lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LRH.2.23.451.2012071623080.3652@localhost>
Date:   Mon, 7 Dec 2020 16:38:16 +0000 (GMT)
From:   Alan Maguire <alan.maguire@...cle.com>
To:     Andrii Nakryiko <andrii@...nel.org>
cc:     bpf@...r.kernel.org, netdev@...r.kernel.org, ast@...com,
        daniel@...earbox.net, kernel-team@...com,
        Alan Maguire <alan.maguire@...cle.com>
Subject: Re: [PATCH bpf-next] libbpf: support module BTF for BPF_TYPE_ID_TARGET
 CO-RE relocation

On Fri, 4 Dec 2020, Andrii Nakryiko wrote:

> When Clang emits ldimm64 instruction for BPF_TYPE_ID_TARGET CO-RE relocation,
> put module BTF FD, containing target type, into upper 32 bits of imm64.
> 
> Because this FD is internal to libbpf, it's very cumbersome to test this in
> selftests. Manual testing was performed with debug log messages sprinkled
> across selftests and libbpf, confirming expected values are substituted.
> Better testing will be performed as part of the work adding module BTF types
> support to  bpf_snprintf_btf() helpers.
> 
> Cc: Alan Maguire <alan.maguire@...cle.com>
> Signed-off-by: Andrii Nakryiko <andrii@...nel.org>
> ---
>  tools/lib/bpf/libbpf.c | 19 ++++++++++++++++---
>  1 file changed, 16 insertions(+), 3 deletions(-)
> 
> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> index 9be88a90a4aa..539956f7920a 100644
> --- a/tools/lib/bpf/libbpf.c
> +++ b/tools/lib/bpf/libbpf.c
> @@ -4795,6 +4795,7 @@ static int load_module_btfs(struct bpf_object *obj)
>  
>  		mod_btf = &obj->btf_modules[obj->btf_module_cnt++];
>  
> +		btf__set_fd(btf, fd);
>  		mod_btf->btf = btf;
>  		mod_btf->id = id;
>  		mod_btf->fd = fd;
> @@ -5445,6 +5446,10 @@ struct bpf_core_relo_res
>  	__u32 orig_type_id;
>  	__u32 new_sz;
>  	__u32 new_type_id;
> +	/* FD of the module BTF containing the target candidate, or 0 for
> +	 * vmlinux BTF
> +	 */
> +	int btf_obj_fd;
>  };
>  
>  /* Calculate original and target relocation values, given local and target
> @@ -5469,6 +5474,7 @@ static int bpf_core_calc_relo(const struct bpf_program *prog,
>  	res->fail_memsz_adjust = false;
>  	res->orig_sz = res->new_sz = 0;
>  	res->orig_type_id = res->new_type_id = 0;
> +	res->btf_obj_fd = 0;
>  
>  	if (core_relo_is_field_based(relo->kind)) {
>  		err = bpf_core_calc_field_relo(prog, relo, local_spec,
> @@ -5519,6 +5525,9 @@ static int bpf_core_calc_relo(const struct bpf_program *prog,
>  	} else if (core_relo_is_type_based(relo->kind)) {
>  		err = bpf_core_calc_type_relo(relo, local_spec, &res->orig_val);
>  		err = err ?: bpf_core_calc_type_relo(relo, targ_spec, &res->new_val);
> +		if (!err && relo->kind == BPF_TYPE_ID_TARGET &&
> +		    targ_spec->btf != prog->obj->btf_vmlinux) 
> +			res->btf_obj_fd = btf__fd(targ_spec->btf);

Sorry about this Andrii, but I'm a bit stuck here.

I'm struggling to get tests working where the obj fd is used to designate
the module BTF. Unless I'm missing something there are a few problems:

- the fd association is removed by libbpf when the BPF program has loaded; 
the module fds are closed and the module BTF is discarded.  However even if 
that isn't done (and as you mentioned, we could hold onto BTF that is in 
use, and I commented out the code that does that to test) - there's 
another problem:
- I can't see a way to use the object fd value we set here later in BPF 
program context; btf_get_by_fd() returns -EBADF as the fd is associated 
with the module BTF in the test's process context, not necessarily in 
the context that the BPF program is running.  Would it be possible in this 
case to use object id? Or is there another way to handle the fd->module 
BTF association that we need to make in BPF program context that I'm 
missing?
- A more long-term issue; if we use fds to specify module BTFs and write 
the object fd into the program, we can pin the BPF program such that it 
outlives fds that refer to its associated BTF.  So unless we pinned the 
BTF too, any code that assumed the BTF fd-> module mapping was valid would 
start to break once the user-space side went away and the pinned program 
persisted. 

Maybe there are solutions to these problems that I'm missing of course, 
but for now I'm not sure how to get things working.

Thanks again for your help with this!

Alan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ