lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 2 Nov 2021 02:14:29 +0000 From: Joe Burton <jevburton.kernel@...il.com> To: Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Andrii Nakryiko <andrii@...nel.org>, Martin KaFai Lau <kafai@...com>, Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>, John Fastabend <john.fastabend@...il.com>, KP Singh <kpsingh@...nel.org>, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, bpf@...r.kernel.org Cc: Petar Penkov <ppenkov@...gle.com>, Stanislav Fomichev <sdf@...gle.com>, Joe Burton <jevburton@...gle.com> Subject: [RFC PATCH v3 0/3] Introduce BPF map tracing capability From: Joe Burton <jevburton@...gle.com> This is the third version of a patch series implementing map tracing. Map tracing enables executing BPF programs upon BPF map updates. This might be useful to perform upgrades of stateful programs; e.g., tracing programs can propagate changes to maps that occur during an upgrade operation. This version uses trampoline hooks to provide the capability. fentry/fexit/fmod_ret programs can attach to two new functions: int bpf_map_trace_update_elem(struct bpf_map* map, void* key, void* val, u32 flags); int bpf_map_trace_delete_elem(struct bpf_map* map, void* key); These hooks work as intended for the following map types: BPF_MAP_TYPE_ARRAY BPF_MAP_TYPE_PERCPU_ARRAY BPF_MAP_TYPE_HASH BPF_MAP_TYPE_PERCPU_HASH BPF_MAP_TYPE_LRU_HASH BPF_MAP_TYPE_LRU_PERCPU_HASH The only guarantee about the semantics of these hooks is that they execute before the operation takes place. We cannot call them with locks held because the hooked program might try to acquire the same locks. Thus they may be invoked in situations where the traced map is not ultimately updated. The original proposal suggested exposing a function for each (map type) x (access type). The problem I encountered is that e.g. percpu hashtables use a custom function for some access types (htab_percpu_map_update_elem) but a common function for others (htab_map_delete_elem). Thus a userspace application would have to maintain a unique list of functions to attach to for each map type; moreover, this list could change across kernel versions. Map tracing is easier to use with fewer functions, at the cost of tracing programs being triggered more times. To prevent the compiler from optimizing out the calls to my tracing functions, I use the asm("") trick described in gcc's __attribute__((noinline)) documentation. Experimentally, this trick works with clang as well. Joe Burton (3): bpf: Add map tracing functions and call sites bpf: Add selftests bpf: Add real world example for map tracing kernel/bpf/Makefile | 2 +- kernel/bpf/arraymap.c | 6 + kernel/bpf/hashtab.c | 25 ++ kernel/bpf/map_trace.c | 25 ++ kernel/bpf/map_trace.h | 18 + .../selftests/bpf/prog_tests/map_trace.c | 422 ++++++++++++++++++ .../selftests/bpf/progs/bpf_map_trace.c | 95 ++++ .../bpf/progs/bpf_map_trace_common.h | 12 + .../progs/bpf_map_trace_real_world_common.h | 125 ++++++ .../bpf_map_trace_real_world_migration.c | 102 +++++ .../bpf/progs/bpf_map_trace_real_world_new.c | 4 + .../bpf/progs/bpf_map_trace_real_world_old.c | 5 + 12 files changed, 840 insertions(+), 1 deletion(-) create mode 100644 kernel/bpf/map_trace.c create mode 100644 kernel/bpf/map_trace.h create mode 100644 tools/testing/selftests/bpf/prog_tests/map_trace.c create mode 100644 tools/testing/selftests/bpf/progs/bpf_map_trace.c create mode 100644 tools/testing/selftests/bpf/progs/bpf_map_trace_common.h create mode 100644 tools/testing/selftests/bpf/progs/bpf_map_trace_real_world_common.h create mode 100644 tools/testing/selftests/bpf/progs/bpf_map_trace_real_world_migration.c create mode 100644 tools/testing/selftests/bpf/progs/bpf_map_trace_real_world_new.c create mode 100644 tools/testing/selftests/bpf/progs/bpf_map_trace_real_world_old.c -- 2.33.1.1089.g2158813163f-goog
Powered by blists - more mailing lists