lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Tue, 15 Sep 2020 18:07:01 -0700
From:   Andrii Nakryiko <andrii.nakryiko@...il.com>
To:     Stanislav Fomichev <sdf@...gle.com>
Cc:     Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
        "David S. Miller" <davem@...emloft.net>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        YiFei Zhu <zhuyifei1999@...il.com>
Subject: Re: [PATCH bpf-next v6 0/5] Allow storage of flexible metadata
 information for eBPF programs

On Tue, Sep 15, 2020 at 4:47 PM Stanislav Fomichev <sdf@...gle.com> wrote:
>
> Currently, if a user wants to store arbitrary metadata for an eBPF
> program, for example, the program build commit hash or version, they
> could store it in a map, and conveniently libbpf uses .data section to
> populate an internal map. However, if the program does not actually
> reference the map, then the map would be de-refcounted and freed.
>
> This patch set introduces a new syscall BPF_PROG_BIND_MAP to add a map
> to a program's used_maps, even if the program instructions does not
> reference the map.
>
> libbpf is extended to always BPF_PROG_BIND_MAP .rodata section so the
> metadata is kept in place.
> bpftool is also extended to print metadata in the 'bpftool prog' list.
>
> The variable is considered metadata if it starts with the
> magic 'bpf_metadata_' prefix; everything after the prefix is the
> metadata name.
>
> An example use of this would be BPF C file declaring:
>
>   volatile const char bpf_metadata_commit_hash[] SEC(".rodata") = "abcdef123456";
>
> and bpftool would emit:
>
>   $ bpftool prog
>   [...]
>         metadata:
>                 commit_hash = "abcdef123456"
>

[...]

>
> Cc: YiFei Zhu <zhuyifei1999@...il.com>
>
> YiFei Zhu (5):
>   bpf: Mutex protect used_maps array and count
>   bpf: Add BPF_PROG_BIND_MAP syscall
>   libbpf: Add BPF_PROG_BIND_MAP syscall and use it on .rodata section
>   bpftool: support dumping metadata
>   selftests/bpf: Test load and dump metadata with btftool and skel
>
>  .../net/ethernet/netronome/nfp/bpf/offload.c  |  18 +-
>  include/linux/bpf.h                           |   1 +
>  include/uapi/linux/bpf.h                      |   7 +
>  kernel/bpf/core.c                             |  15 +-
>  kernel/bpf/syscall.c                          |  79 ++++++-
>  net/core/dev.c                                |  11 +-
>  tools/bpf/bpftool/json_writer.c               |   6 +
>  tools/bpf/bpftool/json_writer.h               |   3 +
>  tools/bpf/bpftool/prog.c                      | 199 ++++++++++++++++++
>  tools/include/uapi/linux/bpf.h                |   7 +
>  tools/lib/bpf/bpf.c                           |  16 ++
>  tools/lib/bpf/bpf.h                           |   8 +
>  tools/lib/bpf/libbpf.c                        |  69 ++++++
>  tools/lib/bpf/libbpf.map                      |   1 +
>  tools/testing/selftests/bpf/Makefile          |   3 +-
>  .../selftests/bpf/prog_tests/metadata.c       | 141 +++++++++++++
>  .../selftests/bpf/progs/metadata_unused.c     |  15 ++
>  .../selftests/bpf/progs/metadata_used.c       |  15 ++
>  .../selftests/bpf/test_bpftool_metadata.sh    |  82 ++++++++
>  19 files changed, 678 insertions(+), 18 deletions(-)
>  create mode 100644 tools/testing/selftests/bpf/prog_tests/metadata.c
>  create mode 100644 tools/testing/selftests/bpf/progs/metadata_unused.c
>  create mode 100644 tools/testing/selftests/bpf/progs/metadata_used.c
>  create mode 100755 tools/testing/selftests/bpf/test_bpftool_metadata.sh
>
> --
> 2.28.0.618.gf4bc123cb7-goog
>

LGTM, thanks!

Acked-by: Andrii Nakryiko <andriin@...com>

Powered by blists - more mailing lists