mirror of
https://github.com/torvalds/linux.git
synced 2025-10-30 16:18:41 +02:00
ea923080c1
To fulfill the BPF signing contract, represented as Sig(I_loader ||
H_meta), the generated trusted loader program must verify the integrity
of the metadata. This signature cryptographically binds the loader's
instructions (I_loader) to a hash of the metadata (H_meta).
The verification process is embedded directly into the loader program.
Upon execution, the loader loads the runtime hash from struct bpf_map
i.e. BPF_PSEUDO_MAP_IDX and compares this runtime hash against an
expected hash value that has been hardcoded directly by
bpf_obj__gen_loader.
The load from bpf_map can be improved by calling
BPF_OBJ_GET_INFO_BY_FD from the kernel context after BPF_OBJ_GET_INFO_BY_FD
has been updated for being called from the kernel context.
The following instructions are generated:
ld_imm64 r1, const_ptr_to_map // insn[0].src_reg == BPF_PSEUDO_MAP_IDX
r2 = *(u64 *)(r1 + 0);
ld_imm64 r3, sha256_of_map_part1 // constant precomputed by
bpftool (part of H_meta)
if r2 != r3 goto out;
r2 = *(u64 *)(r1 + 8);
ld_imm64 r3, sha256_of_map_part2 // (part of H_meta)
if r2 != r3 goto out;
r2 = *(u64 *)(r1 + 16);
ld_imm64 r3, sha256_of_map_part3 // (part of H_meta)
if r2 != r3 goto out;
r2 = *(u64 *)(r1 + 24);
ld_imm64 r3, sha256_of_map_part4 // (part of H_meta)
if r2 != r3 goto out;
...
Signed-off-by: KP Singh <kpsingh@kernel.org>
Link: https://lore.kernel.org/r/20250921160120.9711-4-kpsingh@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
77 lines
2.3 KiB
C
77 lines
2.3 KiB
C
/* SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) */
|
|
/* Copyright (c) 2021 Facebook */
|
|
#ifndef __BPF_GEN_INTERNAL_H
|
|
#define __BPF_GEN_INTERNAL_H
|
|
|
|
#include "bpf.h"
|
|
#include "libbpf_internal.h"
|
|
|
|
struct ksym_relo_desc {
|
|
const char *name;
|
|
int kind;
|
|
int insn_idx;
|
|
bool is_weak;
|
|
bool is_typeless;
|
|
bool is_ld64;
|
|
};
|
|
|
|
struct ksym_desc {
|
|
const char *name;
|
|
int ref;
|
|
int kind;
|
|
union {
|
|
/* used for kfunc */
|
|
int off;
|
|
/* used for typeless ksym */
|
|
bool typeless;
|
|
};
|
|
int insn;
|
|
bool is_ld64;
|
|
};
|
|
|
|
struct bpf_gen {
|
|
struct gen_loader_opts *opts;
|
|
void *data_start;
|
|
void *data_cur;
|
|
void *insn_start;
|
|
void *insn_cur;
|
|
bool swapped_endian;
|
|
ssize_t cleanup_label;
|
|
__u32 nr_progs;
|
|
__u32 nr_maps;
|
|
int log_level;
|
|
int error;
|
|
struct ksym_relo_desc *relos;
|
|
int relo_cnt;
|
|
struct bpf_core_relo *core_relos;
|
|
int core_relo_cnt;
|
|
char attach_target[128];
|
|
int attach_kind;
|
|
struct ksym_desc *ksyms;
|
|
__u32 nr_ksyms;
|
|
int fd_array;
|
|
int nr_fd_array;
|
|
int hash_insn_offset[SHA256_DWORD_SIZE];
|
|
};
|
|
|
|
void bpf_gen__init(struct bpf_gen *gen, int log_level, int nr_progs, int nr_maps);
|
|
int bpf_gen__finish(struct bpf_gen *gen, int nr_progs, int nr_maps);
|
|
void bpf_gen__free(struct bpf_gen *gen);
|
|
void bpf_gen__load_btf(struct bpf_gen *gen, const void *raw_data, __u32 raw_size);
|
|
void bpf_gen__map_create(struct bpf_gen *gen,
|
|
enum bpf_map_type map_type, const char *map_name,
|
|
__u32 key_size, __u32 value_size, __u32 max_entries,
|
|
struct bpf_map_create_opts *map_attr, int map_idx);
|
|
void bpf_gen__prog_load(struct bpf_gen *gen,
|
|
enum bpf_prog_type prog_type, const char *prog_name,
|
|
const char *license, struct bpf_insn *insns, size_t insn_cnt,
|
|
struct bpf_prog_load_opts *load_attr, int prog_idx);
|
|
void bpf_gen__map_update_elem(struct bpf_gen *gen, int map_idx, void *value, __u32 value_size);
|
|
void bpf_gen__map_freeze(struct bpf_gen *gen, int map_idx);
|
|
void bpf_gen__record_attach_target(struct bpf_gen *gen, const char *name, enum bpf_attach_type type);
|
|
void bpf_gen__record_extern(struct bpf_gen *gen, const char *name, bool is_weak,
|
|
bool is_typeless, bool is_ld64, int kind, int insn_idx);
|
|
void bpf_gen__record_relo_core(struct bpf_gen *gen, const struct bpf_core_relo *core_relo);
|
|
void bpf_gen__populate_outer_map(struct bpf_gen *gen, int outer_map_idx, int key, int inner_map_idx);
|
|
|
|
#endif
|