lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20181217102501.22019-6-bjorn.topel@gmail.com>
Date:   Mon, 17 Dec 2018 11:24:59 +0100
From:   Björn Töpel <bjorn.topel@...il.com>
To:     bjorn.topel@...il.com, magnus.karlsson@...el.com,
        magnus.karlsson@...il.com, ast@...nel.org, daniel@...earbox.net,
        netdev@...r.kernel.org
Cc:     Björn Töpel <bjorn.topel@...el.com>,
        brouer@...hat.com, u9012063@...il.com, qi.z.zhang@...el.com,
        jakub.kicinski@...ronome.com, andrew@...n.ch
Subject: [PATCH bpf-next v2 5/7] libbpf: initial support for builtin BPF programs

From: Björn Töpel <bjorn.topel@...el.com>

This commit introduces builtin BPF programs to libbpf. A builtin
program is simply a BPF program that is bundled with libbpf.

The first builtin program is an XDP program, "xdp_xsk_redirect", which
is a trivial program that calls bpf_xsk_redirect for each received
packet, and redirects it to the corresponding XDP socket.

Two new functions are added to the libbpf API:
  LIBBPF_API struct bpf_object *bpf_object__open_builtin(
                  enum bpf_prog_type prog_type);

  LIBBPF_API struct bpf_program *
  bpf_object__find_xdp_builtin_program(
                struct bpf_object* obj,
                  enum libbpf_builtin_xdp_prog prog);

The first function is used to get a handle to the bpf_object
containing all builtin programs for a certain program type. The latter
is used to access a certain builtin program from the bpf_object. Note
that currenty only XDP is supported. When other program types are
supported, additional bpf_object__find_PROG_TYPE_builtin_program
function are required.

When/if packet cloning is introduced to XDP, another builtin program
candidate would be a program that clones all packets to an XDP socket.

Signed-off-by: Björn Töpel <bjorn.topel@...el.com>
---
 tools/lib/bpf/libbpf.c   | 85 ++++++++++++++++++++++++++++++++++++++++
 tools/lib/bpf/libbpf.h   | 14 +++++++
 tools/lib/bpf/libbpf.map |  2 +
 3 files changed, 101 insertions(+)

diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
index e2bc75ee1614..d8551193862b 100644
--- a/tools/lib/bpf/libbpf.c
+++ b/tools/lib/bpf/libbpf.c
@@ -242,6 +242,31 @@ struct bpf_object {
 };
 #define obj_elf_valid(o)	((o)->efile.elf)
 
+struct libbpf_builtin_prog {
+	const char *name;
+	const struct bpf_insn *insns;
+	size_t size;
+};
+
+/*
+ * Builtin XDP program: LIBBPF_BUILTIN_XDP__XSK_REDIRECT
+ *
+ * Trivial XDP program that calls bpf_xsk_redirect() on every received
+ * frame.
+ */
+static const struct bpf_insn builtin_xdp_xsk_redirect_insn[] = {
+	BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_xsk_redirect),
+	BPF_EXIT_INSN(),
+};
+
+static const struct libbpf_builtin_prog libbpf_builtin_xdp_prog[] = {
+	[LIBBPF_BUILTIN_XDP__XSK_REDIRECT] = {
+		"xdp_xsk_redirect",
+		&builtin_xdp_xsk_redirect_insn[0],
+		sizeof(builtin_xdp_xsk_redirect_insn)
+	},
+};
+
 void bpf_program__unload(struct bpf_program *prog)
 {
 	int i;
@@ -2990,3 +3015,63 @@ bpf_perf_event_read_simple(void *mmap_mem, size_t mmap_size, size_t page_size,
 	ring_buffer_write_tail(header, data_tail);
 	return ret;
 }
+
+struct bpf_object *bpf_object__open_builtin(enum bpf_prog_type prog_type)
+{
+	struct bpf_program *prog;
+	struct bpf_object *obj;
+	int err, i;
+
+	/* Right now, only XDP is supported. */
+	if (prog_type != BPF_PROG_TYPE_XDP)
+		return ERR_PTR(-EINVAL);
+
+	obj = bpf_object__new("", NULL, 0);
+	if (IS_ERR(obj))
+		return NULL;
+
+	CHECK_ERR(bpf_object__init_license(obj, (void *)"GPL", sizeof("GPL")),
+		  err, out);
+
+	for (i = 0; i < __LIBBPF_BUILTIN_XDP__END; i++) {
+		err = bpf_object__add_program(
+			obj,
+			(void *)libbpf_builtin_xdp_prog[i].insns,
+			libbpf_builtin_xdp_prog[i].size,
+			(char *)libbpf_builtin_xdp_prog[i].name, i);
+		if (err) {
+			pr_warning("failed to add builtin program %s\n",
+				   libbpf_builtin_xdp_prog[i].name);
+			goto out;
+		}
+	}
+
+	bpf_object__for_each_program(prog, obj) {
+		bpf_program__set_type(prog, BPF_PROG_TYPE_XDP);
+
+		prog->name = strdup(libbpf_builtin_xdp_prog[prog->idx].name);
+		if (!prog->name) {
+			pr_warning("failed to allocate memory for name %s\n",
+				   libbpf_builtin_xdp_prog[prog->idx].name);
+			goto out;
+		}
+	}
+
+	return obj;
+out:
+	bpf_object__close(obj);
+	return NULL;
+
+}
+
+struct bpf_program *bpf_object__find_xdp_builtin_program(
+	struct bpf_object *obj, enum libbpf_builtin_xdp_prog prog)
+{
+	if (!obj)
+		return NULL;
+
+	if (prog < 0 || prog >= __LIBBPF_BUILTIN_XDP__END)
+		return NULL;
+
+	return bpf_object__find_prog_by_idx(obj, prog);
+}
diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h
index 5f68d7b75215..0de0cc2da240 100644
--- a/tools/lib/bpf/libbpf.h
+++ b/tools/lib/bpf/libbpf.h
@@ -45,6 +45,15 @@ enum libbpf_errno {
 	__LIBBPF_ERRNO__END,
 };
 
+enum libbpf_builtin_xdp_prog {
+	/*
+	 * Trivial XDP program that calls bpf_xsk_redirect
+	 * unconditionally for every received packet.
+	 */
+	LIBBPF_BUILTIN_XDP__XSK_REDIRECT,
+	__LIBBPF_BUILTIN_XDP__END,
+};
+
 LIBBPF_API int libbpf_strerror(int err, char *buf, size_t size);
 
 /*
@@ -75,6 +84,8 @@ struct bpf_object *__bpf_object__open_xattr(struct bpf_object_open_attr *attr,
 LIBBPF_API struct bpf_object *bpf_object__open_buffer(void *obj_buf,
 						      size_t obj_buf_sz,
 						      const char *name);
+LIBBPF_API struct bpf_object *bpf_object__open_builtin(
+	enum bpf_prog_type prog_type);
 LIBBPF_API int bpf_object__pin_maps(struct bpf_object *obj, const char *path);
 LIBBPF_API int bpf_object__unpin_maps(struct bpf_object *obj,
 				      const char *path);
@@ -94,6 +105,9 @@ LIBBPF_API int bpf_object__btf_fd(const struct bpf_object *obj);
 
 LIBBPF_API struct bpf_program *
 bpf_object__find_program_by_title(struct bpf_object *obj, const char *title);
+LIBBPF_API struct bpf_program *
+bpf_object__find_xdp_builtin_program(struct bpf_object *obj,
+				     enum libbpf_builtin_xdp_prog prog);
 
 LIBBPF_API struct bpf_object *bpf_object__next(struct bpf_object *prev);
 #define bpf_object__for_each_safe(pos, tmp)			\
diff --git a/tools/lib/bpf/libbpf.map b/tools/lib/bpf/libbpf.map
index cd02cd4e2cc3..58acd84d5ff3 100644
--- a/tools/lib/bpf/libbpf.map
+++ b/tools/lib/bpf/libbpf.map
@@ -121,6 +121,8 @@ LIBBPF_0.0.1 {
 		libbpf_prog_type_by_name;
 		libbpf_set_print;
 		libbpf_strerror;
+		bpf_object__open_builtin;
+		bpf_object__find_xdp_builtin_program;
 	local:
 		*;
 };
-- 
2.19.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ