lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <877dluc5gi.fsf@toke.dk>
Date:   Fri, 26 Mar 2021 16:14:37 +0100
From:   Toke Høiland-Jørgensen <toke@...hat.com>
To:     Alexei Starovoitov <ast@...com>, Martin KaFai Lau <kafai@...com>
Cc:     bpf@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>, kernel-team@...com,
        netdev@...r.kernel.org
Subject: Re: [PATCH v2 bpf-next 03/14] bpf: Support bpf program calling
 kernel function

Alexei Starovoitov <ast@...com> writes:

> On 3/26/21 3:11 AM, Toke Høiland-Jørgensen wrote:
>> Martin KaFai Lau <kafai@...com> writes:
>> 
>>> On Thu, Mar 25, 2021 at 11:02:23PM +0100, Toke Høiland-Jørgensen wrote:
>>>> Martin KaFai Lau <kafai@...com> writes:
>>>>
>>>>> This patch adds support to BPF verifier to allow bpf program calling
>>>>> kernel function directly.
>>>>
>>>> Hi Martin
>>>>
>>>> This is exciting stuff! :)
>>>>
>>>> Just one quick question about this:
>>>>
>>>>> [ For the future calling function-in-kernel-module support, an array
>>>>>    of module btf_fds can be passed at the load time and insn->off
>>>>>    can be used to index into this array. ]
>>>>
>>>> Is adding the support for extending this to modules also on your radar,
>>>> or is this more of an "in case someone needs it" comment? :)
>>>
>>> It is in my list.  I don't mind someone beats me to it though
>>> if he/she has an immediate use case. ;)
>> 
>> Noted ;)
>> No promises though, and at the rate you're going you may just get there
>> first. I'll be sure to ping you if I do start on this so we avoid
>> duplicating effort!
>
> That's great!
> Curious what use cases you have in mind?

Accessing conntrack data from XDP. Needed for OVS, and for building an
XDP-based forwarding fast-path that shares state with the regular kernel
stack. Details TBD, obviously, but we've been blocked on not having
access to anything in modules from BPF, so seeing that there's now a
path to that is delightful! :)

-Toke

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ