| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Jun 2020 00:12:50 +0200
From: Jiri Olsa <jolsa@...nel.org>
To: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>
Cc: netdev@...r.kernel.org, bpf@...r.kernel.org,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Martin KaFai Lau <kafai@...com>,
David Miller <davem@...hat.com>,
John Fastabend <john.fastabend@...il.com>,
Wenbo Zhang <ethercflow@...il.com>,
KP Singh <kpsingh@...omium.org>,
Andrii Nakryiko <andriin@...com>,
Brendan Gregg <bgregg@...flix.com>,
Florent Revest <revest@...omium.org>,
Al Viro <viro@...iv.linux.org.uk>
Subject: [PATCH v4 bpf-next 00/14] bpf: Add d_path helper
hi,
adding d_path helper to return full path for 'path' object.
In a preparation for that, this patchset also adds support for BTF ID
whitelists, because d_path can't be called from any probe due to its
locks usage. The whitelists allow verifier to check if the caller is
one of the functions from the whitelist.
The whitelist is implemented in a generic way. This patchset introduces
macros that allow to define lists of BTF IDs, which are compiled in
the kernel image in a new .BTF.ids ELF section.
The generic way of BTF ID lists allows us to use them in other places
in kernel (than just for whitelists), that could use static BTF ID
values compiled in and it's also implemented in this patchset.
I originally added and used 'file_path' helper, which did the same,
but used 'struct file' object. Then realized that file_path is just
a wrapper for d_path, so we'd cover more calling sites if we add
d_path helper and allowed resolving BTF object within another object,
so we could call d_path also with file pointer, like:
bpf_d_path(&file->f_path, buf, size);
This feature is mainly to be able to add dpath (filepath originally)
function to bpftrace:
# bpftrace -e 'kfunc:vfs_open { printf("%s\n", dpath(args->path)); }'
v4 changes:
- added ID sanity checks in btf_resolve_helper_id [Andrii]
- resolve bpf_ctx_convert via BTF_ID [Andrii]
- keep bpf_access_type in btf_struct_access [Andrii]
- rename whitelist to se and use struct btf_id_set [Andrii]
- several fixes for d_path prog/verifier tests [Andrii]
- added union and typedefs types support [Andrii]
- rename btfid to resolve_btfids [Andrii]
- fix segfault in resolve_btfids [John]
- rename section from .BTF_ids .BTF.ids (following .BTF.ext example)
- add .BTF.ids section info into btf.rst [John]
- updated over letter with more details [John]
Also available at:
https://git.kernel.org/pub/scm/linux/kernel/git/jolsa/perf.git
bpf/d_path
thanks,
jirka
---
Jiri Olsa (14):
bpf: Add resolve_btfids tool to resolve BTF IDs in ELF object
bpf: Compile resolve_btfids tool at kernel compilation start
bpf: Add BTF_ID_LIST/BTF_ID macros
bpf: Resolve BTF IDs in vmlinux image
bpf: Remove btf_id helpers resolving
bpf: Use BTF_ID to resolve bpf_ctx_convert struct
bpf: Allow nested BTF object to be refferenced by BTF object + offset
bpf: Add BTF_SET_START/END macros
bpf: Add info about .BTF.ids section to btf.rst
bpf: Add d_path helper
tools headers: Adopt verbatim copy of btf_ids.h from kernel sources
selftests/bpf: Add verifier test for d_path helper
selftests/bpf: Add test for d_path helper
selftests/bpf: Add test for resolve_btfids
Documentation/bpf/btf.rst | 53 ++++++++
Makefile | 25 +++-
include/asm-generic/vmlinux.lds.h | 4 +
include/linux/bpf.h | 7 +
include/linux/btf_ids.h | 108 ++++++++++++++++
include/uapi/linux/bpf.h | 14 +-
kernel/bpf/btf.c | 169 ++++++++++++------------
kernel/bpf/verifier.c | 42 ++++--
kernel/trace/bpf_trace.c | 56 +++++++-
net/core/filter.c | 9 +-
scripts/bpf_helpers_doc.py | 2 +
scripts/link-vmlinux.sh | 6 +
tools/Makefile | 3 +
tools/bpf/Makefile | 5 +-
tools/bpf/resolve_btfids/Build | 26 ++++
tools/bpf/resolve_btfids/Makefile | 76 +++++++++++
tools/bpf/resolve_btfids/main.c | 716 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tools/include/linux/btf_ids.h | 108 ++++++++++++++++
tools/include/linux/compiler.h | 4 +
tools/include/uapi/linux/bpf.h | 14 +-
tools/testing/selftests/bpf/Makefile | 20 ++-
tools/testing/selftests/bpf/prog_tests/d_path.c | 145 +++++++++++++++++++++
tools/testing/selftests/bpf/progs/test_d_path.c | 50 +++++++
tools/testing/selftests/bpf/test_resolve_btfids.c | 201 +++++++++++++++++++++++++++++
tools/testing/selftests/bpf/test_verifier.c | 19 ++-
tools/testing/selftests/bpf/verifier/d_path.c | 37 ++++++
26 files changed, 1806 insertions(+), 113 deletions(-)
create mode 100644 include/linux/btf_ids.h
create mode 100644 tools/bpf/resolve_btfids/Build
create mode 100644 tools/bpf/resolve_btfids/Makefile
create mode 100644 tools/bpf/resolve_btfids/main.c
create mode 100644 tools/include/linux/btf_ids.h
create mode 100644 tools/testing/selftests/bpf/prog_tests/d_path.c
create mode 100644 tools/testing/selftests/bpf/progs/test_d_path.c
create mode 100644 tools/testing/selftests/bpf/test_resolve_btfids.c
create mode 100644 tools/testing/selftests/bpf/verifier/d_path.c
Powered by blists - more mailing lists