Re: [PATCH bpf-next v5 3/6] libbpf: Convert st_ops->data to shadow type.

BPF List
 help / color / mirror / Atom feed

From: Kui-Feng Lee <sinquersw@gmail.com>
To: Andrii Nakryiko <andrii.nakryiko@gmail.com>,
	Kui-Feng Lee <thinker.li@gmail.com>
Cc: bpf@vger.kernel.org, ast@kernel.org, martin.lau@linux.dev,
	song@kernel.org, kernel-team@meta.com, andrii@kernel.org,
	quentin@isovalent.com, kuifeng@meta.com
Subject: Re: [PATCH bpf-next v5 3/6] libbpf: Convert st_ops->data to shadow type.
Date: Wed, 28 Feb 2024 11:27:55 -0800	[thread overview]
Message-ID: <d342f4ee-8b70-456c-aea5-54fc9084f52c@gmail.com> (raw)
In-Reply-To: <CAEf4BzZbE=2Kvrx_XK60jhtFfJuFsu18=pcZFry8UuF-s_Lg_A@mail.gmail.com>



On 2/28/24 09:58, Andrii Nakryiko wrote:
> On Mon, Feb 26, 2024 at 5:04 PM Kui-Feng Lee <thinker.li@gmail.com> wrote:
>>
>> Convert st_ops->data to the shadow type of the struct_ops map. The shadow
>> type of a struct_ops type is a variant of the original struct type
>> providing a way to access/change the values in the maps of the struct_ops
>> type.
>>
>> bpf_map__initial_value() will return st_ops->data for struct_ops types. The
>> skeleton is going to use it as the pointer to the shadow type of the
>> original struct type.
>>
>> One of the main differences between the original struct type and the shadow
>> type is that all function pointers of the shadow type are converted to
>> pointers of struct bpf_program. Users can replace these bpf_program
>> pointers with other BPF programs. The st_ops->progs[] will be updated
>> before updating the value of a map to reflect the changes made by users.
>>
>> Signed-off-by: Kui-Feng Lee <thinker.li@gmail.com>
>> ---
>>   tools/lib/bpf/libbpf.c | 21 ++++++++++++++++++++-
>>   1 file changed, 20 insertions(+), 1 deletion(-)
>>
>> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
>> index 465b50235a01..2d22344fb127 100644
>> --- a/tools/lib/bpf/libbpf.c
>> +++ b/tools/lib/bpf/libbpf.c
>> @@ -1102,6 +1102,9 @@ static int bpf_map__init_kern_struct_ops(struct bpf_map *map)
>>                  if (btf_is_ptr(mtype)) {
>>                          struct bpf_program *prog;
>>
>> +                       /* Update the value from the shadow type */
>> +                       st_ops->progs[i] = *(struct bpf_program **)mdata;
>> +
> 
> it's unsettling to just cast a pointer like this without any
> validation. It's too easy for users to set either some garbage there
> or struct bpf_program * pointer from some other skeleton.
> 
> Luckily, validation is pretty simple, we can just iterate over all
> bpf_object's programs and check if any of them matches the value of
> the mdata pointer. If not, error out with meaningful error.

Make sense to me.

> 
> Also, even if the bpf_program pointer is correct, it could be a
> program of the wrong type, so I think we should add a bit more
> validation here, given these pointers are set by users directly after
> bpf_object is opened.


Agree!
Although this will be checked by the kernel, it makes sense to check at
the user space to provide a more meaningful error.

> 
>>                          prog = st_ops->progs[i];
>>                          if (!prog)
>>                                  continue;
>> @@ -9308,7 +9311,9 @@ static struct bpf_map *find_struct_ops_map_by_offset(struct bpf_object *obj,
>>          return NULL;
>>   }
>>
>> -/* Collect the reloc from ELF and populate the st_ops->progs[] */
>> +/* Collect the reloc from ELF, populate the st_ops->progs[], and update
>> + * st_ops->data for shadow type.
>> + */
>>   static int bpf_object__collect_st_ops_relos(struct bpf_object *obj,
>>                                              Elf64_Shdr *shdr, Elf_Data *data)
>>   {
>> @@ -9422,6 +9427,14 @@ static int bpf_object__collect_st_ops_relos(struct bpf_object *obj,
>>                  }
>>
>>                  st_ops->progs[member_idx] = prog;
>> +
>> +               /* st_ops->data will be expose to users, being returned by
> 
> typo: exposed
> 
>> +                * bpf_map__initial_value() as a pointer to the shadow
>> +                * type. All function pointers in the original struct type
>> +                * should be converted to a pointer to struct bpf_program
>> +                * in the shadow type.
>> +                */
>> +               *((struct bpf_program **)(st_ops->data + moff)) = prog;
>>          }
>>
>>          return 0;
>> @@ -9880,6 +9893,12 @@ int bpf_map__set_initial_value(struct bpf_map *map,
>>
>>   void *bpf_map__initial_value(struct bpf_map *map, size_t *psize)
>>   {
>> +       if (bpf_map__is_struct_ops(map)) {
>> +               if (psize)
>> +                       *psize = map->def.value_size;
>> +               return map->st_ops->data;
>> +       }
>> +
>>          if (!map->mmaped)
>>                  return NULL;
>>          *psize = map->def.value_size;
>> --
>> 2.34.1
>>

next prev parent reply	other threads:[~2024-02-28 19:27 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-27  1:04 [PATCH bpf-next v5 0/6] Create shadow types for struct_ops maps in skeletons Kui-Feng Lee
2024-02-27  1:04 ` [PATCH bpf-next v5 1/6] libbpf: expose resolve_func_ptr() through libbpf_internal.h Kui-Feng Lee
2024-02-28 14:38   ` Quentin Monnet
2024-02-28 17:45   ` Andrii Nakryiko
2024-02-28 18:27     ` Kui-Feng Lee
2024-02-27  1:04 ` [PATCH bpf-next v5 2/6] libbpf: set btf_value_type_id of struct bpf_map for struct_ops Kui-Feng Lee
2024-02-28 17:48   ` Andrii Nakryiko
2024-02-28 21:24     ` Kui-Feng Lee
2024-02-27  1:04 ` [PATCH bpf-next v5 3/6] libbpf: Convert st_ops->data to shadow type Kui-Feng Lee
2024-02-28 17:58   ` Andrii Nakryiko
2024-02-28 18:18     ` Martin KaFai Lau
2024-02-28 19:27     ` Kui-Feng Lee [this message]
2024-02-27  1:04 ` [PATCH bpf-next v5 4/6] bpftool: generated shadow variables for struct_ops maps Kui-Feng Lee
2024-02-28 18:25   ` Andrii Nakryiko
2024-02-28 21:21     ` Kui-Feng Lee
2024-02-28 22:28       ` Kui-Feng Lee
2024-02-29  0:09         ` Andrii Nakryiko
2024-02-29  0:44           ` Kui-Feng Lee
2024-02-29  0:51             ` Kui-Feng Lee
2024-02-29  1:03             ` Andrii Nakryiko
2024-02-29  1:14               ` Kui-Feng Lee
2024-02-27  1:04 ` [PATCH bpf-next v5 5/6] bpftool: Add an example for struct_ops map and shadow type Kui-Feng Lee
2024-02-28 14:38   ` Quentin Monnet
2024-02-27  1:04 ` [PATCH bpf-next v5 6/6] selftests/bpf: Test if shadow types work correctly Kui-Feng Lee

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d342f4ee-8b70-456c-aea5-54fc9084f52c@gmail.com \
    --to=sinquersw@gmail.com \
    --cc=andrii.nakryiko@gmail.com \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=kernel-team@meta.com \
    --cc=kuifeng@meta.com \
    --cc=martin.lau@linux.dev \
    --cc=quentin@isovalent.com \
    --cc=song@kernel.org \
    --cc=thinker.li@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox