lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAEf4BzY3jp=cw9N23dBJnEsMXys6ZtjW5LVHquq4kF9avaPKcg@mail.gmail.com>
Date:   Thu, 28 Nov 2019 21:27:12 -0800
From:   Andrii Nakryiko <andrii.nakryiko@...il.com>
To:     Jesper Dangaard Brouer <brouer@...hat.com>
Cc:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        Toke Høiland-Jørgensen <toke@...hat.com>
Subject: Re: Better ways to validate map via BTF?

On Thu, Nov 28, 2019 at 8:08 AM Jesper Dangaard Brouer
<brouer@...hat.com> wrote:
>
> Hi Andrii,


Hey, Jesper! Sorry for late reply, I'm on vacation for few days, so my
availability is irregular at best :)

>
> Is there are better way to validate that a userspace BPF-program uses
> the correct map via BTF?
>
> Below and in attached patch, I'm using bpf_obj_get_info_by_fd() to get
> some map-info, and check info.value_size and info.max_entries match
> what I expect.  What I really want, is to check that "map-value" have
> same struct layout as:
>
>  struct config {
>         __u32 action;
>         int ifindex;
>         __u32 options;
>  };

Well, there is no existing magical way to do this, but it is doable by
comparing BTFs of two maps. It's not too hard to compare all the
members of a struct, their names, sizes, types, etc (and do that
recursively, if necessary), but it's a bunch of code requiring due
diligence. Libbpf doesn't provide that in a ready-to-use form (it does
implement equivalence checks between two type graphs for dedup, but
it's quite coupled with and specific to BTF deduplication algorithm).
Keep in mind, when Toke implemented map pinning support in libbpf, we
decided to not check BTF for now, and just check key/value size,
flags, type, max_elements, etc.

>
> --
> Best regards,
>   Jesper Dangaard Brouer
>   MSc.CS, Principal Kernel Engineer at Red Hat
>   LinkedIn: http://www.linkedin.com/in/brouer
>
>
> static void check_config_map_fd_info(int map_fd) {
>         struct bpf_map_info info = { 0 };
>         __u32 info_len = sizeof(info);
>         __u32 exp_value_size = sizeof(struct config);
>         __u32 exp_entries = 1;
>         int err;
>
>         /* BPF-info via bpf-syscall */
>         err = bpf_obj_get_info_by_fd(map_fd, &info, &info_len);
>         if (err) {
>                 fprintf(stderr, "ERR: %s() can't get info - %s\n",
>                         __func__,  strerror(errno));
>                 exit(EXIT_FAIL_BPF);
>         }
>
>         if (exp_value_size != info.value_size) {
>                 fprintf(stderr, "ERR: %s() "
>                         "Map value size(%d) mismatch expected size(%d)\n",
>                         __func__, info.value_size, exp_value_size);
>                 exit(EXIT_FAIL_BPF);
>         }
>
>         if (exp_entries != info.max_entries) {
>                 fprintf(stderr, "ERR: %s() "
>                         "Map max_entries(%d) mismatch expected entries(%d)\n",
>                         __func__, info.max_entries, exp_entries);
>                 exit(EXIT_FAIL_BPF);
>         }
> }
>
>
> struct config {
>         __u32 action;
>         int ifindex;
>         __u32 options;
> };
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ