| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Sep 2020 18:07:01 -0700
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Stanislav Fomichev <sdf@...gle.com>
Cc: Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
"David S. Miller" <davem@...emloft.net>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
YiFei Zhu <zhuyifei1999@...il.com>
Subject: Re: [PATCH bpf-next v6 0/5] Allow storage of flexible metadata
information for eBPF programs
On Tue, Sep 15, 2020 at 4:47 PM Stanislav Fomichev <sdf@...gle.com> wrote:
>
> Currently, if a user wants to store arbitrary metadata for an eBPF
> program, for example, the program build commit hash or version, they
> could store it in a map, and conveniently libbpf uses .data section to
> populate an internal map. However, if the program does not actually
> reference the map, then the map would be de-refcounted and freed.
>
> This patch set introduces a new syscall BPF_PROG_BIND_MAP to add a map
> to a program's used_maps, even if the program instructions does not
> reference the map.
>
> libbpf is extended to always BPF_PROG_BIND_MAP .rodata section so the
> metadata is kept in place.
> bpftool is also extended to print metadata in the 'bpftool prog' list.
>
> The variable is considered metadata if it starts with the
> magic 'bpf_metadata_' prefix; everything after the prefix is the
> metadata name.
>
> An example use of this would be BPF C file declaring:
>
> volatile const char bpf_metadata_commit_hash[] SEC(".rodata") = "abcdef123456";
>
> and bpftool would emit:
>
> $ bpftool prog
> [...]
> metadata:
> commit_hash = "abcdef123456"
>
[...]
>
> Cc: YiFei Zhu <zhuyifei1999@...il.com>
>
> YiFei Zhu (5):
> bpf: Mutex protect used_maps array and count
> bpf: Add BPF_PROG_BIND_MAP syscall
> libbpf: Add BPF_PROG_BIND_MAP syscall and use it on .rodata section
> bpftool: support dumping metadata
> selftests/bpf: Test load and dump metadata with btftool and skel
>
> .../net/ethernet/netronome/nfp/bpf/offload.c | 18 +-
> include/linux/bpf.h | 1 +
> include/uapi/linux/bpf.h | 7 +
> kernel/bpf/core.c | 15 +-
> kernel/bpf/syscall.c | 79 ++++++-
> net/core/dev.c | 11 +-
> tools/bpf/bpftool/json_writer.c | 6 +
> tools/bpf/bpftool/json_writer.h | 3 +
> tools/bpf/bpftool/prog.c | 199 ++++++++++++++++++
> tools/include/uapi/linux/bpf.h | 7 +
> tools/lib/bpf/bpf.c | 16 ++
> tools/lib/bpf/bpf.h | 8 +
> tools/lib/bpf/libbpf.c | 69 ++++++
> tools/lib/bpf/libbpf.map | 1 +
> tools/testing/selftests/bpf/Makefile | 3 +-
> .../selftests/bpf/prog_tests/metadata.c | 141 +++++++++++++
> .../selftests/bpf/progs/metadata_unused.c | 15 ++
> .../selftests/bpf/progs/metadata_used.c | 15 ++
> .../selftests/bpf/test_bpftool_metadata.sh | 82 ++++++++
> 19 files changed, 678 insertions(+), 18 deletions(-)
> create mode 100644 tools/testing/selftests/bpf/prog_tests/metadata.c
> create mode 100644 tools/testing/selftests/bpf/progs/metadata_unused.c
> create mode 100644 tools/testing/selftests/bpf/progs/metadata_used.c
> create mode 100755 tools/testing/selftests/bpf/test_bpftool_metadata.sh
>
> --
> 2.28.0.618.gf4bc123cb7-goog
>
LGTM, thanks!
Acked-by: Andrii Nakryiko <andriin@...com>
Powered by blists - more mailing lists