf_object__open w/ default to unspec
>
> Signed-off-by: Nikita V. Shirokov <tehnerd@...nerd.com>
> ---
> tools/lib/bpf/libbpf.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> index 0f14f7c074c2..ed4212a4c5f9 100644
> --- a/tools/lib/bpf/libbpf.c
> +++ b/tools/lib/bpf/libbpf.c
> @@ -333,7 +333,7 @@ bpf_program__init(void *data, size_t size, char *section_name, int idx,
> prog->idx = idx;
> prog->instances.fds = NULL;
> prog->instances.nr = -1;
> - prog->type = BPF_PROG_TYPE_KPROBE;
> + prog->type = BPF_PROG_TYPE_UNSPEC;
> prog->btf_fd = -1;
Seems this was mostly for historic reasons, but for a generic library this
would indeed be an odd convention for default. Wang, given 5f44e4c810bf
("tools lib bpf: New API to adjust type of a BPF program"), are you in any
way relying on this default or using things like bpf_program__set_kprobe()
instead which you've added there? If latter, I'd say we should then change
it better now than later when there's even more lib usage (and in particular
before we add official ABI versioning).
> return 0;
> @@ -1649,12 +1649,12 @@ static bool bpf_prog_type__needs_kver(enum bpf_prog_type type)
> case BPF_PROG_TYPE_LIRC_MODE2:
> case BPF_PROG_TYPE_SK_REUSEPORT:
> case BPF_PROG_TYPE_FLOW_DISSECTOR:
> - return false;
> case BPF_PROG_TYPE_UNSPEC:
> - case BPF_PROG_TYPE_KPROBE:
> case BPF_PROG_TYPE_TRACEPOINT:
> - case BPF_PROG_TYPE_PERF_EVENT:
> case BPF_PROG_TYPE_RAW_TRACEPOINT:
> + case BPF_PROG_TYPE_PERF_EVENT:
> + return false;
> + case BPF_PROG_TYPE_KPROBE:
> default:
> return true;
> }
>
Thanks,
Daniel
Powered by blists - more mailing lists