From: Florent Revest <revest@chromium.org>
To: bpf@vger.kernel.org
Cc: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org,
yhs@fb.com, kpsingh@kernel.org, jackmanb@chromium.org,
linux-kernel@vger.kernel.org,
Florent Revest <revest@chromium.org>
Subject: [PATCH bpf-next v2 0/6] Add a snprintf eBPF helper
Date: Wed, 24 Mar 2021 03:22:05 +0100 [thread overview]
Message-ID: <20210324022211.1718762-1-revest@chromium.org> (raw)
We have a usecase where we want to audit symbol names (if available) in
callback registration hooks. (ex: fentry/nf_register_net_hook)
A few months back, I proposed a bpf_kallsyms_lookup series but it was
decided in the reviews that a more generic helper, bpf_snprintf, would
be more useful.
This series implements the helper according to the feedback received in
https://lore.kernel.org/bpf/20201126165748.1748417-1-revest@google.com/T/#u
- A new arg type guarantees the NULL-termination of string arguments and
lets us pass format strings in only one arg
- A new helper is implemented using that guarantee. Because the format
string is known at verification time, the format string validation is
done by the verifier
- To implement a series of tests for bpf_snprintf, the logic for
marshalling variadic args in a fixed-size array is reworked as per:
https://lore.kernel.org/bpf/20210310015455.1095207-1-revest@chromium.org/T/#u
---
Changes in v2:
- Extracted the format validation/argument sanitization in a generic way
for all printf-like helpers.
- bpf_snprintf's str_size can now be 0
- bpf_snprintf is now exposed to all BPF program types
- We now preempt_disable when using a per-cpu temporary buffer
- Addressed a few cosmetic changes
Florent Revest (6):
bpf: Factorize bpf_trace_printk and bpf_seq_printf
bpf: Add a ARG_PTR_TO_CONST_STR argument type
bpf: Add a bpf_snprintf helper
libbpf: Initialize the bpf_seq_printf parameters array field by field
libbpf: Introduce a BPF_SNPRINTF helper macro
selftests/bpf: Add a series of tests for bpf_snprintf
include/linux/bpf.h | 7 +
include/uapi/linux/bpf.h | 28 +
kernel/bpf/helpers.c | 2 +
kernel/bpf/verifier.c | 79 +++
kernel/trace/bpf_trace.c | 581 +++++++++---------
tools/include/uapi/linux/bpf.h | 28 +
tools/lib/bpf/bpf_tracing.h | 44 +-
.../selftests/bpf/prog_tests/snprintf.c | 65 ++
.../selftests/bpf/progs/test_snprintf.c | 59 ++
9 files changed, 604 insertions(+), 289 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/snprintf.c
create mode 100644 tools/testing/selftests/bpf/progs/test_snprintf.c
--
2.31.0.291.g576ba9dcdaf-goog
next reply other threads:[~2021-03-24 2:23 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-24 2:22 Florent Revest [this message]
2021-03-24 2:22 ` [PATCH bpf-next v2 1/6] bpf: Factorize bpf_trace_printk and bpf_seq_printf Florent Revest
2021-03-26 21:53 ` Andrii Nakryiko
2021-03-26 22:51 ` Andrii Nakryiko
2021-04-06 15:35 ` Florent Revest
2021-04-07 21:53 ` Andrii Nakryiko
2021-04-08 22:52 ` Florent Revest
2021-03-24 2:22 ` [PATCH bpf-next v2 2/6] bpf: Add a ARG_PTR_TO_CONST_STR argument type Florent Revest
2021-03-26 22:23 ` Andrii Nakryiko
2021-04-06 15:38 ` Florent Revest
2021-03-24 2:22 ` [PATCH bpf-next v2 3/6] bpf: Add a bpf_snprintf helper Florent Revest
2021-03-26 22:55 ` Andrii Nakryiko
2021-04-06 16:06 ` Florent Revest
2021-04-07 22:03 ` Andrii Nakryiko
2021-04-08 22:43 ` Florent Revest
2021-03-24 2:22 ` [PATCH bpf-next v2 4/6] libbpf: Initialize the bpf_seq_printf parameters array field by field Florent Revest
2021-03-26 23:01 ` Andrii Nakryiko
2021-04-06 15:42 ` Florent Revest
2021-03-24 2:22 ` [PATCH bpf-next v2 5/6] libbpf: Introduce a BPF_SNPRINTF helper macro Florent Revest
2021-03-26 23:02 ` Andrii Nakryiko
2021-03-24 2:22 ` [PATCH bpf-next v2 6/6] selftests/bpf: Add a series of tests for bpf_snprintf Florent Revest
2021-03-26 23:05 ` Andrii Nakryiko
2021-04-06 15:40 ` Florent Revest
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210324022211.1718762-1-revest@chromium.org \
--to=revest@chromium.org \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jackmanb@chromium.org \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.