| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 May 2020 12:51:58 -0700
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Yonghong Song <yhs@...com>
Cc: Andrii Nakryiko <andriin@...com>, bpf <bpf@...r.kernel.org>,
Martin KaFai Lau <kafai@...com>,
Networking <netdev@...r.kernel.org>,
Alexei Starovoitov <ast@...com>,
Daniel Borkmann <daniel@...earbox.net>,
Kernel Team <kernel-team@...com>
Subject: Re: [PATCH bpf-next v3 18/21] tools/bpftool: add bpf_iter support for bptool
On Wed, May 6, 2020 at 10:40 PM Yonghong Song <yhs@...com> wrote:
>
> Currently, only one command is supported
> bpftool iter pin <bpf_prog.o> <path>
>
> It will pin the trace/iter bpf program in
> the object file <bpf_prog.o> to the <path>
> where <path> should be on a bpffs mount.
>
> For example,
> $ bpftool iter pin ./bpf_iter_ipv6_route.o \
> /sys/fs/bpf/my_route
> User can then do a `cat` to print out the results:
> $ cat /sys/fs/bpf/my_route
> fe800000000000000000000000000000 40 00000000000000000000000000000000 ...
> 00000000000000000000000000000000 00 00000000000000000000000000000000 ...
> 00000000000000000000000000000001 80 00000000000000000000000000000000 ...
> fe800000000000008c0162fffebdfd57 80 00000000000000000000000000000000 ...
> ff000000000000000000000000000000 08 00000000000000000000000000000000 ...
> 00000000000000000000000000000000 00 00000000000000000000000000000000 ...
>
> The implementation for ipv6_route iterator is in one of subsequent
> patches.
>
> This patch also added BPF_LINK_TYPE_ITER to link query.
>
> In the future, we may add additional parameters to pin command
> by parameterizing the bpf iterator. For example, a map_id or pid
> may be added to let bpf program only traverses a single map or task,
> similar to kernel seq_file single_open().
>
> We may also add introspection command for targets/iterators by
> leveraging the bpf_iter itself.
>
> Signed-off-by: Yonghong Song <yhs@...com>
> ---
> .../bpftool/Documentation/bpftool-iter.rst | 83 ++++++++++++++++++
> tools/bpf/bpftool/bash-completion/bpftool | 13 +++
> tools/bpf/bpftool/iter.c | 84 +++++++++++++++++++
> tools/bpf/bpftool/link.c | 1 +
> tools/bpf/bpftool/main.c | 3 +-
> tools/bpf/bpftool/main.h | 1 +
> 6 files changed, 184 insertions(+), 1 deletion(-)
> create mode 100644 tools/bpf/bpftool/Documentation/bpftool-iter.rst
> create mode 100644 tools/bpf/bpftool/iter.c
>
[...]
> diff --git a/tools/bpf/bpftool/iter.c b/tools/bpf/bpftool/iter.c
> new file mode 100644
> index 000000000000..a8fb1349c103
> --- /dev/null
> +++ b/tools/bpf/bpftool/iter.c
> @@ -0,0 +1,84 @@
> +// SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +// Copyright (C) 2020 Facebook
> +
> +#define _GNU_SOURCE
> +#include <linux/err.h>
> +#include <bpf/libbpf.h>
> +
> +#include "main.h"
> +
> +static int do_pin(int argc, char **argv)
> +{
> + const char *objfile, *path;
> + struct bpf_program *prog;
> + struct bpf_object *obj;
> + struct bpf_link *link;
> + int err;
> +
> + if (!REQ_ARGS(2))
> + usage();
> +
> + objfile = GET_ARG();
> + path = GET_ARG();
> +
> + obj = bpf_object__open(objfile);
> + if (IS_ERR_OR_NULL(obj)) {
nit: can't be NULL
> + p_err("can't open objfile %s", objfile);
> + return -1;
> + }
> +
> + err = bpf_object__load(obj);
> + if (err) {
> + p_err("can't load objfile %s", objfile);
> + goto close_obj;
> + }
> +
> + prog = bpf_program__next(NULL, obj);
check for null and printf error? Crashing is not good.
> + link = bpf_program__attach_iter(prog, NULL);
> + if (IS_ERR(link)) {
> + err = PTR_ERR(link);
> + p_err("attach_iter failed for program %s",
> + bpf_program__name(prog));
> + goto close_obj;
> + }
> +
> + err = mount_bpffs_for_pin(path);
> + if (err)
> + goto close_link;
> +
> + err = bpf_link__pin(link, path);
> + if (err) {
> + p_err("pin_iter failed for program %s to path %s",
> + bpf_program__name(prog), path);
> + goto close_link;
> + }
> +
> +close_link:
> + bpf_link__disconnect(link);
this is wrong, just destroy()
> + bpf_link__destroy(link);
> +close_obj:
> + bpf_object__close(obj);
> + return err;
> +}
> +
[...]
Powered by blists - more mailing lists