lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190320173332.18105-4-alban@kinvolk.io>
Date:   Wed, 20 Mar 2019 18:33:29 +0100
From:   Alban Crequy <alban.crequy@...il.com>
To:     ast@...nel.org, daniel@...earbox.net
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        alban@...volk.io, iago@...volk.io
Subject: [PATCH bpf-next v1 4/7] tools: bpftool: implement map exec command

From: Alban Crequy <alban@...volk.io>

The map exec commands allows to open an existing map and pass the file
descriptor to a child process. This enables applications to use an
existing BPF map even when they don't support bpffs.

Example of usage:
    # bpftool map exec pinned /sys/fs/bpf/foo fd 99 cmd -- readlink /proc/self/fd/99
    anon_inode:bpf-map

Documentation and bash completion updated as well.

Signed-off-by: Alban Crequy <alban@...volk.io>
---
 .../bpf/bpftool/Documentation/bpftool-map.rst | 11 ++++
 tools/bpf/bpftool/bash-completion/bpftool     | 22 +++++++-
 tools/bpf/bpftool/map.c                       | 53 +++++++++++++++++++
 3 files changed, 85 insertions(+), 1 deletion(-)

diff --git a/tools/bpf/bpftool/Documentation/bpftool-map.rst b/tools/bpf/bpftool/Documentation/bpftool-map.rst
index b685641bfd74..dfd8352fa453 100644
--- a/tools/bpf/bpftool/Documentation/bpftool-map.rst
+++ b/tools/bpf/bpftool/Documentation/bpftool-map.rst
@@ -30,6 +30,7 @@ MAP COMMANDS
 |	**bpftool** **map getnext**    *MAP* [**key** *DATA*]
 |	**bpftool** **map delete**     *MAP*  **key** *DATA*
 |	**bpftool** **map pin**        *MAP*  *FILE*
+|	**bpftool** **map exec**       *MAP*  **fd** *FD* **cmd** -- *CMD*
 |	**bpftool** **map event_pipe** *MAP* [**cpu** *N* **index** *M*]
 |	**bpftool** **map peek**       *MAP*
 |	**bpftool** **map push**       *MAP* **value** *VALUE*
@@ -101,6 +102,10 @@ DESCRIPTION
 		  contain a dot character ('.'), which is reserved for future
 		  extensions of *bpffs*.
 
+	**bpftool map exec**     *MAP*  **fd** *FD* **cmd** -- *CMD*
+                  Load map and exec an external command, passing the file
+                  descriptor.
+
 	**bpftool** **map event_pipe** *MAP* [**cpu** *N* **index** *M*]
 		  Read events from a BPF_MAP_TYPE_PERF_EVENT_ARRAY map.
 
@@ -254,6 +259,12 @@ would be lost as soon as bpftool exits).
   key: 00 00 00 00  value: 22 02 00 00
   Found 1 element
 
+**# bpftool map exec pinned /sys/fs/bpf/foo fd 99 cmd -- readlink /proc/self/fd/99**
+
+::
+
+  anon_inode:bpf-map
+
 SEE ALSO
 ========
 	**bpf**\ (2),
diff --git a/tools/bpf/bpftool/bash-completion/bpftool b/tools/bpf/bpftool/bash-completion/bpftool
index 9e37de8bb227..63cd53c4d3a7 100644
--- a/tools/bpf/bpftool/bash-completion/bpftool
+++ b/tools/bpf/bpftool/bash-completion/bpftool
@@ -583,6 +583,26 @@ _bpftool()
                     fi
                     return 0
                     ;;
+                exec)
+                    case $prev in
+                        $command)
+                            COMPREPLY=( $( compgen -W "$MAP_TYPE" -- "$cur" ) )
+                            return 0
+                            ;;
+                        fd)
+                            return 0
+                            ;;
+                        cmd)
+                            COMPREPLY=( $(compgen -c -- "$cur" ) )
+                            return 0
+                            ;;
+                        *)
+                            _bpftool_once_attr 'fd'
+                            _bpftool_once_attr 'cmd'
+                            return 0
+                            ;;
+                    esac
+                    ;;
                 event_pipe)
                     case $prev in
                         $command)
@@ -610,7 +630,7 @@ _bpftool()
                     [[ $prev == $object ]] && \
                         COMPREPLY=( $( compgen -W 'delete dump getnext help \
                             lookup pin event_pipe show list update create \
-                            peek push enqueue pop dequeue' -- \
+                            peek push enqueue pop dequeue exec' -- \
                             "$cur" ) )
                     ;;
             esac
diff --git a/tools/bpf/bpftool/map.c b/tools/bpf/bpftool/map.c
index a576f2a019be..768497364cee 100644
--- a/tools/bpf/bpftool/map.c
+++ b/tools/bpf/bpftool/map.c
@@ -883,6 +883,58 @@ static int do_update(int argc, char **argv)
 	return err;
 }
 
+static int do_exec(int argc, char **argv)
+{
+	struct bpf_map_info info = {};
+	__u32 len = sizeof(info);
+	int fd, ret;
+	__u32 outfd = 0;
+
+	if (argc < 2)
+		usage();
+
+	fd = map_parse_fd_and_info(&argc, &argv, &info, &len);
+	if (fd < 0)
+		return -1;
+
+	while (argc) {
+		if (is_prefix(*argv, "fd")) {
+			if (parse_u32_arg(&argc, &argv, &outfd,
+					  "out fd"))
+				return -1;
+		} else if (is_prefix(*argv, "cmd")){
+			NEXT_ARG();
+			if (!REQ_ARGS(1))
+				return -1;
+
+			break;
+		} else {
+			p_err("unknown arg %s", *argv);
+			return -1;
+		}
+	}
+
+	if (outfd == 0) {
+		p_err("invalid fd");
+		return -1;
+	}
+	if (*argv == NULL) {
+		p_err("empty command");
+		return -1;
+	}
+
+
+	ret = dup2(fd, (int)outfd);
+	if (ret == -1) {
+		p_err("dup2 failed: %s", strerror(errno));
+		return -1;
+	}
+
+	execvp(argv[0], argv);
+	p_err("execvp failed: %s", strerror(errno));
+	return -1;
+}
+
 static void print_key_value(struct bpf_map_info *info, void *key,
 			    void *value)
 {
@@ -1355,6 +1407,7 @@ static const struct cmd cmds[] = {
 	{ "enqueue",	do_update },
 	{ "pop",	do_pop_dequeue },
 	{ "dequeue",	do_pop_dequeue },
+	{ "exec",	do_exec },
 	{ 0 }
 };
 
-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ