lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 29 Jul 2020 10:09:05 +0200
From:   Jiri Olsa <jolsa@...hat.com>
To:     Eelco Chaudron <echaudro@...hat.com>
Cc:     Yonghong Song <yhs@...com>, bpf@...r.kernel.org,
        netdev@...r.kernel.org, ast@...nel.org, daniel@...earbox.net,
        kafai@...com, songliubraving@...com, andriin@...com,
        toke@...hat.com
Subject: Re: fentry/fexit attach to EXT type XDP program does not work

On Wed, Jul 29, 2020 at 08:23:56AM +0200, Eelco Chaudron wrote:

SNIP

> > > > > a patch
> > > > > that would nice.
> > > > > You can also send it to me before bpf-next opens and I can verify
> > > > > it, and
> > > > > clean up the self-test so it can be included as well.
> > > > > 
> > > > 
> > > > hi,
> > > > it seems that you cannot exten fentry/fexit programs,
> > > > but it's possible to attach fentry/fexit to ext program.
> > > > 
> > > >    /* Program extensions can extend all program types
> > > >     * except fentry/fexit. The reason is the following.
> > > >     * The fentry/fexit programs are used for performance
> > > >     * analysis, stats and can be attached to any program
> > > >     * type except themselves. When extension program is
> > > >     * replacing XDP function it is necessary to allow
> > > >     * performance analysis of all functions. Both original
> > > >     * XDP program and its program extension. Hence
> > > >     * attaching fentry/fexit to BPF_PROG_TYPE_EXT is
> > > >     * allowed. If extending of fentry/fexit was allowed it
> > > >     * would be possible to create long call chain
> > > >     * fentry->extension->fentry->extension beyond
> > > >     * reasonable stack size. Hence extending fentry is not
> > > >     * allowed.
> > > >     */
> > > > 
> > > > I changed fexit_bpf2bpf.c test just to do a quick check
> > > > and it seems to work:
> > > 
> > > Hi Jiri this is exactly what I’m trying, however when you do this
> > > where the
> > > first argument is a pointer to some context data which you are
> > > accessing
> > > it’s failing in the verifier.
> > > This is a link to the original email, which has a test patch
> > > attached that
> > > will show the failure when trying to load/attach the fentry function
> > > and
> > > access the context:
> > > 
> > > https://lore.kernel.org/bpf/159162546868.10791.12432342618156330247.stgit@ebuild/
> > 
> > ok, I tried to trace ext program with __sk_buff argument and I can see
> > the issue as well.. can't acess the skb argument
> > 
> > patch below fixes it for me, I can access the skb pointer and its data
> > via probe read, like:
> > 
> > 	SEC("fexit/new_get_skb_ifindex")
> > 	int BPF_PROG(fexit_new_get_skb_ifindex, int val, struct __sk_buff *skb,
> > int var, int ret)
> > 	{
> > 		__u32 data;
> > 		int err;
> > 
> > 		bpf_printk("EXIT skb %p", skb);
> > 		bpf_probe_read_kernel(&data, sizeof(data), &skb->data);
> > 		bpf_printk("EXIT ret %d, data %p", err, data);
> > 		return 0;
> > 	}
> > 
> > I think it should fix the xdp_md acess as well
> 
> Excellent patch ;) It works with xdp_md as well, and even better it does not
> require the bpf_probe_read_kernel(), so the test_xdp_bpf2bpf.c code just
> works.

great ;-) will check on xdp_md

> 
> Are you planning to send the patch upstream?

yep, I'll add some test for that and send it

thanks,
jirka

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ