lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <a6075bd0-34f5-29f0-7331-7fe61fd25c12@iogearbox.net>
Date:   Wed, 13 Jan 2021 23:55:46 +0100
From:   Daniel Borkmann <daniel@...earbox.net>
To:     Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc:     Andrii Nakryiko <andrii@...nel.org>, bpf <bpf@...r.kernel.org>,
        Network Development <netdev@...r.kernel.org>,
        Alexei Starovoitov <ast@...com>,
        Kernel Team <kernel-team@...com>, Hao Luo <haoluo@...gle.com>,
        Yonghong Song <yhs@...com>
Subject: Re: [PATCH v3 bpf-next 5/7] bpf: support BPF ksym variables in kernel
 modules

On 1/13/21 12:18 AM, Alexei Starovoitov wrote:
> On Tue, Jan 12, 2021 at 8:30 AM Daniel Borkmann <daniel@...earbox.net> wrote:
>> On 1/12/21 8:55 AM, Andrii Nakryiko wrote:
>>> Add support for directly accessing kernel module variables from BPF programs
>>> using special ldimm64 instructions. This functionality builds upon vmlinux
>>> ksym support, but extends ldimm64 with src_reg=BPF_PSEUDO_BTF_ID to allow
>>> specifying kernel module BTF's FD in insn[1].imm field.
>>>
>>> During BPF program load time, verifier will resolve FD to BTF object and will
>>> take reference on BTF object itself and, for module BTFs, corresponding module
>>> as well, to make sure it won't be unloaded from under running BPF program. The
>>> mechanism used is similar to how bpf_prog keeps track of used bpf_maps.
>>>
>>> One interesting change is also in how per-CPU variable is determined. The
>>> logic is to find .data..percpu data section in provided BTF, but both vmlinux
>>> and module each have their own .data..percpu entries in BTF. So for module's
>>> case, the search for DATASEC record needs to look at only module's added BTF
>>> types. This is implemented with custom search function.
>>>
>>> Acked-by: Yonghong Song <yhs@...com>
>>> Acked-by: Hao Luo <haoluo@...gle.com>
>>> Signed-off-by: Andrii Nakryiko <andrii@...nel.org>
>> [...]
>>> +
>>> +struct module *btf_try_get_module(const struct btf *btf)
>>> +{
>>> +     struct module *res = NULL;
>>> +#ifdef CONFIG_DEBUG_INFO_BTF_MODULES
>>> +     struct btf_module *btf_mod, *tmp;
>>> +
>>> +     mutex_lock(&btf_module_mutex);
>>> +     list_for_each_entry_safe(btf_mod, tmp, &btf_modules, list) {
>>> +             if (btf_mod->btf != btf)
>>> +                     continue;
>>> +
>>> +             if (try_module_get(btf_mod->module))
>>> +                     res = btf_mod->module;
>>
>> One more thought (follow-up would be okay I'd think) ... when a module references
>> a symbol from another module, it similarly needs to bump the refcount of the module
>> that is owning it and thus disallowing to unload for that other module's lifetime.
>> That usage dependency is visible via /proc/modules however, so if unload doesn't work
>> then lsmod allows a way to introspect that to the user. This seems to be achieved via
>> resolve_symbol() where it records its dependency/usage. Would be great if we could at
>> some point also include the BPF prog name into that list so that this is more obvious.
>> Wdyt?
> 
> I thought about it as well, but plenty of kernel things just grab the ref of ko
> and don't add any way to introspect what piece of kernel is holding ko.
> So this case won't be the first.
> Also if we add it for bpf progs it could be confusing in lsmod.
> Since it currently only shows other ko-s in there.
> Long ago I had an awk script to parse that output to rmmod dependent modules
> before rmmoding the main one. If somebody doing something like this
> bpf prog names in the same place may break things.
> So I think there are more cons than pros.

Hm, true that scripting could break in this case if we were to add bpf prog names in
there. :/ I don't have a better suggestion atm.. we could potentially add something
for the bpf prog info dump via bpftool, but it's a non-obvious location to people who
are used to check deps via lsmod. Also true that we bump ref from plenty of other
locations where it's not directly shown either apart from just the refcnt (e.g. socket
using tcp congctl module etc).

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ