lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <cover.1600417359.git.Tony.Ambardar@gmail.com>
Date:   Sat, 19 Sep 2020 22:01:32 -0700
From:   Tony Ambardar <tony.ambardar@...il.com>
To:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>
Cc:     Tony Ambardar <Tony.Ambardar@...il.com>, netdev@...r.kernel.org,
        bpf@...r.kernel.org, linux-arch@...r.kernel.org,
        Arnd Bergmann <arnd@...db.de>
Subject: [PATCH bpf v1 0/3] fix BTF usage on embedded systems

Hello,

I've been experimenting with BPF and BTF on small, emebedded platforms
requiring cross-compilation to varying archs, word-sizes, and endianness.
These environments are not the most common for the majority of eBPF users,
and have exposed multiple problems with basic functionality. This patch
series addresses some of these issues.

Enabling BTF support in the kernel can sometimes result in sysfs export
of /sys/kernel/btf/vmlinux as a zero-length file, which is still readable
and seen to leak non-zero kernel data. Patch #1 adds a sanity-check to
avoid this situation.

Small systems commonly enable LD_DEAD_CODE_DATA_ELIMINATION, which causes
the .BTF section data to be incorrectly removed and can trigger the problem
above. Patch #2 preserves the BTF data.

Even if BTF data is generated and embedded in the kernel, it may be encoded
as non-native endianness due to another bug [1] currently being worked on.
Patch #3 lets bpftool recognize the wrong BTF endianness rather than output
a confusing/misleading ELF header error message.

Patches #1 and #2 were first developed for Linux 5.4.x and should be
backported if possible. Feedback and suggestions for improvement are
welcome!

Thanks,
Tony

[1] https://lore.kernel.org/bpf/CAPGftE8ipAacAnm9xMHFabXCL-XrCXGmOsX-Nsjvz9wnh3Zx-w@mail.gmail.com/

Tony Ambardar (3):
  bpf: fix sysfs export of empty BTF section
  bpf: prevent .BTF section elimination
  libbpf: fix native endian assumption when parsing BTF

 include/asm-generic/vmlinux.lds.h | 2 +-
 kernel/bpf/sysfs_btf.c            | 6 +++---
 tools/lib/bpf/btf.c               | 6 ++++++
 3 files changed, 10 insertions(+), 4 deletions(-)

-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ