lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 12 Dec 2018 03:22:38 +0100
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Song Liu <songliubraving@...com>, netdev@...r.kernel.org
Cc:     ast@...nel.org, kernel-team@...com, kafai@...com
Subject: Re: [PATCH v2 bpf-next 1/2] bpf: include sub program tags in
 bpf_prog_info

On 12/11/2018 09:18 AM, Song Liu wrote:
> Changes from v1:
> 1. Fix error path as Martin suggested.
> 
> This patch adds nr_prog_tags and prog_tags to bpf_prog_info. This is a
> reliable way for user space to get tags of all sub programs. Before this
> patch, user space need to find sub program tags via kallsyms.
> 
> This feature will be used in BPF introspection, where user space queries
> information about BPF programs via sys_bpf.
> 
> Signed-off-by: Song Liu <songliubraving@...com>
> ---
>  include/uapi/linux/bpf.h |  2 ++
>  kernel/bpf/syscall.c     | 27 +++++++++++++++++++++++++++
>  2 files changed, 29 insertions(+)
> 
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index 1bee1135866a..368d185aa32f 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -2703,6 +2703,8 @@ struct bpf_prog_info {
>  	__u32 jited_line_info_cnt;
>  	__u32 line_info_rec_size;
>  	__u32 jited_line_info_rec_size;
> +	__u32 nr_prog_tags;
> +	__aligned_u64 prog_tags;
>  } __attribute__((aligned(8)));
> 
>  struct bpf_map_info {
> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> index 19c88cff7880..49cb59177db9 100644
> --- a/kernel/bpf/syscall.c
> +++ b/kernel/bpf/syscall.c
> @@ -2322,6 +2322,33 @@ static int bpf_prog_get_info_by_fd(struct bpf_prog *prog,
>  		}
>  	}
> 
> +	ulen = info.nr_prog_tags;
> +	info.nr_prog_tags = prog->aux->func_cnt ? : 1;
> +	if (ulen) {
> +		if (bpf_dump_raw_ok()) {

Hm, why is bpf_dump_raw_ok() needed here? tag is not exposing a kernel
address. prog tag is in general also visible from fdinfo from unpriv.

Just looking at the recently merged func_info / line_info I'm not sure
this is needed there either ... Martin, is there a specific reason this
was added there as well?

> +			__u8 __user (*user_prog_tags)[BPF_TAG_SIZE];
> +			u32 i;
> +
> +			user_prog_tags = u64_to_user_ptr(info.prog_tags);
> +			ulen = min_t(u32, info.nr_prog_tags, ulen);
> +			if (prog->aux->func_cnt) {
> +				for (i = 0; i < ulen; i++) {
> +					if (copy_to_user(
> +						    user_prog_tags[i],
> +						    prog->aux->func[i]->tag,
> +						    BPF_TAG_SIZE))
> +						return -EFAULT;
> +				}
> +			} else {
> +				if (copy_to_user(user_prog_tags[0],
> +						 prog->tag, BPF_TAG_SIZE))
> +					return -EFAULT;
> +			}
> +		} else {
> +			info.prog_tags = 0;
> +		}
> +	}
> +
>  done:
>  	if (copy_to_user(uinfo, &info, info_len) ||
>  	    put_user(info_len, &uattr->info.info_len))
> --
> 2.17.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ