| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 15 Aug 2021 00:21:04 -0700
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Kuniyuki Iwashima <kuniyu@...zon.co.jp>
Cc: "David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
Benjamin Herrenschmidt <benh@...zon.com>,
Kuniyuki Iwashima <kuni1840@...il.com>,
bpf <bpf@...r.kernel.org>, Networking <netdev@...r.kernel.org>
Subject: Re: [PATCH v6 bpf-next 3/4] selftest/bpf: Implement sample UNIX
domain socket iterator program.
On Fri, Aug 13, 2021 at 6:58 PM Kuniyuki Iwashima <kuniyu@...zon.co.jp> wrote:
>
> The iterator can output almost the same result compared to /proc/net/unix.
> The header line is aligned, and the Inode column uses "%8lu" because "%5lu"
> can be easily overflown.
>
> # cat /sys/fs/bpf/unix
> Num RefCount Protocol Flags Type St Inode Path
> ffff963c06689800: 00000002 00000000 00010000 0001 01 18697 private/defer
> ffff963c7c979c00: 00000002 00000000 00000000 0001 01 598245 @Hello@...ld@
>
> # cat /proc/net/unix
> Num RefCount Protocol Flags Type St Inode Path
> ffff963c06689800: 00000002 00000000 00010000 0001 01 18697 private/defer
> ffff963c7c979c00: 00000002 00000000 00000000 0001 01 598245 @Hello@...ld@
>
> Signed-off-by: Kuniyuki Iwashima <kuniyu@...zon.co.jp>
> Acked-by: Yonghong Song <yhs@...com>
> ---
> .../selftests/bpf/prog_tests/bpf_iter.c | 16 ++++
> tools/testing/selftests/bpf/progs/bpf_iter.h | 8 ++
> .../selftests/bpf/progs/bpf_iter_unix.c | 80 +++++++++++++++++++
> .../selftests/bpf/progs/bpf_tracing_net.h | 4 +
> 4 files changed, 108 insertions(+)
> create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_unix.c
[...]
> + if (unix_sk->addr) {
> + if (!UNIX_ABSTRACT(unix_sk)) {
> + BPF_SEQ_PRINTF(seq, " %s", unix_sk->addr->name->sun_path);
> + } else {
> + /* The name of the abstract UNIX domain socket starts
> + * with '\0' and can contain '\0'. The null bytes
> + * should be escaped as done in unix_seq_show().
> + */
> + __u64 i, len;
> +
> + len = unix_sk->addr->len - sizeof(short);
> +
> + BPF_SEQ_PRINTF(seq, " @");
> +
> + for (i = 1; i < len; i++) {
> + /* unix_mkname() tests this upper bound. */
> + if (len >= sizeof(struct sockaddr_un))
I've changed this to (i >= sizeof(...)) which made more sense to me
than checking len multiple times. Both test_progs and
test_progs-no_alu32 passed on my local slightly older clang which
doesn't yet have Yonghong's fix, so I hope I didn't regress anything.
Applied to bpf-next.
> + break;
> +
> + BPF_SEQ_PRINTF(seq, "%c",
> + unix_sk->addr->name->sun_path[i] ?:
> + '@');
> + }
> + }
> + }
> +
> + BPF_SEQ_PRINTF(seq, "\n");
> +
> + return 0;
> +}
> diff --git a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
> index 3af0998a0623..eef5646ddb19 100644
> --- a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
> +++ b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h
> @@ -5,6 +5,10 @@
> #define AF_INET 2
> #define AF_INET6 10
>
> +#define __SO_ACCEPTCON (1 << 16)
> +#define UNIX_HASH_SIZE 256
> +#define UNIX_ABSTRACT(unix_sk) (unix_sk->addr->hash < UNIX_HASH_SIZE)
> +
> #define SOL_TCP 6
> #define TCP_CONGESTION 13
> #define TCP_CA_NAME_MAX 16
> --
> 2.30.2
>
Powered by blists - more mailing lists