lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 8 Aug 2022 15:33:15 -0700
From:   Andrii Nakryiko <andrii.nakryiko@...il.com>
To:     Hangbin Liu <liuhangbin@...il.com>
Cc:     netdev@...r.kernel.org, Quentin Monnet <quentin@...valent.com>,
        Andrii Nakryiko <andrii@...nel.org>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Martin KaFai Lau <martin.lau@...ux.dev>,
        Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
        John Fastabend <john.fastabend@...il.com>,
        KP Singh <kpsingh@...nel.org>,
        Stanislav Fomichev <sdf@...gle.com>,
        Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
        bpf@...r.kernel.org
Subject: Re: [PATCH bpf-next] libbpf: try to add a name for bpftool
 self-created maps

On Mon, Aug 8, 2022 at 2:33 AM Hangbin Liu <liuhangbin@...il.com> wrote:
>
> As discussed before[1], the bpftool self-created maps can appear in final
> map show output due to deferred removal in kernel. These maps don't have
> a name, which would make users confused about where it comes from.
>
> Adding names for these maps could make users know what these maps used for.
> It also could make some tests (like test_offload.py, which skip base maps
> without names as a workaround) filter them out.
>
> As Quentin suggested, add a small wrapper to fall back with no name
> if kernel is not supported.
>
> [1] https://lore.kernel.org/bpf/CAEf4BzY66WPKQbDe74AKZ6nFtZjq5e+G3Ji2egcVytB9R6_sGQ@mail.gmail.com/
>
> Suggested-by: Quentin Monnet <quentin@...valent.com>
> Signed-off-by: Hangbin Liu <liuhangbin@...il.com>
> ---
>  tools/lib/bpf/libbpf.c | 22 +++++++++++++++++++---
>  1 file changed, 19 insertions(+), 3 deletions(-)
>

Hm... this is pretty ugly. And unfortunately I mostly ignored the
previous discussion, sorry about that.

To give you my view of this. I've considered making bpf_prog_load()
and bpf_map_create() smart enough to ignore name if kernel doesn't
support program or map name, respectively. I previously decided to
keep it simple and follow the approach that low-level APIs (which
bpf_prog_load and bpf_map_create are) should not do any such
adjustments to user arguments. But we are not 100% following that
anyways (e.g., bpf_prog_load does retries and is more clever about
log_level, as one example), and it does seem very unlikely that user
will explicitly want to cause failure by passing non-NULL name to
bpf_prog_load/bpf_map_create on old kernels that don't support names.
It's way more likely that a user doesn't want to care and always wants
to specify a name and use it if the kernel supports it.

So I propose we just teach bpf_map_create and bpf_prog_load to ignore
non-NULL names if the kernel doesn't support it. Please double check
if map name support was added at the same time as prog name support,
and if yes, just use kernel_supports(NULL, FEAT_PROG_NAME) in both
cases. If not, we can add a dedicated map name feature detector.

If a user really-really wants to force failure (for some reason),
they'd need to do their own bpf() syscall. Which I think is totally
fine, given the upside of not having to care about whether the kernel
supports names.


> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> index 77e3797cf75a..db4f1a02b9e0 100644
> --- a/tools/lib/bpf/libbpf.c
> +++ b/tools/lib/bpf/libbpf.c
> @@ -4423,6 +4423,22 @@ static int probe_kern_prog_name(void)
>         return probe_fd(ret);
>  }
>
> +static int probe_kern_map_name(enum bpf_map_type map_type,
> +                              const char *map_name, __u32 key_size,
> +                              __u32 value_size, __u32 max_entries,
> +                              const struct bpf_map_create_opts *opts)
> +{
> +       int map;
> +
> +       map = bpf_map_create(map_type, map_name, key_size, value_size, max_entries, opts);
> +       if (map < 0 && errno == EINVAL) {
> +               /* Retry without name */
> +               map = bpf_map_create(map_type, NULL, key_size, value_size, max_entries, opts);
> +       }
> +
> +       return map;
> +}
> +
>  static int probe_kern_global_data(void)
>  {
>         char *cp, errmsg[STRERR_BUFSIZE];
> @@ -4434,7 +4450,7 @@ static int probe_kern_global_data(void)
>         };
>         int ret, map, insn_cnt = ARRAY_SIZE(insns);
>
> -       map = bpf_map_create(BPF_MAP_TYPE_ARRAY, NULL, sizeof(int), 32, 1, NULL);
> +       map = probe_kern_map_name(BPF_MAP_TYPE_ARRAY, "global_data", sizeof(int), 32, 1, NULL);
>         if (map < 0) {
>                 ret = -errno;
>                 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
> @@ -4567,7 +4583,7 @@ static int probe_kern_array_mmap(void)
>         LIBBPF_OPTS(bpf_map_create_opts, opts, .map_flags = BPF_F_MMAPABLE);
>         int fd;
>
> -       fd = bpf_map_create(BPF_MAP_TYPE_ARRAY, NULL, sizeof(int), sizeof(int), 1, &opts);
> +       fd = probe_kern_map_name(BPF_MAP_TYPE_ARRAY, "array_mmap", sizeof(int), sizeof(int), 1, &opts);
>         return probe_fd(fd);
>  }
>
> @@ -4614,7 +4630,7 @@ static int probe_prog_bind_map(void)
>         };
>         int ret, map, prog, insn_cnt = ARRAY_SIZE(insns);
>
> -       map = bpf_map_create(BPF_MAP_TYPE_ARRAY, NULL, sizeof(int), 32, 1, NULL);
> +       map = probe_kern_map_name(BPF_MAP_TYPE_ARRAY, "bind_map_detect", sizeof(int), 32, 1, NULL);
>         if (map < 0) {
>                 ret = -errno;
>                 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
> --
> 2.35.3
>

Powered by blists - more mailing lists