lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 12 Aug 2019 08:57:46 +0000
From:   Fejes Ferenc <fejes@....elte.hu>
To:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Error when loading BPF_CGROUP_INET_EGRESS program with bpftool

Greetings!

I found a strange error when I tried to load a BPF_CGROUP_INET_EGRESS
prog with bpftool. Loading the same program from C code with
bpf_prog_load_xattr works without problem.

The error message I got:
bpftool prog loadall hbm_kern.o /sys/fs/bpf/hbm type cgroup/skb
libbpf: load bpf program failed: Invalid argument
libbpf: -- BEGIN DUMP LOG ---
libbpf:
; return ALLOW_PKT | REDUCE_CW;
0: (b7) r0 = 3
1: (95) exit
At program exit the register R0 has value (0x3; 0x0) should have been
in (0x0; 0x1)
processed 2 insns (limit 1000000) max_states_per_insn 0 total_states 0
peak_states 0 mark_read 0

libbpf: -- END LOG --
libbpf: failed to load program 'cgroup_skb/egress'
libbpf: failed to load object 'hbm_kern.o'
Error: failed to load object file


My environment: 5.3-rc3 / net-next master (both producing the error).
Libbpf and bpftool installed from the kernel source (cleaned and
reinstalled when I tried a new kernel). I compiled the program with
Clang 8, on Ubuntu 19.10 server image, the source:

#include <linux/bpf.h>
#include "bpf_helpers.h"

#define DROP_PKT        0
#define ALLOW_PKT       1
#define REDUCE_CW       2

SEC("cgroup_skb/egress")
int hbm(struct __sk_buff *skb)
{
        return ALLOW_PKT | REDUCE_CW;
}
char _license[] SEC("license") = "GPL";


I also tried to trace down the bug with gdb. It seems like the
section_names array in libbpf.c filled with garbage, especially the
expected_attach_type fields (in my case, this contains
BPF_CGROUP_INET_INGRESS instead of BPF_CGROUP_INET_EGRESS).

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ