lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <af5e27aeef544581804b578032fc1b4e@huawei.com> Date: Wed, 30 Mar 2022 15:12:57 +0000 From: Roberto Sassu <roberto.sassu@...wei.com> To: Andrii Nakryiko <andrii.nakryiko@...il.com> CC: Jonathan Corbet <corbet@....net>, Al Viro <viro@...iv.linux.org.uk>, Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Andrii Nakryiko <andrii@...nel.org>, KP Singh <kpsingh@...nel.org>, "Shuah Khan" <shuah@...nel.org>, "mcoquelin.stm32@...il.com" <mcoquelin.stm32@...il.com>, "alexandre.torgue@...s.st.com" <alexandre.torgue@...s.st.com>, Mimi Zohar <zohar@...ux.ibm.com>, "Linux Doc Mailing List" <linux-doc@...r.kernel.org>, "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>, Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>, "open list:KERNEL SELFTEST FRAMEWORK" <linux-kselftest@...r.kernel.org>, "linux-stm32@...md-mailman.stormreply.com" <linux-stm32@...md-mailman.stormreply.com>, linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>, "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>, "linux-security-module@...r.kernel.org" <linux-security-module@...r.kernel.org>, open list <linux-kernel@...r.kernel.org> Subject: RE: [PATCH 05/18] bpf-preload: Generate static variables > From: Roberto Sassu > Sent: Wednesday, March 30, 2022 9:45 AM > > From: Andrii Nakryiko [mailto:andrii.nakryiko@...il.com] > > Sent: Wednesday, March 30, 2022 1:52 AM > > On Mon, Mar 28, 2022 at 10:52 AM Roberto Sassu > > <roberto.sassu@...wei.com> wrote: > > > > > > The first part of the preload code generation consists in generating the > > > static variables to be used by the code itself: the links and maps to be > > > pinned, and the skeleton. Generation of the preload variables and > > methods > > > is enabled with the option -P added to 'bpftool gen skeleton'. > > > > > > The existing variables maps_link and progs_links in bpf_preload_kern.c > > have > > > been renamed respectively to dump_bpf_map_link and > > dump_bpf_prog_link, to > > > match the name of the variables in the main structure of the light > > > skeleton. > > > > > > Signed-off-by: Roberto Sassu <roberto.sassu@...wei.com> > > > --- > > > kernel/bpf/preload/bpf_preload_kern.c | 35 +- > > > kernel/bpf/preload/iterators/Makefile | 2 +- > > > .../bpf/preload/iterators/iterators.lskel.h | 378 +++++++++--------- > > > .../bpf/bpftool/Documentation/bpftool-gen.rst | 5 + > > > tools/bpf/bpftool/bash-completion/bpftool | 2 +- > > > tools/bpf/bpftool/gen.c | 27 ++ > > > tools/bpf/bpftool/main.c | 7 +- > > > tools/bpf/bpftool/main.h | 1 + > > > 8 files changed, 254 insertions(+), 203 deletions(-) > > > > > > > [...] > > > > > +__attribute__((unused)) static void > > > +iterators_bpf__assert(struct iterators_bpf *s) > > > +{ > > > +#ifdef __cplusplus > > > +#define _Static_assert static_assert > > > +#endif > > > +#ifdef __cplusplus > > > +#undef _Static_assert > > > +#endif > > > +} > > > + > > > +static struct bpf_link *dump_bpf_map_link; > > > +static struct bpf_link *dump_bpf_prog_link; > > > +static struct iterators_bpf *skel; > > > > I don't understand what is this and what for? You are making an > > assumption that light skeleton can be instantiated just once, why? And > > adding extra bpftool option to light skeleton codegen just to save a > > bit of typing at the place where light skeleton is actually > > instantiated and used doesn't seems like a right approach. > > True, iterator_bpf is simple. Writing the preloading code > for it is simple. But, what if you wanted to preload an LSM > with 10 hooks or more? > > Ok, regarding where the preloading code should be, I will > try to move the generated code to the kernel module instead > of the light skeleton. Done. I moved everything from the light skeleton to the kernel module. The changes now are also well separated, and regeneration of the kernel module occurs only after all the generation code is added to bpftool. I pushed a new branch: https://github.com/robertosassu/linux/commits/bpf-preload-v2-devel-v2 Roberto HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Li Peng, Zhong Ronghua
Powered by blists - more mailing lists