| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 May 2020 18:36:10 -0700
From: Yonghong Song <yhs@...com>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
CC: Andrii Nakryiko <andriin@...com>, bpf <bpf@...r.kernel.org>,
Martin KaFai Lau <kafai@...com>,
Networking <netdev@...r.kernel.org>,
Alexei Starovoitov <ast@...com>,
Daniel Borkmann <daniel@...earbox.net>,
Kernel Team <kernel-team@...com>
Subject: Re: [PATCH bpf-next v3 03/21] bpf: support bpf tracing/iter programs
for BPF_LINK_CREATE
On 5/8/20 11:24 AM, Andrii Nakryiko wrote:
> On Wed, May 6, 2020 at 10:41 PM Yonghong Song <yhs@...com> wrote:
>>
>> Given a bpf program, the step to create an anonymous bpf iterator is:
>> - create a bpf_iter_link, which combines bpf program and the target.
>> In the future, there could be more information recorded in the link.
>> A link_fd will be returned to the user space.
>> - create an anonymous bpf iterator with the given link_fd.
>>
>> The bpf_iter_link can be pinned to bpffs mount file system to
>> create a file based bpf iterator as well.
>>
>> The benefit to use of bpf_iter_link:
>> - using bpf link simplifies design and implementation as bpf link
>> is used for other tracing bpf programs.
>> - for file based bpf iterator, bpf_iter_link provides a standard
>> way to replace underlying bpf programs.
>> - for both anonymous and free based iterators, bpf link query
>> capability can be leveraged.
>>
>> The patch added support of tracing/iter programs for BPF_LINK_CREATE.
>> A new link type BPF_LINK_TYPE_ITER is added to facilitate link
>> querying. Currently, only prog_id is needed, so there is no
>> additional in-kernel show_fdinfo() and fill_link_info() hook
>> is needed for BPF_LINK_TYPE_ITER link.
>>
>> Acked-by: Andrii Nakryiko <andriin@...com>
>> Signed-off-by: Yonghong Song <yhs@...com>
>> ---
>
> still looks good, but I realized show_fdinfo and fill_link_info is
> missing, see request for a follow-up below :)
>
>
>> include/linux/bpf.h | 1 +
>> include/linux/bpf_types.h | 1 +
>> include/uapi/linux/bpf.h | 1 +
>> kernel/bpf/bpf_iter.c | 62 ++++++++++++++++++++++++++++++++++
>> kernel/bpf/syscall.c | 14 ++++++++
>> tools/include/uapi/linux/bpf.h | 1 +
>> 6 files changed, 80 insertions(+)
>>
>
> [...]
>
>> +static const struct bpf_link_ops bpf_iter_link_lops = {
>> + .release = bpf_iter_link_release,
>> + .dealloc = bpf_iter_link_dealloc,
>> +};
>
> Link infra supports .show_fdinfo and .fill_link_info methods, there is
> no need to block on this, but it would be great to implement them from
> BPF_LINK_TYPE_ITER as well in the same release as a follow-up. Thanks!
The reason I did not implement is due to we do not have additional
information beyond prog_id to present. The prog_id itself gives all
information about this link. I looked at tracing program
show_fdinfo/fill_link_info, the additional attach_type is printed.
But attach_type is obvious for BPF_LINK_TYPE_ITER which does not
need print.
In the future when we add more stuff to parameterize the bpf_iter,
will need to implement these two callbacks as well as bpftool.
>
>
> [...]
>
Powered by blists - more mailing lists