| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEf4BzahEZPvAuXfNAd3weqwRKewuHoFX4VZ4YpQqP0BLCiQQQ@mail.gmail.com>
Date: Fri, 1 Oct 2021 14:09:14 -0700
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Kumar Kartikeya Dwivedi <memxor@...il.com>
Cc: bpf <bpf@...r.kernel.org>, Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Jesper Dangaard Brouer <brouer@...hat.com>,
Toke Høiland-Jørgensen <toke@...hat.com>,
Networking <netdev@...r.kernel.org>
Subject: Re: [PATCH bpf-next v6 3/9] bpf: btf: Introduce helpers for dynamic
BTF set registration
On Wed, Sep 29, 2021 at 11:30 PM Kumar Kartikeya Dwivedi
<memxor@...il.com> wrote:
>
> This adds helpers for registering btf_id_set from modules and the
> check_kfunc_call callback that can be used to look them up.
>
> With in kernel sets, the way this is supposed to work is, in kernel
> callback looks up within the in-kernel kfunc whitelist, and then defers
> to the dynamic BTF set lookup if it doesn't find the BTF id. If there is
> no in-kernel BTF id set, this callback can be used directly.
>
> Also fix includes for btf.h and bpfptr.h so that they can included in
> isolation. This is in preparation for their usage in tcp_bbr, tcp_cubic
> and tcp_dctcp modules in the next patch.
>
> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@...il.com>
> ---
> include/linux/bpfptr.h | 1 +
> include/linux/btf.h | 31 +++++++++++++++++++++++++
> kernel/bpf/btf.c | 51 ++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 83 insertions(+)
>
> diff --git a/include/linux/bpfptr.h b/include/linux/bpfptr.h
> index 546e27fc6d46..46e1757d06a3 100644
> --- a/include/linux/bpfptr.h
> +++ b/include/linux/bpfptr.h
> @@ -3,6 +3,7 @@
> #ifndef _LINUX_BPFPTR_H
> #define _LINUX_BPFPTR_H
>
> +#include <linux/mm.h>
> #include <linux/sockptr.h>
>
> typedef sockptr_t bpfptr_t;
> diff --git a/include/linux/btf.h b/include/linux/btf.h
> index 214fde93214b..382c00d5cede 100644
> --- a/include/linux/btf.h
> +++ b/include/linux/btf.h
> @@ -5,6 +5,7 @@
> #define _LINUX_BTF_H 1
>
> #include <linux/types.h>
> +#include <linux/bpfptr.h>
> #include <uapi/linux/btf.h>
> #include <uapi/linux/bpf.h>
>
> @@ -238,4 +239,34 @@ static inline const char *btf_name_by_offset(const struct btf *btf,
> }
> #endif
>
> +struct kfunc_btf_id_set {
> + struct list_head list;
> + struct btf_id_set *set;
> + struct module *owner;
> +};
> +
> +struct kfunc_btf_id_list;
> +
> +#ifdef CONFIG_DEBUG_INFO_BTF_MODULES
> +void register_kfunc_btf_id_set(struct kfunc_btf_id_list *l,
> + struct kfunc_btf_id_set *s);
> +void unregister_kfunc_btf_id_set(struct kfunc_btf_id_list *l,
> + struct kfunc_btf_id_set *s);
> +#else
> +static inline void register_kfunc_btf_id_set(struct kfunc_btf_id_list *l,
> + struct kfunc_btf_id_set *s)
> +{
> +}
> +static inline void unregister_kfunc_btf_id_set(struct kfunc_btf_id_list *l,
> + struct kfunc_btf_id_set *s)
> +{
> +}
> +#endif
> +
> +#define DECLARE_CHECK_KFUNC_CALLBACK(type) \
> + bool __bpf_##type##_check_kfunc_call(u32 kfunc_id, struct module *owner)
> +#define DEFINE_KFUNC_BTF_ID_SET(set, name) \
> + struct kfunc_btf_id_set name = { LIST_HEAD_INIT(name.list), (set), \
> + THIS_MODULE }
> +
> #endif
> diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
> index c3d605b22473..5a8806cfecd0 100644
> --- a/kernel/bpf/btf.c
> +++ b/kernel/bpf/btf.c
> @@ -6343,3 +6343,54 @@ const struct bpf_func_proto bpf_btf_find_by_name_kind_proto = {
> };
>
> BTF_ID_LIST_GLOBAL_SINGLE(btf_task_struct_ids, struct, task_struct)
> +
> +struct kfunc_btf_id_list {
> + struct list_head list;
> + struct mutex mutex;
> +};
> +
> +#ifdef CONFIG_DEBUG_INFO_BTF_MODULES
> +
> +void register_kfunc_btf_id_set(struct kfunc_btf_id_list *l,
> + struct kfunc_btf_id_set *s)
> +{
> + mutex_lock(&l->mutex);
> + list_add(&s->list, &l->list);
> + mutex_unlock(&l->mutex);
> +}
> +EXPORT_SYMBOL_GPL(register_kfunc_btf_id_set);
> +
> +void unregister_kfunc_btf_id_set(struct kfunc_btf_id_list *l,
> + struct kfunc_btf_id_set *s)
> +{
> + mutex_lock(&l->mutex);
> + list_del_init(&s->list);
> + mutex_unlock(&l->mutex);
> +}
> +EXPORT_SYMBOL_GPL(unregister_kfunc_btf_id_set);
> +
> +#endif
> +
> +#define DEFINE_KFUNC_BTF_ID_LIST(name) \
> + struct kfunc_btf_id_list name = { LIST_HEAD_INIT(name.list), \
> + __MUTEX_INITIALIZER(name.mutex) }; \
> + EXPORT_SYMBOL_GPL(name)
> +
nit: \ alignment seems off
> +#define DEFINE_CHECK_KFUNC_CALLBACK(type, list_name) \
> + bool __bpf_##type##_check_kfunc_call(u32 kfunc_id, \
> + struct module *owner) \
does this have to be a type-specific macro-defined function? It seems
like type is used only for creating a dedicated function with type
embedded in it, but otherwise this helper only needs mutex and the
list, why not code it as a generic function and pass mutex and list
explicitly (or if it is always struct struct kfunc_btf_id_list then
just declare it so)? I think that will be easier to follow.
> + { \
> + struct kfunc_btf_id_set *s; \
> + if (!owner || !IS_ENABLED(CONFIG_DEBUG_INFO_BTF_MODULES)) \
> + return false; \
> + mutex_lock(&list_name.mutex); \
> + list_for_each_entry(s, &list_name.list, list) { \
> + if (s->owner == owner && \
> + btf_id_set_contains(s->set, kfunc_id)) { \
> + mutex_unlock(&list_name.mutex); \
> + return true; \
> + } \
> + } \
> + mutex_unlock(&list_name.mutex); \
> + return false; \
> + }
> --
> 2.33.0
>
Powered by blists - more mailing lists