lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 24 Apr 2019 18:40:47 +0000
From:   Yonghong Song <yhs@...com>
To:     Andrii Nakryiko <andrii.nakryiko@...il.com>
CC:     Kernel Team <Kernel-team@...com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "bpf@...r.kernel.org" <bpf@...r.kernel.org>,
        Alexei Starovoitov <ast@...com>,
        "daniel@...earbox.net" <daniel@...earbox.net>,
        Song Liu <songliubraving@...com>, Martin Lau <kafai@...com>,
        "acme@...nel.org" <acme@...nel.org>,
        Andrii Nakryiko <andriin@...com>,
        Arnaldo Carvalho de Melo <acme@...hat.com>
Subject: Re: [PATCH bpf-next 1/2] bpftool: add ability to dump BTF types



On 4/24/19 11:16 AM, Andrii Nakryiko wrote:
> On Wed, Apr 24, 2019 at 10:17 AM Yonghong Song <yhs@...com> wrote:
>>
>>
>>
>> On 4/23/19 10:21 PM, andrii.nakryiko@...il.com wrote:
>>> From: Andrii Nakryiko <andriin@...com>
>>>
>>> Add new `btf dump` sub-command to bpftool. It allows to dump
>>> human-readable low-level BTF types representation of BTF types. BTF can
>>> be retrieved from few different sources:
>>>     - from BTF object by ID;
>>>     - from PROG, if it has associated BTF;
>>>     - from MAP, if it has associated BTF data; it's possible to narrow
>>>       down types to either key type, value type, both, or all BTF types;
>>>     - from ELF file (.BTF section).
>>>
>>> Output format mostly follows BPF verifier log format with few notable
>>> exceptions:
>>>     - all the type/field/param/etc names are enclosed in single quotes to
>>>       allow easier grepping and to stand out a little bit more;
>>>     - FUNC_PROTO output follows STRUCT/UNION/ENUM format of having one
>>>       line per each argument; this is more uniform and allows easy
>>>       grepping, as opposed to succinct, but inconvenient format that BPF
>>>       verifier log is using.
>>>
>>> Cc: Daniel Borkmann <daniel@...earbox.net>
>>> Cc: Alexei Starovoitov <ast@...com>
>>> Cc: Yonghong Song <yhs@...com>
>>> Cc: Martin KaFai Lau <kafai@...com>
>>> Cc: Song Liu <songliubraving@...com>
>>> Cc: Arnaldo Carvalho de Melo <acme@...hat.com>
>>> Signed-off-by: Andrii Nakryiko <andriin@...com>
>>> ---
>>>    tools/bpf/bpftool/btf.c  | 576 +++++++++++++++++++++++++++++++++++++++
>>>    tools/bpf/bpftool/main.c |   1 +
>>>    tools/bpf/bpftool/main.h |   1 +
>>>    3 files changed, 578 insertions(+)
>>>    create mode 100644 tools/bpf/bpftool/btf.c
>>>
>>> diff --git a/tools/bpf/bpftool/btf.c b/tools/bpf/bpftool/btf.c
>>> new file mode 100644
>>> index 000000000000..afe5cb7bab0c
>>> --- /dev/null
>>> +++ b/tools/bpf/bpftool/btf.c
>>> @@ -0,0 +1,576 @@
>>> +// SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
>>> +/* Copyright (C) 2019 Facebook */
>>> +
>>> +#include <errno.h>
>>> +#include <fcntl.h>
>>> +#include <linux/err.h>
>>> +#include <stdbool.h>
>>> +#include <stdio.h>
>>> +#include <string.h>
>>> +#include <unistd.h>
>>> +#include <gelf.h>
>>> +#include <bpf.h>
>>> +#include <linux/btf.h>
>>> +
>>> +#include "btf.h"
>>> +#include "json_writer.h"
>>> +#include "main.h"
>>> +
>>> +static const char * const btf_kind_str[NR_BTF_KINDS] = {
>>> +     [BTF_KIND_UNKN]         = "UNKNOWN",
>>> +     [BTF_KIND_INT]          = "INT",
>>> +     [BTF_KIND_PTR]          = "PTR",
>>> +     [BTF_KIND_ARRAY]        = "ARRAY",
>>> +     [BTF_KIND_STRUCT]       = "STRUCT",
>>> +     [BTF_KIND_UNION]        = "UNION",
>>> +     [BTF_KIND_ENUM]         = "ENUM",
>>> +     [BTF_KIND_FWD]          = "FWD",
>>> +     [BTF_KIND_TYPEDEF]      = "TYPEDEF",
>>> +     [BTF_KIND_VOLATILE]     = "VOLATILE",
>>> +     [BTF_KIND_CONST]        = "CONST",
>>> +     [BTF_KIND_RESTRICT]     = "RESTRICT",
>>> +     [BTF_KIND_FUNC]         = "FUNC",
>>> +     [BTF_KIND_FUNC_PROTO]   = "FUNC_PROTO",
>>> +     [BTF_KIND_VAR]          = "VAR",
>>> +     [BTF_KIND_DATASEC]      = "DATASEC",
>>> +};
>>> +
>>> +static const char *btf_int_enc_str(__u8 encoding)
>>> +{
>>> +     switch (encoding) {
>>> +     case 0:
>>> +             return "(none)";
>>> +     case BTF_INT_SIGNED:
>>> +             return "SIGNED";
>>> +     case BTF_INT_CHAR:
>>> +             return "CHAR";
>>> +     case BTF_INT_BOOL:
>>> +             return "BOOL";
>>> +     default:
>>> +             return "UNKN";
>>> +     }
>>> +}
>>> +
>>> +static const char *btf_var_linkage_str(__u32 linkage)
>>> +{
>>> +     switch (linkage) {
>>> +     case BTF_VAR_STATIC:
>>> +             return "static";
>>> +     case BTF_VAR_GLOBAL_ALLOCATED:
>>> +             return "global-alloc";
>>> +     default:
>>> +             return "(unknown)";
>>> +     }
>>> +}
>>> +
>> [...]
>>> +
>>> +static bool check_btf_endianness(GElf_Ehdr *ehdr)
>>> +{
>>> +     static unsigned int const endian = 1;
>>> +
>>> +     switch (ehdr->e_ident[EI_DATA]) {
>>> +     case ELFDATA2LSB:
>>> +             return *(unsigned char const *)&endian == 1;
>>> +     case ELFDATA2MSB:
>>> +             return *(unsigned char const *)&endian == 0;
>>> +     default:
>>> +             return 0;
>>> +     }
>>> +}
>>> +
>>> +static int btf_load_from_elf(const char *path, struct btf **btf)
>>> +{
>>> +     int err = -1, fd = -1, idx = 0;
>>> +     Elf_Data *btf_data = NULL;
>>> +     Elf_Scn *scn = NULL;
>>> +     Elf *elf = NULL;
>>> +     GElf_Ehdr ehdr;
>>> +
>>> +     if (elf_version(EV_CURRENT) == EV_NONE) {
>>> +             p_err("failed to init libelf for %s", path);
>>> +             return -1;
>>> +     }
>>> +
>>> +     fd = open(path, O_RDONLY);
>>> +     if (fd < 0) {
>>> +             p_err("failed to open %s: %s", path, strerror(errno));
>>> +             return -1;
>>> +     }
>>> +
>>> +     elf = elf_begin(fd, ELF_C_READ, NULL);
>>> +     if (!elf) {
>>> +             p_err("failed to open %s as ELF file", path);
>>> +             goto done;
>>> +     }
>>> +     if (!gelf_getehdr(elf, &ehdr)) {
>>> +             p_err("failed to get EHDR from %s", path);
>>> +             goto done;
>>> +     }
>>> +     if (!check_btf_endianness(&ehdr)) {
>>> +             p_err("non-native ELF endianness is not supported");
>>
>> We should relex this. It is possible that for some embedded system,
>> bpftool is running on some x86 server examining a objfile file used
>> for an embedded system.
> 
> I agree, but I think that should be done in libbpf. I've been meaning
> to add that for a while now, but never got around to that, it's still
> on my TODO list.
> 
> My intent is to teach btf__new to look at BTF header, and if it's
> endianness is not native, convert all the integers to native
> endianness. That way, struct btf is always of native endianness in
> memory and won't require any extra checks from other code. I'll do it
> some time soonish at which point both pahole (which handles this
> explicitly right now) and bpftool can greatly benefit from that. How
> does that sound?

This sounds good. libbpf seems the right place to go.

> 
>>
>>> +             goto done;
>>> +     }
>>> +     if (!elf_rawdata(elf_getscn(elf, ehdr.e_shstrndx), NULL)) {
>>> +             p_err("failed to get e_shstrndx from %s\n", path);
>>> +             goto done;
>>> +     }
>>> +
>>> +     while ((scn = elf_nextscn(elf, scn)) != NULL) {
>>> +             GElf_Shdr sh;
>>> +             char *name;
>>> +
>>> +             idx++;
>>> +             if (gelf_getshdr(scn, &sh) != &sh) {
>>> +                     p_err("failed to get section(%d) header from %s",
>>> +                           idx, path);
>>> +                     goto done;
>>> +             }
>>> +             name = elf_strptr(elf, ehdr.e_shstrndx, sh.sh_name);
>>> +             if (!name) {
>>> +                     p_err("failed to get section(%d) name from %s",
>>> +                           idx, path);
>>> +                     goto done;
>>> +             }
>>> +             if (strcmp(name, BTF_ELF_SEC) == 0) {
>>> +                     btf_data = elf_getdata(scn, 0);
>>> +                     if (!btf_data) {
>>> +                             p_err("failed to get section(%d, %s) data from %s",
>>> +                                   idx, name, path);
>>> +                             goto done;
>>> +                     }
>>> +                     break;
>>> +             }
>>> +     }
>>> +
>>> +     if (!btf_data) {
>>> +             p_err("%s ELF section not found in %s", BTF_ELF_SEC, path);
>>> +             goto done;
>>> +     }
>>> +
>>> +     *btf = btf__new(btf_data->d_buf, btf_data->d_size);
>>> +     if (IS_ERR(*btf)) {
>>> +             err = PTR_ERR(*btf);
>>> +             *btf = NULL;
>>> +             p_err("failed to load BTF data from %s: %s",
>>> +                   path, strerror(err));
>>> +             goto done;
>>> +     }
>>> +
>>> +     err = 0;
>>> +done:
>>> +     if (err) {
>>> +             if (*btf) {
>>> +                     btf__free(*btf);
>>> +                     *btf = NULL;
>>> +             }
>>> +     }
>>> +     if (elf)
>>> +             elf_end(elf);
>>> +     close(fd);
>>> +     return err;
>>> +}
>>> +
>> [...]
>>> +}
>>> diff --git a/tools/bpf/bpftool/main.c b/tools/bpf/bpftool/main.c
>>> index a9d5e9e6a732..eba56edd7c77 100644
>>> --- a/tools/bpf/bpftool/main.c
>>> +++ b/tools/bpf/bpftool/main.c
>>> @@ -188,6 +188,7 @@ static const struct cmd cmds[] = {
>>>        { "perf",       do_perf },
>>>        { "net",        do_net },
>>>        { "feature",    do_feature },
>>> +     { "btf",        do_btf },
>>>        { "version",    do_version },
>>>        { 0 }
>>>    };
>>> diff --git a/tools/bpf/bpftool/main.h b/tools/bpf/bpftool/main.h
>>> index 1ccc46169a19..3d63feb7f852 100644
>>> --- a/tools/bpf/bpftool/main.h
>>> +++ b/tools/bpf/bpftool/main.h
>>> @@ -150,6 +150,7 @@ int do_perf(int argc, char **arg);
>>>    int do_net(int argc, char **arg);
>>>    int do_tracelog(int argc, char **arg);
>>>    int do_feature(int argc, char **argv);
>>> +int do_btf(int argc, char **argv);
>>>
>>>    int parse_u32_arg(int *argc, char ***argv, __u32 *val, const char *what);
>>>    int prog_parse_fd(int *argc, char ***argv);
>>>

Powered by blists - more mailing lists