lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 8 May 2020 12:51:58 -0700
From:   Andrii Nakryiko <andrii.nakryiko@...il.com>
To:     Yonghong Song <yhs@...com>
Cc:     Andrii Nakryiko <andriin@...com>, bpf <bpf@...r.kernel.org>,
        Martin KaFai Lau <kafai@...com>,
        Networking <netdev@...r.kernel.org>,
        Alexei Starovoitov <ast@...com>,
        Daniel Borkmann <daniel@...earbox.net>,
        Kernel Team <kernel-team@...com>
Subject: Re: [PATCH bpf-next v3 18/21] tools/bpftool: add bpf_iter support for bptool

On Wed, May 6, 2020 at 10:40 PM Yonghong Song <yhs@...com> wrote:
>
> Currently, only one command is supported
>   bpftool iter pin <bpf_prog.o> <path>
>
> It will pin the trace/iter bpf program in
> the object file <bpf_prog.o> to the <path>
> where <path> should be on a bpffs mount.
>
> For example,
>   $ bpftool iter pin ./bpf_iter_ipv6_route.o \
>     /sys/fs/bpf/my_route
> User can then do a `cat` to print out the results:
>   $ cat /sys/fs/bpf/my_route
>     fe800000000000000000000000000000 40 00000000000000000000000000000000 ...
>     00000000000000000000000000000000 00 00000000000000000000000000000000 ...
>     00000000000000000000000000000001 80 00000000000000000000000000000000 ...
>     fe800000000000008c0162fffebdfd57 80 00000000000000000000000000000000 ...
>     ff000000000000000000000000000000 08 00000000000000000000000000000000 ...
>     00000000000000000000000000000000 00 00000000000000000000000000000000 ...
>
> The implementation for ipv6_route iterator is in one of subsequent
> patches.
>
> This patch also added BPF_LINK_TYPE_ITER to link query.
>
> In the future, we may add additional parameters to pin command
> by parameterizing the bpf iterator. For example, a map_id or pid
> may be added to let bpf program only traverses a single map or task,
> similar to kernel seq_file single_open().
>
> We may also add introspection command for targets/iterators by
> leveraging the bpf_iter itself.
>
> Signed-off-by: Yonghong Song <yhs@...com>
> ---
>  .../bpftool/Documentation/bpftool-iter.rst    | 83 ++++++++++++++++++
>  tools/bpf/bpftool/bash-completion/bpftool     | 13 +++
>  tools/bpf/bpftool/iter.c                      | 84 +++++++++++++++++++
>  tools/bpf/bpftool/link.c                      |  1 +
>  tools/bpf/bpftool/main.c                      |  3 +-
>  tools/bpf/bpftool/main.h                      |  1 +
>  6 files changed, 184 insertions(+), 1 deletion(-)
>  create mode 100644 tools/bpf/bpftool/Documentation/bpftool-iter.rst
>  create mode 100644 tools/bpf/bpftool/iter.c
>

[...]

> diff --git a/tools/bpf/bpftool/iter.c b/tools/bpf/bpftool/iter.c
> new file mode 100644
> index 000000000000..a8fb1349c103
> --- /dev/null
> +++ b/tools/bpf/bpftool/iter.c
> @@ -0,0 +1,84 @@
> +// SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +// Copyright (C) 2020 Facebook
> +
> +#define _GNU_SOURCE
> +#include <linux/err.h>
> +#include <bpf/libbpf.h>
> +
> +#include "main.h"
> +
> +static int do_pin(int argc, char **argv)
> +{
> +       const char *objfile, *path;
> +       struct bpf_program *prog;
> +       struct bpf_object *obj;
> +       struct bpf_link *link;
> +       int err;
> +
> +       if (!REQ_ARGS(2))
> +               usage();
> +
> +       objfile = GET_ARG();
> +       path = GET_ARG();
> +
> +       obj = bpf_object__open(objfile);
> +       if (IS_ERR_OR_NULL(obj)) {

nit: can't be NULL

> +               p_err("can't open objfile %s", objfile);
> +               return -1;
> +       }
> +
> +       err = bpf_object__load(obj);
> +       if (err) {
> +               p_err("can't load objfile %s", objfile);
> +               goto close_obj;
> +       }
> +
> +       prog = bpf_program__next(NULL, obj);

check for null and printf error? Crashing is not good.

> +       link = bpf_program__attach_iter(prog, NULL);
> +       if (IS_ERR(link)) {
> +               err = PTR_ERR(link);
> +               p_err("attach_iter failed for program %s",
> +                     bpf_program__name(prog));
> +               goto close_obj;
> +       }
> +
> +       err = mount_bpffs_for_pin(path);
> +       if (err)
> +               goto close_link;
> +
> +       err = bpf_link__pin(link, path);
> +       if (err) {
> +               p_err("pin_iter failed for program %s to path %s",
> +                     bpf_program__name(prog), path);
> +               goto close_link;
> +       }
> +
> +close_link:
> +       bpf_link__disconnect(link);

this is wrong, just destroy()

> +       bpf_link__destroy(link);
> +close_obj:
> +       bpf_object__close(obj);
> +       return err;
> +}
> +

[...]

Powered by blists - more mailing lists