All of lore.kernel.org
 help / color / mirror / Atom feed
From: Alexei Starovoitov <alexei.starovoitov@gmail.com>
To: Andrii Nakryiko <andrii.nakryiko@gmail.com>
Cc: Yonghong Song <yhs@fb.com>, Andrii Nakryiko <andriin@fb.com>,
	bpf <bpf@vger.kernel.org>, Networking <netdev@vger.kernel.org>,
	Alexei Starovoitov <ast@fb.com>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Kernel Team <kernel-team@fb.com>
Subject: Re: [PATCH bpf-next 4/7] libbpf: sanitize BPF program code for bpf_probe_read_{kernel,user}[_str]
Date: Wed, 19 Aug 2020 13:15:46 -0700	[thread overview]
Message-ID: <CAADnVQLkAMqv0BC13=Z2U241a7EbeecAdTmwT9PCVRQiMEv=Sg@mail.gmail.com> (raw)
In-Reply-To: <CAEf4BzZ8y=fFBhwP_+owtYA45WNaa324OVftUF3jW-=Mgy45Yw@mail.gmail.com>

On Wed, Aug 19, 2020 at 1:13 PM Andrii Nakryiko
<andrii.nakryiko@gmail.com> wrote:
>
> On Tue, Aug 18, 2020 at 6:42 PM Yonghong Song <yhs@fb.com> wrote:
> >
> >
> >
> > On 8/18/20 2:33 PM, Andrii Nakryiko wrote:
> > > Add BPF program code sanitization pass, replacing calls to BPF
> > > bpf_probe_read_{kernel,user}[_str]() helpers with bpf_probe_read[_str](), if
> > > libbpf detects that kernel doesn't support new variants.
> >
> > I know this has been merged. The whole patch set looks good to me.
> > A few nit or questions below.
> >
> > >
> > > Signed-off-by: Andrii Nakryiko <andriin@fb.com>
> > > ---
> > >   tools/lib/bpf/libbpf.c | 80 ++++++++++++++++++++++++++++++++++++++++++
> > >   1 file changed, 80 insertions(+)
> > >
> > > diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> > > index ab0c3a409eea..bdc08f89a5c0 100644
> > > --- a/tools/lib/bpf/libbpf.c
> > > +++ b/tools/lib/bpf/libbpf.c
> > > @@ -180,6 +180,8 @@ enum kern_feature_id {
> > >       FEAT_ARRAY_MMAP,
> > >       /* kernel support for expected_attach_type in BPF_PROG_LOAD */
> > >       FEAT_EXP_ATTACH_TYPE,
> > > +     /* bpf_probe_read_{kernel,user}[_str] helpers */
> > > +     FEAT_PROBE_READ_KERN,
> > >       __FEAT_CNT,
> > >   };
> > >
> > > @@ -3591,6 +3593,27 @@ static int probe_kern_exp_attach_type(void)
> > >       return probe_fd(bpf_load_program_xattr(&attr, NULL, 0));
> > >   }
> > >
> > [...]
> > >
> > > +static bool insn_is_helper_call(struct bpf_insn *insn, enum bpf_func_id *func_id)
> > > +{
> > > +     __u8 class = BPF_CLASS(insn->code);
> > > +
> > > +     if ((class == BPF_JMP || class == BPF_JMP32) &&
> >
> > Do we support BPF_JMP32 + BPF_CALL ... as a helper call?
> > I am not aware of this.
>
> Verifier seems to support both. Check do_check in
> kernel/bpf/verifier.c, around line 9000. So I decided to also support
> it, even if Clang doesn't emit it (yet?).

please check few lines below 9000 ;)
jmp32 | call is rejected.
I would remove that from libbpf as well.

  reply	other threads:[~2020-08-19 20:16 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-18 21:33 [PATCH bpf-next 0/7] libbpf feature probing and sanitization improvements Andrii Nakryiko
2020-08-18 21:33 ` [PATCH bpf-next 1/7] libbpf: disable -Wswitch-enum compiler warning Andrii Nakryiko
2020-08-19  1:23   ` Yonghong Song
2020-08-19  1:39     ` Andrii Nakryiko
2020-08-19  5:44       ` Yonghong Song
2020-08-18 21:33 ` [PATCH bpf-next 2/7] libbpf: make kernel feature probing lazy Andrii Nakryiko
2020-08-18 21:33 ` [PATCH bpf-next 3/7] libbpf: factor out common logic of testing and closing FD Andrii Nakryiko
2020-08-18 21:33 ` [PATCH bpf-next 4/7] libbpf: sanitize BPF program code for bpf_probe_read_{kernel,user}[_str] Andrii Nakryiko
2020-08-19  1:42   ` Yonghong Song
2020-08-19 20:11     ` Andrii Nakryiko
2020-08-19 20:15       ` Alexei Starovoitov [this message]
2020-08-19 20:23         ` Andrii Nakryiko
2020-08-18 21:33 ` [PATCH bpf-next 5/7] selftests/bpf: fix test_vmlinux test to use bpf_probe_read_user() Andrii Nakryiko
2020-08-18 21:33 ` [PATCH bpf-next 6/7] libbpf: switch tracing and CO-RE helper macros to bpf_probe_read_kernel() Andrii Nakryiko
2020-08-18 21:33 ` [PATCH bpf-next 7/7] libbpf: detect minimal BTF support and skip BTF loading, if missing Andrii Nakryiko
2020-08-19  0:24 ` [PATCH bpf-next 0/7] libbpf feature probing and sanitization improvements Alexei Starovoitov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAADnVQLkAMqv0BC13=Z2U241a7EbeecAdTmwT9PCVRQiMEv=Sg@mail.gmail.com' \
    --to=alexei.starovoitov@gmail.com \
    --cc=andrii.nakryiko@gmail.com \
    --cc=andriin@fb.com \
    --cc=ast@fb.com \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=kernel-team@fb.com \
    --cc=netdev@vger.kernel.org \
    --cc=yhs@fb.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.