| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_1E619C9E44C8C4B2B713A0D6DD45B92BF70A@qq.com>
Date: Thu, 22 Aug 2024 14:08:57 +0800
From: Gang Yan <gang_yan@...mail.com>
To: "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>
Cc: Gang Yan <yangang@...inos.cn>,
netdev@...r.kernel.org,
bpf@...r.kernel.org,
Geliang Tang <geliang@...nel.org>
Subject: [PATCH bpf-next] bpf: Allow error injection for update_socket_protocol
From: Gang Yan <yangang@...inos.cn>
The "update_socket_protocol" interface is designed to empower user space
with the capability to customize and modify socket protocols leveraging
BPF methods. Currently, it has only granted the fmod_ret permission,
allowing for modifications to return values. We are extending the
permissions further by 'ALLOW_ERROR_INJECTION', thereby facilitating
the development of user-space programs with enhanced flexibility and
convenience.
When we attempt to modify the return value of "update_socket_protocol"
to "IPPROTO_MPTCP" using the below code based on the BCC tool:
'''
int kprobe__update_socket_protocol(void* ctx)
{
...
bpf_override_return(ctx, IPPROTO_MPTCP);
...
}
'''
But an error occurs:
'''
ioctl(PERF_EVENT_IOC_SET_BPF): Invalid argument
Traceback (most recent call last):
File "/media/yangang/work/Code/BCC/test.py", line 27, in <module>
b = BPF(text=prog)
^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/bcc/__init__.py", line 487, \
in __init__ self._trace_autoload()
File "/usr/lib/python3/dist-packages/bcc/__init__.py", line 1466, \
in _trace_autoload self.attach_kprobe(
File "/usr/lib/python3/dist-packages/bcc/__init__.py", line 855,\
in attach_kprobe
raise Exception("Failed to attach BPF program %s to kprobe %s"
Exception: Failed to attach BPF program b'kprobe__update_socket_protocol' \
to kprobe b'update_socket_protocol', it's not traceable \
(either non-existing, inlined, or marked as "notrace")
'''
This patch can fix the issue.
Suggested-by: Geliang Tang <geliang@...nel.org>
Signed-off-by: Gang Yan <yangang@...inos.cn>
---
net/socket.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/socket.c b/net/socket.c
index fcbdd5bc47ac..63ce1caf75eb 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -1695,6 +1695,7 @@ __weak noinline int update_socket_protocol(int family, int type, int protocol)
{
return protocol;
}
+ALLOW_ERROR_INJECTION(update_socket_protocol, ERRNO);
__bpf_hook_end();
--
2.43.0
Powered by blists - more mailing lists