lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 28 Nov 2019 17:08:37 +0100
From:   Jesper Dangaard Brouer <brouer@...hat.com>
To:     Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc:     brouer@...hat.com,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        Toke Høiland-Jørgensen <toke@...hat.com>
Subject: Better ways to validate map via BTF?

Hi Andrii,

Is there are better way to validate that a userspace BPF-program uses
the correct map via BTF?

Below and in attached patch, I'm using bpf_obj_get_info_by_fd() to get
some map-info, and check info.value_size and info.max_entries match
what I expect.  What I really want, is to check that "map-value" have
same struct layout as:

 struct config {
	__u32 action;
	int ifindex;
	__u32 options;
 };

-- 
Best regards,
  Jesper Dangaard Brouer
  MSc.CS, Principal Kernel Engineer at Red Hat
  LinkedIn: http://www.linkedin.com/in/brouer


static void check_config_map_fd_info(int map_fd) {
	struct bpf_map_info info = { 0 };
	__u32 info_len = sizeof(info);
	__u32 exp_value_size = sizeof(struct config);
	__u32 exp_entries = 1;
	int err;

	/* BPF-info via bpf-syscall */
	err = bpf_obj_get_info_by_fd(map_fd, &info, &info_len);
	if (err) {
		fprintf(stderr, "ERR: %s() can't get info - %s\n",
			__func__,  strerror(errno));
		exit(EXIT_FAIL_BPF);
	}

	if (exp_value_size != info.value_size) {
		fprintf(stderr, "ERR: %s() "
			"Map value size(%d) mismatch expected size(%d)\n",
			__func__, info.value_size, exp_value_size);
		exit(EXIT_FAIL_BPF);
	}

	if (exp_entries != info.max_entries) {
		fprintf(stderr, "ERR: %s() "
			"Map max_entries(%d) mismatch expected entries(%d)\n",
			__func__, info.max_entries, exp_entries);
		exit(EXIT_FAIL_BPF);
	}
}


struct config {
	__u32 action;
	int ifindex;
	__u32 options;
};


Download attachment "02-detect_map_mismatch" of type "application/octet-stream" (2423 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ