[bpf-next,v2,0/1] Avoid size mismatches in skeletons

Message ID	cover.1644884357.git.delyank@fb.com (mailing list archive)
Headers	show Return-Path: <bpf-owner@kernel.org> From: Delyan Kratunov <delyank@fb.com> To: "daniel@iogearbox.net" <daniel@iogearbox.net>, "ast@kernel.org" <ast@kernel.org>, "andrii@kernel.org" <andrii@kernel.org>, "bpf@vger.kernel.org" <bpf@vger.kernel.org> Subject: [PATCH bpf-next v2 0/1] Avoid size mismatches in skeletons Thread-Topic: [PATCH bpf-next v2 0/1] Avoid size mismatches in skeletons Thread-Index: AQHYIgK0od4pyguoI0+AQhHfMcEvxw== Date: Tue, 15 Feb 2022 00:26:41 +0000 Message-ID: <cover.1644884357.git.delyank@fb.com> Accept-Language: en-US Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ0PR15MB5154.namprd15.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: bbc4d7a9-2e81-4382-127f-08d9f019d696 X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Feb 2022 00:26:41.3862 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted Precedence: bulk
Series	Avoid size mismatches in skeletons \| expand [bpf-next,v2,0/1] Avoid size mismatches in skeletons [bpf-next,v2,1/1] bpftool: bpf skeletons assert type sizes

Message ID

cover.1644884357.git.delyank@fb.com (mailing list archive)

Headers

From: Delyan Kratunov <delyank@fb.com>
To: "daniel@iogearbox.net" <daniel@iogearbox.net>,
        "ast@kernel.org" <ast@kernel.org>,
        "andrii@kernel.org" <andrii@kernel.org>,
        "bpf@vger.kernel.org" <bpf@vger.kernel.org>
Subject: [PATCH bpf-next v2 0/1] Avoid size mismatches in skeletons
Thread-Topic: [PATCH bpf-next v2 0/1] Avoid size mismatches in skeletons
Thread-Index: AQHYIgK0od4pyguoI0+AQhHfMcEvxw==
Date: Tue, 15 Feb 2022 00:26:41 +0000
Message-ID: <cover.1644884357.git.delyank@fb.com>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?yQl4ZddIg39kUF2ZZMb9RY+?=
	=?iso-8859-1?q?fe9XMUg7Y/GANr+ri/qN5Jn77pmDiDi0qStFHLGTR2q1+Zu6JKqOrE9KVkFh?=
	=?iso-8859-1?q?4fkXYsU3A2Jpgdgnnsa8/w921sZi0wgDIIpSTgK1rBu7Fn185ezu5zG3prGm?=
	=?iso-8859-1?q?gUfp+/qXOFY2IwYS5KBFrqNE+a+i1jYw8PnvllHsVl2/lQb1VWywXZL19dmL?=
	=?iso-8859-1?q?LqM21T1EHl1nTZURgEVj8H+IyKWEpirKFaeSBqdtKW83IJVSSRdgp4dyZURB?=
	=?iso-8859-1?q?wj6pRqQRashVjrvtUQOtEJFOoJHTyVHnmkXEm/SzyI+VoPdde9tD47iYYHzz?=
	=?iso-8859-1?q?a+H82/5yXaI8T9uaN4f5myVUIYAc8vb9TD+LoS77FHc5U3FJytB4IYMW/HYV?=
	=?iso-8859-1?q?SyXzLbPEHCVS3S54zLpHMCnO+UBzwn+aBsELz0tF5+bUBXyyQMxiq2O9ZCzp?=
	=?iso-8859-1?q?ywRbAfNaC4TcMNJhJ40wRQPRlc6JJGW3N7lynu4hnjEAhM/mOSqXZt8ZdzAB?=
	=?iso-8859-1?q?opfUJoAS4XGOFxWCrFna/XFAqCUkSrslC9u2eZrVjZT7f8fMvTxi+RgPDvag?=
	=?iso-8859-1?q?S/FgLkN3DfylYLWfvwy/PzZIBGdwACEZgBfOddauLzNF2E1niDk1zkRtkAWh?=
	=?iso-8859-1?q?pd1p4zNmfAE1m9il3UzVHN8+8peE5pdChSpSi0/grvuFokY/vdgmN9xsf9++?=
	=?iso-8859-1?q?2njy3GALQ7O47RMHfoJ5Tup20HK554mU8UD8Ynj4fYZAwIYqngCruM25yd/L?=
	=?iso-8859-1?q?GZH/kHQKJxH5a36sfAE3lUz2aCM4h8zHHQm27WkKN4h0uss0OYRSvrQwqrpx?=
	=?iso-8859-1?q?+f4NgY2I1A5R/eK4/aB9Kk9OdCMTrTVBwAQ3iDX+uPONltEBcNQWg8JYwZU7?=
	=?iso-8859-1?q?H0xTxQ+4E2NjAsIILbtXPV8zqY/vcaB+/CNZEuDIqatyNXW2WEJKZ/xuS0Mh?=
	=?iso-8859-1?q?WtepY5/5hPpTmBJ91BnL0cLmxIcJAGin//pxhOJSSA1zeKBOWwjNQijjCnku?=
	=?iso-8859-1?q?k3yr+2KWag+u80BS4Mnwkl4CAySzSvXGCpi7rqReKeO1SypG6MwViTadiBmQ?=
	=?iso-8859-1?q?6rqASJbpyfSilllYvleGVcFfOwYmQmg21r4ZnN2UUSxr38DaK/iZKqNtUigM?=
	=?iso-8859-1?q?DuYLXgs9ix2Ebz/MU8Sq2hE79YsSgiMQP8fDZGEMMK9XHb7Jv59j7xjq2IWP?=
	=?iso-8859-1?q?QCTMH/J5g5NCO+M3B71zC7U/ikfZzmWuiIoc/4CpjDTYQQa0AEcUad/GvU/S?=
	=?iso-8859-1?q?DrjKQaDzq7OjkuaUp1xBtPC8YXxCRUGRtdpWmbs9G+wMVrPKijB86BCeiz9h?=
	=?iso-8859-1?q?ZQA/G7oYnAPHTN4PByhNqB7E5smTP6XV9osgGQPHoh/6M3zyqzLu2VoDz/zD?=
	=?iso-8859-1?q?ckuc1hIz2wAr3QNkY3/QlEJmkKNchJqUdbwqW0mYsuZtGRyD/g6xkJ4ZA0Zp?=
	=?iso-8859-1?q?occRcQtSEZTGJyx4tEMDLYU6zBoVZWPS42fsIJWeEtr7AJFz4oP+t5osu8XI?=
	=?iso-8859-1?q?QwUffYBR/yS6wszXmzYlJT8jlO5BhG2EUkxnzo5TnRq4YcLLfELNyQ12XP2C?=
	=?iso-8859-1?q?N9sS3crhp+EIJ3ajDMXhlEF0OSGqU9uY47WnIqjd4Zg3SazmMvCJQ4SYTj65?=
	=?iso-8859-1?q?MsOQj0acyMJKy/Hk7VeRcF6i40yUJd3acvg2v9g=3D=3D?=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR15MB5154.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 bbc4d7a9-2e81-4382-127f-08d9f019d696
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Feb 2022 00:26:41.3862
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 j+H0Ldhuz/NkgpwtwKVlfp1ODn36gx3LzB6wJcLuYsCOMndK8cbDnNiFYOlmk+ga
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR15MB4934
X-OriginatorOrg: fb.com
X-Proofpoint-GUID: 51duB39V5DwASsWZJeKi4h97dS19mMXx
X-Proofpoint-ORIG-GUID: 51duB39V5DwASsWZJeKi4h97dS19mMXx
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.62.513
 definitions=2022-02-14_07,2022-02-14_03,2021-12-02_01
X-Proofpoint-Spam-Details: rule=fb_outbound_notspam policy=fb_outbound score=0
 priorityscore=1501
 lowpriorityscore=0 bulkscore=0 clxscore=1015 impostorscore=0
 mlxlogscore=999 spamscore=0 malwarescore=0 suspectscore=0 phishscore=0
 mlxscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2201110000 definitions=main-2202150000
X-FB-Internal: deliver
Precedence: bulk
List-ID: <bpf.vger.kernel.org>
X-Mailing-List: bpf@vger.kernel.org
X-Patchwork-Delegate: bpf@iogearbox.net

Series

Avoid size mismatches in skeletons | expand

Message

Delyan Kratunov Feb. 15, 2022, 12:26 a.m. UTC

As reported in [0], kernel and userspace can sometimes disagree
on the size of a type. This leads to trouble when userspace maps the memory of
a bpf program and reads/writes to it assuming a different memory layout.

With this change, the skeletons now contain size asserts to ensure the
types in userspace are compatible in size with the types in the bpf program.
In particular, we emit asserts for all top-level fields in the data/rodata/bss/etc
structs, but not recursively for the individual members inside - this strikes a
compromise between diagnostics precision and still catching all possible size
mismatches.

The generated asserts are somewhat ugly but are able to handle anonymous structs:

  struct test_skeleton__data {
          int in1;
          char __pad0[4];
          long long in2;
          int out1;
          char __pad1[4];
          long long out2;
  } *data;
  BPF_STATIC_ASSERT(sizeof(((struct test_skeleton__data*)0)->in1) == 4, "unexpe
cted size of field in1");
  BPF_STATIC_ASSERT(sizeof(((struct test_skeleton__data*)0)->in2) == 8, "unexpe
cted size of field in2");
  BPF_STATIC_ASSERT(sizeof(((struct test_skeleton__data*)0)->out1) == 4, "unexp
ected size of field out1");
  BPF_STATIC_ASSERT(sizeof(((struct test_skeleton__data*)0)->out2) == 8, "unexp
ected size of field out2");
  struct test_skeleton__rodata {
          struct {
                  int in6;
          } in;
  } *rodata;
  BPF_STATIC_ASSERT(sizeof(((struct test_skeleton__rodata*)0)->in) == 4, "unexp
ected size of field in");

I'm open to pushing more of the ugliness into a macro, I was going primarily for
simplicity in the diagnostic messages (it's unfortunate enough that we need a level
of macro expansion for C++ support). If we need this to be prettier, what's a good
header I could push any extra complexity into, so it's not spelled out in gen.c?

Delyan Kratunov (1):
  bpftool: bpf skeletons assert type sizes

 tools/bpf/bpftool/gen.c | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

--
2.34.1