lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 23 Jan 2019 14:41:59 +0100
From:   Maciej Fijalkowski <maciejromanfijalkowski@...il.com>
To:     Daniel Borkmann <daniel@...earbox.net>
Cc:     ast@...nel.org, netdev@...r.kernel.org,
        jakub.kicinski@...ronome.com, brouer@...hat.com
Subject: Re: [PATCH bpf-next v2 2/8] libbpf: Add a helper for retrieving a
 prog via index

On Wed, 23 Jan 2019 11:41:11 +0100
Daniel Borkmann <daniel@...earbox.net> wrote:

> On 01/21/2019 10:10 AM, Maciej Fijalkowski wrote:
> > xdp_redirect_cpu has a 6 different XDP programs that can be attached to
> > network interface. This sample has a option --prognum that allows user
> > for specifying which particular program from a given set will be
> > attached to network interface.
> > In order to make it easier when converting the mentioned sample to
> > libbpf usage, add a function to libbpf that will return program's fd for
> > a given index.
> > 
> > Note that there is already a bpf_object__find_prog_by_idx, which could
> > be exported and might be used for that purpose, but it operates on the
> > number of ELF section and here we need an index from a programs array
> > within the bpf_object.  
> 
> Series in general looks good to me. Few minor comments, mainly in relation
> to the need for libbpf extensions.
> 
> Would it not be a better interface to the user to instead choose the prog
> based on section name and then retrieve it via bpf_object__find_program_by_title()
> instead of prognum (which feels less user friendly) at least?
> 

I couldn't decide which one from:
* adding a libbpf helper
* changing the xdp_redirect_cpu behaviour
would be more invasive when I was converting this sample to libbpf support.

Your suggestion sounds good, but I'm wondering about the actual implementation.
I suppose that we would choose the program via command line. Some program
section names in this sample are a bit long and it might be irritating for
user to type in for example "xdp_cpu_map5_lb_hash_ip_pairs", no? Or maybe we
can live with this. In case of typo and program being not found it would be
good to print out the section names to choose from in usage().

> > Signed-off-by: Maciej Fijalkowski <maciejromanfijalkowski@...il.com>
> > Reviewed-by: Jakub Kicinski <jakub.kicinski@...ronome.com>
> > ---
> >  tools/lib/bpf/libbpf.c   | 8 ++++++++
> >  tools/lib/bpf/libbpf.h   | 3 +++
> >  tools/lib/bpf/libbpf.map | 1 +
> >  3 files changed, 12 insertions(+)
> > 
> > diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> > index dc838bea403f..21c84d0f6128 100644
> > --- a/tools/lib/bpf/libbpf.c
> > +++ b/tools/lib/bpf/libbpf.c
> > @@ -935,6 +935,14 @@ static int bpf_object__elf_collect(struct bpf_object *obj, int flags)
> >  	return err;
> >  }
> >  
> > +int
> > +bpf_object__get_prog_fd_by_num(struct bpf_object *obj, int idx)
> > +{
> > +	if (idx >= 0 && idx < obj->nr_programs)
> > +		return bpf_program__fd(&obj->programs[idx]);
> > +	return -ENOENT;
> > +}
> > +
> >  static struct bpf_program *
> >  bpf_object__find_prog_by_idx(struct bpf_object *obj, int idx)
> >  {
> > diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h
> > index 7f10d36abdde..ca1b381cb3ad 100644
> > --- a/tools/lib/bpf/libbpf.h
> > +++ b/tools/lib/bpf/libbpf.h
> > @@ -95,6 +95,9 @@ LIBBPF_API int bpf_object__btf_fd(const struct bpf_object *obj);
> >  LIBBPF_API struct bpf_program *
> >  bpf_object__find_program_by_title(struct bpf_object *obj, const char *title);
> >  
> > +LIBBPF_API int
> > +bpf_object__get_prog_fd_by_num(struct bpf_object *obj, int idx);
> > +
> >  LIBBPF_API struct bpf_object *bpf_object__next(struct bpf_object *prev);
> >  #define bpf_object__for_each_safe(pos, tmp)			\
> >  	for ((pos) = bpf_object__next(NULL),		\
> > diff --git a/tools/lib/bpf/libbpf.map b/tools/lib/bpf/libbpf.map
> > index 7c59e4f64082..871d2fc07150 100644
> > --- a/tools/lib/bpf/libbpf.map
> > +++ b/tools/lib/bpf/libbpf.map
> > @@ -127,4 +127,5 @@ LIBBPF_0.0.1 {
> >  LIBBPF_0.0.2 {
> >  	global:
> >  		bpf_object__find_map_fd_by_name;
> > +		bpf_object__get_prog_fd_by_num;
> >  } LIBBPF_0.0.1;
> >   
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ