| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Feb 2020 11:03:23 -0800
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Jiri Olsa <jolsa@...nel.org>
Cc: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
Andrii Nakryiko <andriin@...com>, Yonghong Song <yhs@...com>,
Song Liu <songliubraving@...com>,
Martin KaFai Lau <kafai@...com>,
Jakub Kicinski <kuba@...nel.org>,
David Miller <davem@...hat.com>,
Björn Töpel <bjorn.topel@...el.com>,
John Fastabend <john.fastabend@...il.com>,
Jesper Dangaard Brouer <hawk@...nel.org>
Subject: Re: [PATCH 13/14] bpf: Add dispatchers to kallsyms
On Sat, Feb 8, 2020 at 7:43 AM Jiri Olsa <jolsa@...nel.org> wrote:
>
> Adding dispatchers to kallsyms. It's displayed as
> bpf_dispatcher_<NAME>
>
> where NAME is the name of dispatcher.
>
> Signed-off-by: Jiri Olsa <jolsa@...nel.org>
> ---
> include/linux/bpf.h | 19 ++++++++++++-------
> kernel/bpf/dispatcher.c | 6 ++++++
> 2 files changed, 18 insertions(+), 7 deletions(-)
>
> diff --git a/include/linux/bpf.h b/include/linux/bpf.h
> index b91bac10d3ea..837cdc093d2c 100644
> --- a/include/linux/bpf.h
> +++ b/include/linux/bpf.h
> @@ -520,6 +520,7 @@ struct bpf_dispatcher {
> int num_progs;
> void *image;
> u32 image_off;
> + struct bpf_ksym ksym;
> };
>
> static __always_inline unsigned int bpf_dispatcher_nop_func(
> @@ -535,13 +536,17 @@ struct bpf_trampoline *bpf_trampoline_lookup(u64 key);
> int bpf_trampoline_link_prog(struct bpf_prog *prog);
> int bpf_trampoline_unlink_prog(struct bpf_prog *prog);
> void bpf_trampoline_put(struct bpf_trampoline *tr);
> -#define BPF_DISPATCHER_INIT(name) { \
> - .mutex = __MUTEX_INITIALIZER(name.mutex), \
> - .func = &name##_func, \
> - .progs = {}, \
> - .num_progs = 0, \
> - .image = NULL, \
> - .image_off = 0 \
> +#define BPF_DISPATCHER_INIT(_name) { \
> + .mutex = __MUTEX_INITIALIZER(_name.mutex), \
> + .func = &_name##_func, \
> + .progs = {}, \
> + .num_progs = 0, \
> + .image = NULL, \
> + .image_off = 0, \
> + .ksym = { \
> + .name = #_name, \
> + .lnode = LIST_HEAD_INIT(_name.ksym.lnode), \
> + }, \
> }
>
> #define DEFINE_BPF_DISPATCHER(name) \
> diff --git a/kernel/bpf/dispatcher.c b/kernel/bpf/dispatcher.c
> index b3e5b214fed8..8771d2cc5840 100644
> --- a/kernel/bpf/dispatcher.c
> +++ b/kernel/bpf/dispatcher.c
> @@ -152,6 +152,12 @@ void bpf_dispatcher_change_prog(struct bpf_dispatcher *d, struct bpf_prog *from,
> if (!changed)
> goto out;
>
> + if (!prev_num_progs)
> + bpf_image_ksym_add(d->image, &d->ksym);
> +
> + if (!d->num_progs)
> + bpf_ksym_del(&d->ksym);
> +
> bpf_dispatcher_update(d, prev_num_progs);
On slightly unrelated note: seems like bpf_dispatcher_update won't
propagate any lower-level errors back, which seems pretty bad as a
bunch of stuff can go wrong.
Björn, was it a conscious decision or this just slipped through the cracks?
Jiri, reason I started looking at this was twofold:
1. you add/remove symbol before dispatcher is updated, which is
different order from BPF trampoline updates. I think updating symbols
after successful update makes more sense, no?
2. I was wondering if bpf_dispatcher_update() could return 0/1 (and <0
on error, of course), depending on whether dispatcher is present or
not. Though I'm not hard set on this.
> out:
> mutex_unlock(&d->mutex);
> --
> 2.24.1
>
Powered by blists - more mailing lists