lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Apr 2020 13:21:56 -0700
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Toke Høiland-Jørgensen <toke@...hat.com>
Cc:     Daniel Borkmann <daniel@...earbox.net>,
        Andrii Nakryiko <andriin@...com>,
        "David S. Miller" <davem@...emloft.net>,
        Andrey Ignatov <rdna@...com>,
        Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>
Subject: bpf: ability to attach freplace to multiple parents

On Fri, Mar 27, 2020 at 12:11:15PM +0100, Toke Høiland-Jørgensen wrote:
> 
> Current code is in [0], for those following along. There are two bits of
> kernel support missing before I can get it to where I want it for an
> initial "release": Atomic replace of the dispatcher (this series), and
> the ability to attach an freplace program to more than one "parent".
> I'll try to get an RFC out for the latter during the merge window, but
> I'll probably need some help in figuring out how to make it safe from
> the verifier PoV.

I have some thoughts on the second part "ability to attach an freplace
to more than one 'parent'".
I think the solution should be more generic than just freplace.
fentry/fexit need to have the same feature.
Few folks already said that they want to attach fentry to multiple
kernel functions. It's similar to what people do with kprobe progs now.
(attach to multiple and differentiate attach point based on parent IP)
Similarly "bpftool profile" needs it to avoid creating new pair of fentry/fexit
progs for every target bpf prog it's collecting stats about.
I didn't add this ability to fentry/fexit/freplace only to simplify
initial implementation ;) I think the time had come.
Currently fentry/fexit/freplace progs have single prog->aux->linked_prog pointer.
It just needs to become a linked list.
The api extension could be like this:
bpf_raw_tp_open(prog_fd, attach_prog_fd, attach_btf_id);
(currently it's just bpf_raw_tp_open(prog_fd))
The same pair of (attach_prog_fd, attach_btf_id) is already passed into prog_load
to hold the linked_prog and its corresponding btf_id.
I'm proposing to extend raw_tp_open with this pair as well to
attach existing fentry/fexit/freplace prog to another target.
Internally the kernel verify that btf of current linked_prog
exactly matches to btf of another requested linked_prog and
if they match it will attach the same prog to two target programs (in case of freplace)
or two kernel functions (in case of fentry/fexit).

Toke, Andrey,
if above kinda makes sense from high level description
I can prototype it quickly and then we can discuss details
in the patches ?
Or we can drill further into details and discuss corner cases.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ