Received: by 2002:a19:771d:0:0:0:0:0 with SMTP id s29csp1282410lfc; Wed, 1 Jun 2022 14:08:13 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxgSD7S8HQtw8Tg2jCu9VPpWEStH9OPB0aSMpyhJvqD8nH970P03TXbxxbJFletJFEbqtNL X-Received: by 2002:a05:6a00:298c:b0:518:afaf:f7cd with SMTP id cj12-20020a056a00298c00b00518afaff7cdmr1450782pfb.23.1654117693436; Wed, 01 Jun 2022 14:08:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1654117693; cv=none; d=google.com; s=arc-20160816; b=ZgvpUhLBqyqw1LBLqN1eUoDVVb4T9kbQHOi8fKMzOkLnoOnnlr/cWmoZxr2uQfUl2Z lLEpghh0nGuCEVfWYQKA5BYaLfSlbWpy8tOCfPSYdRPSGyNwIbLzuQyX8X4xbuepWxIC P6u95P55Zb1pq5UCmeAAl9drfXPUibSvegCTuJdQrdkQ+IFx7N5Vq4O+Cm6wXbelTNSM OhqaLg2ekE/JH2+5JcLRe8DlLFURYe42jWpDI6QqCiRH37OXHinIiNx16wKyyzNNkKwS X0lemLDKzCpMFoZvo9xh4VM4H/2Z+NSHIeXHqRr8auzkqt/dkHSI7w+MVTrKxmcCR4PS yd4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=T8fnUPH/0pi2U4FPF2cBbhNOvboT3qQ6DW2DMubzYso=; b=sFR/Onb1kvDfzyuARCIoIxt3XtNfD92tMb08M2oWZaENstlnPca4Ok9/6wDwbFF2Km X06SZeKly/PCAbGlD/r/5Qr7FCNexi0INqh2ky5vQAqvke7jePpwEcGn+AkEJmR7+msR SYvmaXT10anX6g9mMcRO9u/WSE5BY/8Ghf3J+vUUb6Gq3tJy2tXNIL+oaWK9ab1z2WGu 4CrBUf+cTenXM8wjBqfCOw/v6WEZ33TrZdpQ50iKifE0yCYYeV/3V8NIlIY05Kx3vLhP r/TRoom5Fr4jX0Mha/GYj3Lad7LMAxrmFza9MuJzWMTboqTgjVPCYWSnHFxGkESzl+QS 6GDQ== ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id mq18-20020a17090b381200b001d99fab8c25si3963821pjb.10.2022.06.01.14.08.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 14:08:13 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 63D3E21D3D3; Wed, 1 Jun 2022 13:00:08 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243286AbiE3VzY (ORCPT + 99 others); Mon, 30 May 2022 17:55:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49570 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240312AbiE3VzW (ORCPT ); Mon, 30 May 2022 17:55:22 -0400 Received: from www62.your-server.de (www62.your-server.de [213.133.104.62]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D7EEF56C08; Mon, 30 May 2022 14:55:19 -0700 (PDT) Received: from sslproxy01.your-server.de ([78.46.139.224]) by www62.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from ) id 1nvnLz-0001Zh-5r; Mon, 30 May 2022 23:55:11 +0200 Received: from [85.1.206.226] (helo=linux-2.home) by sslproxy01.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nvnLy-000Laq-UY; Mon, 30 May 2022 23:55:10 +0200 Subject: Re: [PATCH 1/2] libbpf: Retry map access with read-only permission To: Roberto Sassu , ast@kernel.org, andrii@kernel.org, kpsingh@kernel.org Cc: bpf@vger.kernel.org, netdev@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org References: <20220530084514.10170-1-roberto.sassu@huawei.com> <20220530084514.10170-2-roberto.sassu@huawei.com> From: Daniel Borkmann Message-ID: <4089f118-662c-4ea2-131f-c8a9b702b6ca@iogearbox.net> Date: Mon, 30 May 2022 23:55:10 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 MIME-Version: 1.0 In-Reply-To: <20220530084514.10170-2-roberto.sassu@huawei.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.103.6/26557/Mon May 30 10:05:44 2022) X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A, RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/30/22 10:45 AM, Roberto Sassu wrote: > Retry map access with read-only permission, if access was denied when all > permissions were requested (open_flags is set to zero). Write access might > have been denied by the bpf_map security hook. > > Some operations, such as show and dump, don't need write permissions, so > there is a good chance of success with retrying. > > Prefer this solution to extending the API, as otherwise a new mechanism > would need to be implemented to determine the right permissions for an > operation. > > Signed-off-by: Roberto Sassu > --- > tools/lib/bpf/bpf.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/tools/lib/bpf/bpf.c b/tools/lib/bpf/bpf.c > index 240186aac8e6..b4eec39021a4 100644 > --- a/tools/lib/bpf/bpf.c > +++ b/tools/lib/bpf/bpf.c > @@ -1056,6 +1056,11 @@ int bpf_map_get_fd_by_id(__u32 id) > attr.map_id = id; > > fd = sys_bpf_fd(BPF_MAP_GET_FD_BY_ID, &attr, sizeof(attr)); > + if (fd < 0) { > + attr.open_flags = BPF_F_RDONLY; > + fd = sys_bpf_fd(BPF_MAP_GET_FD_BY_ID, &attr, sizeof(attr)); > + } > + But then what about bpf_obj_get() API in libbpf? attr.file_flags has similar purpose as attr.open_flags in this case. The other issue is that this could have upgrade implications, e.g. where an application bailed out before, it is now passing wrt bpf_map_get_fd_by_id(), but then suddenly failing during map update calls. Imho, it might be better to be explicit about user intent w/o the lib doing guess work upon failure cases (... or have the BPF LSM set the attr.open_flags to BPF_F_RDONLY from within the BPF prog). > return libbpf_err_errno(fd); > } > >