lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 21 Sep 2020 22:52:42 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Tony Ambardar <tony.ambardar@...il.com>,
        Alexei Starovoitov <ast@...nel.org>
Cc:     netdev@...r.kernel.org, bpf@...r.kernel.org,
        linux-arch@...r.kernel.org, Arnd Bergmann <arnd@...db.de>
Subject: Re: [PATCH bpf v1 0/3] fix BTF usage on embedded systems

On 9/20/20 7:01 AM, Tony Ambardar wrote:
> Hello,
> 
> I've been experimenting with BPF and BTF on small, emebedded platforms
> requiring cross-compilation to varying archs, word-sizes, and endianness.
> These environments are not the most common for the majority of eBPF users,
> and have exposed multiple problems with basic functionality. This patch
> series addresses some of these issues.
> 
> Enabling BTF support in the kernel can sometimes result in sysfs export
> of /sys/kernel/btf/vmlinux as a zero-length file, which is still readable
> and seen to leak non-zero kernel data. Patch #1 adds a sanity-check to
> avoid this situation.
> 
> Small systems commonly enable LD_DEAD_CODE_DATA_ELIMINATION, which causes
> the .BTF section data to be incorrectly removed and can trigger the problem
> above. Patch #2 preserves the BTF data.
> 
> Even if BTF data is generated and embedded in the kernel, it may be encoded
> as non-native endianness due to another bug [1] currently being worked on.
> Patch #3 lets bpftool recognize the wrong BTF endianness rather than output
> a confusing/misleading ELF header error message.
> 
> Patches #1 and #2 were first developed for Linux 5.4.x and should be
> backported if possible. Feedback and suggestions for improvement are
> welcome!
> 
> Thanks,
> Tony
> 
> [1] https://lore.kernel.org/bpf/CAPGftE8ipAacAnm9xMHFabXCL-XrCXGmOsX-Nsjvz9wnh3Zx-w@mail.gmail.com/
> 
> Tony Ambardar (3):
>    bpf: fix sysfs export of empty BTF section
>    bpf: prevent .BTF section elimination
>    libbpf: fix native endian assumption when parsing BTF
> 
>   include/asm-generic/vmlinux.lds.h | 2 +-
>   kernel/bpf/sysfs_btf.c            | 6 +++---
>   tools/lib/bpf/btf.c               | 6 ++++++
>   3 files changed, 10 insertions(+), 4 deletions(-)
> 

Applied, thanks!

Powered by blists - more mailing lists