lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 18 Nov 2020 19:01:01 +0100
From:   Toke Høiland-Jørgensen <toke@...hat.com>
To:     Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc:     daniel@...earbox.net, ast@...com, andrii@...nel.org,
        bpf@...r.kernel.org, netdev@...r.kernel.org, brouer@...hat.com,
        haliu@...hat.com, dsahern@...il.com, jbenc@...hat.com
Subject: Re: [PATCH bpf-next] libbpf: Add libbpf_version() function to get
 library version at runtime

Alexei Starovoitov <alexei.starovoitov@...il.com> writes:

> On Wed, Nov 18, 2020 at 06:07:38PM +0100, Toke Høiland-Jørgensen wrote:
>> As a response to patches adding libbpf support to iproute2, an extensive
>> discussion ensued about libbpf version visibility and enforcement in tools
>> using the library[0]. In particular, two problems came to light:
>> 
>> 1. If a tool is statically linked against libbpf, there is no way for a user
>>    to discover which version of libbpf the tool is using, unless the tool
>>    takes particular care to embed the library version at build time and print
>>    it.
>> 
>> 2. If a tool is dynamically linked against libbpf, but doesn't use any
>>    symbols from the latest library version, the library version used at
>>    runtime can be older than the one used at compile time, and the
>>    application has no way to verify the version at runtime.
>> 
>> To make progress on resolving this, let's add a libbpf_version() function that
>> will simply return a version string which is embedded into the library at
>> compile time. This makes it possible for applications to unambiguously get the
>> library version at runtime, resolving (2.) above, and as an added bonus makes it
>> easy for applications to print the library version, which should help with (1.).
>> 
>> [0] https://lore.kernel.org/bpf/20201109070802.3638167-1-haliu@redhat.com/T/#t
>> 
>> Signed-off-by: Toke Høiland-Jørgensen <toke@...hat.com>
>
> Unless iproute2 adopts scrict libbpf.so.version == iproute2.version policy
> and removes legacy bpf loader no iproute2 driven changes to libbpf will be accepted.
> Just like the kernel doesn't add features for out-of-tree modules
> libbpf doesn't add features for projects where libbpf is optional.

This is not a iproute2-specific feature, though. It came out of the
iproute2 discussion, sure, but it's a generic helper to get the library
version for any application that wants to use it.

In particular, I am planning to use this in the xdp-tools binaries:

$ ./xdpdump --version
xdpdump version 1.0.1 using libbpf version 0.3.0

-Toke

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ