lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 12 Feb 2020 11:52:52 +0100
From:   Jiri Olsa <jolsa@...hat.com>
To:     Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc:     Jiri Olsa <jolsa@...nel.org>, Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
        Andrii Nakryiko <andriin@...com>, Yonghong Song <yhs@...com>,
        Song Liu <songliubraving@...com>,
        Martin KaFai Lau <kafai@...com>,
        Jakub Kicinski <kuba@...nel.org>,
        David Miller <davem@...hat.com>,
        Björn Töpel <bjorn.topel@...el.com>,
        John Fastabend <john.fastabend@...il.com>,
        Jesper Dangaard Brouer <hawk@...nel.org>
Subject: Re: [PATCH 13/14] bpf: Add dispatchers to kallsyms

On Tue, Feb 11, 2020 at 11:03:23AM -0800, Andrii Nakryiko wrote:
> On Sat, Feb 8, 2020 at 7:43 AM Jiri Olsa <jolsa@...nel.org> wrote:
> >
> > Adding dispatchers to kallsyms. It's displayed as
> >   bpf_dispatcher_<NAME>
> >
> > where NAME is the name of dispatcher.
> >
> > Signed-off-by: Jiri Olsa <jolsa@...nel.org>
> > ---
> >  include/linux/bpf.h     | 19 ++++++++++++-------
> >  kernel/bpf/dispatcher.c |  6 ++++++
> >  2 files changed, 18 insertions(+), 7 deletions(-)
> >
> > diff --git a/include/linux/bpf.h b/include/linux/bpf.h
> > index b91bac10d3ea..837cdc093d2c 100644
> > --- a/include/linux/bpf.h
> > +++ b/include/linux/bpf.h
> > @@ -520,6 +520,7 @@ struct bpf_dispatcher {
> >         int num_progs;
> >         void *image;
> >         u32 image_off;
> > +       struct bpf_ksym ksym;
> >  };
> >
> >  static __always_inline unsigned int bpf_dispatcher_nop_func(
> > @@ -535,13 +536,17 @@ struct bpf_trampoline *bpf_trampoline_lookup(u64 key);
> >  int bpf_trampoline_link_prog(struct bpf_prog *prog);
> >  int bpf_trampoline_unlink_prog(struct bpf_prog *prog);
> >  void bpf_trampoline_put(struct bpf_trampoline *tr);
> > -#define BPF_DISPATCHER_INIT(name) {                    \
> > -       .mutex = __MUTEX_INITIALIZER(name.mutex),       \
> > -       .func = &name##_func,                           \
> > -       .progs = {},                                    \
> > -       .num_progs = 0,                                 \
> > -       .image = NULL,                                  \
> > -       .image_off = 0                                  \
> > +#define BPF_DISPATCHER_INIT(_name) {                           \
> > +       .mutex = __MUTEX_INITIALIZER(_name.mutex),              \
> > +       .func = &_name##_func,                                  \
> > +       .progs = {},                                            \
> > +       .num_progs = 0,                                         \
> > +       .image = NULL,                                          \
> > +       .image_off = 0,                                         \
> > +       .ksym = {                                               \
> > +               .name = #_name,                                 \
> > +               .lnode = LIST_HEAD_INIT(_name.ksym.lnode),      \
> > +       },                                                      \
> >  }
> >
> >  #define DEFINE_BPF_DISPATCHER(name)                                    \
> > diff --git a/kernel/bpf/dispatcher.c b/kernel/bpf/dispatcher.c
> > index b3e5b214fed8..8771d2cc5840 100644
> > --- a/kernel/bpf/dispatcher.c
> > +++ b/kernel/bpf/dispatcher.c
> > @@ -152,6 +152,12 @@ void bpf_dispatcher_change_prog(struct bpf_dispatcher *d, struct bpf_prog *from,
> >         if (!changed)
> >                 goto out;
> >
> > +       if (!prev_num_progs)
> > +               bpf_image_ksym_add(d->image, &d->ksym);
> > +
> > +       if (!d->num_progs)
> > +               bpf_ksym_del(&d->ksym);
> > +
> >         bpf_dispatcher_update(d, prev_num_progs);
> 
> On slightly unrelated note: seems like bpf_dispatcher_update won't
> propagate any lower-level errors back, which seems pretty bad as a
> bunch of stuff can go wrong.
> 
> Björn, was it a conscious decision or this just slipped through the cracks?
> 
> Jiri, reason I started looking at this was twofold:
> 1. you add/remove symbol before dispatcher is updated, which is
> different order from BPF trampoline updates. I think updating symbols
> after successful update makes more sense, no?

right, I guess I did not care, because there's no error returned
from bpf_dispatcher_update as you pointed out.. I'll check if we
can add that and add/del symbols afterwards

> 2. I was wondering if bpf_dispatcher_update() could return 0/1 (and <0
> on error, of course), depending on whether dispatcher is present or
> not. Though I'm not hard set on this.

yes, that might be a way.. I'll check

thanks,
jirka

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ