| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210325183200.jzk7dvxmkn2bj5q3@kafai-mbp.dhcp.thefacebook.com>
Date: Thu, 25 Mar 2021 11:32:00 -0700
From: Martin KaFai Lau <kafai@...com>
To: Toke Høiland-Jørgensen <toke@...hat.com>
CC: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...gle.com>,
"David S. Miller" <davem@...emloft.net>,
Jesper Dangaard Brouer <brouer@...hat.com>,
Andrea Arcangeli <aarcange@...hat.com>,
Clark Williams <williams@...hat.com>, <bpf@...r.kernel.org>,
<netdev@...r.kernel.org>
Subject: Re: [PATCH bpf 2/2] bpf/selftests: test that kernel rejects a TCP CC
with an invalid license
On Thu, Mar 25, 2021 at 04:40:34PM +0100, Toke Høiland-Jørgensen wrote:
> This adds a selftest to check that the verifier rejects a TCP CC struct_ops
> with a non-GPL license. To save having to add a whole new BPF object just
> for this, reuse the dctcp CC, but rewrite the license field before loading.
>
> Signed-off-by: Toke Høiland-Jørgensen <toke@...hat.com>
> ---
> .../selftests/bpf/prog_tests/bpf_tcp_ca.c | 31 +++++++++++++++++++
> 1 file changed, 31 insertions(+)
>
> diff --git a/tools/testing/selftests/bpf/prog_tests/bpf_tcp_ca.c b/tools/testing/selftests/bpf/prog_tests/bpf_tcp_ca.c
> index 37c5494a0381..613cf8a00b22 100644
> --- a/tools/testing/selftests/bpf/prog_tests/bpf_tcp_ca.c
> +++ b/tools/testing/selftests/bpf/prog_tests/bpf_tcp_ca.c
> @@ -227,10 +227,41 @@ static void test_dctcp(void)
> bpf_dctcp__destroy(dctcp_skel);
> }
>
> +static void test_invalid_license(void)
> +{
> + /* We want to check that the verifier refuses to load a non-GPL TCP CC.
> + * Rather than create a whole new file+skeleton, just reuse an existing
> + * object and rewrite the license in memory after loading. Sine libbpf
> + * doesn't expose this, we define a struct that includes the first couple
> + * of internal fields for struct bpf_object so we can overwrite the right
> + * bits. Yes, this is a bit of a hack, but it makes the test a lot simpler.
> + */
> + struct bpf_object_fragment {
> + char name[BPF_OBJ_NAME_LEN];
> + char license[64];
> + } *obj;
It is fragile. A new bpf_nogpltcp.c should be created and it does
not have to be a full tcp-cc. A very minimal implementation with
only .init. Something like this (uncompiled code):
char _license[] SEC("license") = "X";
void BPF_STRUCT_OPS(nogpltcp_init, struct sock *sk)
{
}
SEC(".struct_ops")
struct tcp_congestion_ops bpf_nogpltcp = {
.init = (void *)nogpltcp_init,
.name = "bpf_nogpltcp",
};
libbpf_set_print() can also be used to look for the
the verifier log "struct ops programs must have a GPL compatible license".
Powered by blists - more mailing lists