Re: [PATCH 3/9] bpf: Add bpfwl tool to construct bpf whitelists

[RFCv2 0/9] bpf: Add d_path helper · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
[PATCH 2/9] bpf: Add d_path whitelist · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
[PATCH 1/9] bpf: Add d_path helper · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
Re: [PATCH 1/9] bpf: Add d_path helper · Andrii Nakryiko <hidden> · 2020-05-14
Re: [PATCH 1/9] bpf: Add d_path helper · Jiri Olsa <hidden> · 2020-05-15
[PATCH 3/9] bpf: Add bpfwl tool to construct bpf whitelists · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
Re: [PATCH 3/9] bpf: Add bpfwl tool to construct bpf whitelists · Andrii Nakryiko <hidden> · 2020-05-14
Re: [PATCH 3/9] bpf: Add bpfwl tool to construct bpf whitelists · Jiri Olsa <hidden> · 2020-05-15
[PATCH 4/9] bpf: Allow nested BTF object to be refferenced by BTF object + offset · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
Re: [PATCH 4/9] bpf: Allow nested BTF object to be refferenced by BTF object + offset · Andrii Nakryiko <hidden> · 2020-05-14
[PATCH 5/9] bpf: Add support to check on BTF id whitelist for d_path helper · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
[PATCH 6/9] bpf: Compile bpfwl tool at kernel compilation start · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
Re: [PATCH 6/9] bpf: Compile bpfwl tool at kernel compilation start · Andrii Nakryiko <hidden> · 2020-05-14
Re: [PATCH 6/9] bpf: Compile bpfwl tool at kernel compilation start · Jiri Olsa <hidden> · 2020-05-15
[PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Alexei Starovoitov <hidden> · 2020-05-13
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Jiri Olsa <hidden> · 2020-05-14
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Andrii Nakryiko <hidden> · 2020-05-14
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Jiri Olsa <hidden> · 2020-05-15
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Jiri Olsa <hidden> · 2020-05-28
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Andrii Nakryiko <hidden> · 2020-05-29
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Jiri Olsa <hidden> · 2020-05-31
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Andrii Nakryiko <hidden> · 2020-06-01
Re: [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux · Jiri Olsa <hidden> · 2020-06-02
[PATCH 8/9] selftests/bpf: Add test for d_path helper · Jiri Olsa <jolsa@kernel.org> · 2020-05-06
Re: [PATCH 8/9] selftests/bpf: Add test for d_path helper · Andrii Nakryiko <hidden> · 2020-05-14
Re: [PATCH 8/9] selftests/bpf: Add test for d_path helper · Jiri Olsa <hidden> · 2020-05-15
[PATCH 9/9] selftests/bpf: Add verifier test for d_path helper · Jiri Olsa <jolsa@kernel.org> · 2020-05-06

From: Jiri Olsa <hidden>
Date: 2020-05-15 14:58:53
Also in: bpf

On Thu, May 14, 2020 at 03:20:19PM -0700, Andrii Nakryiko wrote:

On Wed, May 6, 2020 at 6:30 AM Jiri Olsa [off-list ref] wrote:

quoted

This tool takes vmlinux object and whitelist directory on input
and produces C source object with BPF whitelist data.

The vmlinux object needs to have a BTF information compiled in.

The whitelist directory is expected to contain files with helper
names, where each file contains list of functions/probes that
helper is allowed to be called from - whitelist.

The bpfwl tool has following output:

  $ bpfwl vmlinux dir
  unsigned long d_path[] __attribute__((section(".BTF_whitelist_d_path"))) = \
  { 24507, 24511, 24537, 24539, 24545, 24588, 24602, 24920 };

why long instead of int? btf_id is 4-byte one.

ok, int it is

quoted

Each array are sorted BTF ids of the functions provided in the
helper file.

Each array will be compiled into kernel and used during the helper
check in verifier.

Signed-off-by: Jiri Olsa <jolsa@kernel.org>
---
 tools/bpf/bpfwl/Build    |  11 ++
 tools/bpf/bpfwl/Makefile |  60 +++++++++
 tools/bpf/bpfwl/bpfwl.c  | 285 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 356 insertions(+)
 create mode 100644 tools/bpf/bpfwl/Build
 create mode 100644 tools/bpf/bpfwl/Makefile
 create mode 100644 tools/bpf/bpfwl/bpfwl.c

Sorry, I didn't want to nitpick on naming, honestly, but I think this
is actually harmful in the long run. bpfwl is incomprehensible name,
anyone reading link script would be like "what the hell is bpfwl?" Why
not bpf_build_whitelist or something with "whitelist" spelled out in
full?

hum, will pick some more generic name

quoted

diff --git a/tools/bpf/bpfwl/Build b/tools/bpf/bpfwl/Build
new file mode 100644
index 000000000000..667e30d6ce79
--- /dev/null
+++ b/tools/bpf/bpfwl/Build

@@ -0,0 +1,11 @@
+bpfwl-y += bpfwl.o
+bpfwl-y += rbtree.o
+bpfwl-y += zalloc.o
+

[...]

quoted

+
+struct func {
+       char                    *name;
+       unsigned long            id;

as mentioned above, btf_id is 4 byte

ok, changing to int

quoted

+       struct rb_node           rb_node;
+       struct list_head         list[];
+};
+

[...]

quoted

+       btf = btf__parse_elf(vmlinux, NULL);
+       err = libbpf_get_error(btf);
+       if (err) {
+               fprintf(stderr, "FAILED: load BTF from %s: %s",
+                       vmlinux, strerror(err));
+               return -1;
+       }
+
+       nr = btf__get_nr_types(btf);
+
+       /* Iterate all the BTF types and resolve all the function IDs. */
+       for (id = 0; id < nr; id++) {

It has to be `for (id = 1; id <= nr; id++)`. 0 is VOID type and not
included into nr_types. I know it's confusing, but.. life :)

right, will change

thanks,
jirka

quoted

+               const struct btf_type *type;
+               struct func *func;
+               const char *str;
+
+               type = btf__type_by_id(btf, id);
+               if (!type)
+                       continue;
+

[...]

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help