bpfloader: also load from /vendor/etc/bpf/android-t-preview-2 android-t-preview-1 android-t-beta-3 android-s-v2-beta-3 android-s-qpr3-beta-1 android-t-preview-1 android-s-v2-beta-3 android-s-qpr3-beta-1

Allow vendors to use bpf programs, but limit to tracepoints for now (other types of programs, for instance skfilter, aren't safe to expose, because the kernel gives us limited ways to control which resources can have BPF programs attached, and some shared resources only support a single BPF program at an attach point). Bug: 140330870 Bug: 162057235 Test: install bpf program to /vendor/etc/bpf/ and use it. Test: atest libbpf_load_test Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
author: Steven Moreland <smoreland@google.com> 2019-12-12 14:22:34 -0800
committer: Steven Moreland <smoreland@google.com> 2022-02-09 00:59:37 +0000
commit: 0f10f3fd9f961abf78030922ac5638150b8c2694 (patch)
tree: bbe47c668eaa33b1dd8841bdc961c75791d25a84 /libbpf_android
parent: 7429fcb8421ce0cd134bca8cc9141f5b64417ad1 (diff)
download: bpf-0f10f3fd9f961abf78030922ac5638150b8c2694.tar.gz
3 files changed, 32 insertions, 7 deletions
diff --git a/libbpf_android/BpfLoadTest.cpp b/libbpf_android/BpfLoadTest.cpp
index d14c7fc..db45da1 100644
--- a/libbpf_android/BpfLoadTest.cpp
+++ b/libbpf_android/BpfLoadTest.cpp
@@ -49,6 +49,14 @@ class BpfLoadTest : public TestWithParam<std::string> {
 
         auto progPath = android::base::GetExecutableDirectory() + "/" + GetParam() + ".o";
         bool critical = true;
+
+        bpf_prog_type kAllowed[] = {
+                BPF_PROG_TYPE_UNSPEC,
+        };
+        EXPECT_EQ(android::bpf::loadProg(progPath.c_str(), &critical, "", kAllowed,
+                                         arraysize(kAllowed)),
+                  -1);
+
         EXPECT_EQ(android::bpf::loadProg(progPath.c_str(), &critical), 0);
         EXPECT_EQ(false, critical);
 
diff --git a/libbpf_android/Loader.cpp b/libbpf_android/Loader.cpp
index fd223a2..eab8e96 100644
--- a/libbpf_android/Loader.cpp
+++ b/libbpf_android/Loader.cpp
@@ -312,16 +312,14 @@ static enum bpf_attach_type getExpectedAttachType(string& name) {
     return BPF_ATTACH_TYPE_UNSPEC;
 }
 
-/* If ever needed
 static string getSectionName(enum bpf_prog_type type)
 {
     for (auto& snt : sectionNameTypes)
         if (snt.type == type)
             return string(snt.name);
 
-    return NULL;
+    return "UNKNOWN SECTION NAME " + std::to_string(type);
 }
-*/
 
 static int readProgDefs(ifstream& elfFile, vector<struct bpf_prog_def>& pd,
                         size_t sizeOfBpfProgDef) {
@@ -401,8 +399,19 @@ static int getSectionSymNames(ifstream& elfFile, const string& sectionName, vect
     return 0;
 }
 
+static bool IsAllowed(bpf_prog_type type, const bpf_prog_type* allowed, size_t numAllowed) {
+    if (allowed == nullptr) return true;
+
+    for (size_t i = 0; i < numAllowed; i++) {
+        if (type == allowed[i]) return true;
+    }
+
+    return false;
+}
+
 /* Read a section by its index - for ex to get sec hdr strtab blob */
-static int readCodeSections(ifstream& elfFile, vector<codeSection>& cs, size_t sizeOfBpfProgDef) {
+static int readCodeSections(ifstream& elfFile, vector<codeSection>& cs, size_t sizeOfBpfProgDef,
+                            const bpf_prog_type* allowed, size_t numAllowed) {
     vector<Elf64_Shdr> shTable;
     int entries, ret = 0;
 
@@ -426,8 +435,14 @@ static int readCodeSections(ifstream& elfFile, vector<codeSection>& cs, size_t s
         if (ret) return ret;
 
         enum bpf_prog_type ptype = getSectionType(name);
+
         if (ptype == BPF_PROG_TYPE_UNSPEC) continue;
 
+        if (!IsAllowed(ptype, allowed, numAllowed)) {
+            ALOGE("Program type %s not permitted here", getSectionName(ptype).c_str());
+            return -1;
+        }
+
         // This must be done before '/' is replaced with '_'.
         cs_temp.expected_attach_type = getExpectedAttachType(name);
 
@@ -881,7 +896,8 @@ static int loadCodeSections(const char* elfPath, vector<codeSection>& cs, const
     return 0;
 }
 
-int loadProg(const char* elfPath, bool* isCritical, const char* prefix) {
+int loadProg(const char* elfPath, bool* isCritical, const char* prefix,
+             const bpf_prog_type* allowed, size_t numAllowed) {
     vector<char> license;
     vector<char> critical;
     vector<codeSection> cs;
@@ -946,7 +962,7 @@ int loadProg(const char* elfPath, bool* isCritical, const char* prefix) {
         return -1;
     }
 
-    ret = readCodeSections(elfFile, cs, sizeOfBpfProgDef);
+    ret = readCodeSections(elfFile, cs, sizeOfBpfProgDef, allowed, numAllowed);
     if (ret) {
         ALOGE("Couldn't read all code sections in %s\n", elfPath);
         return ret;
diff --git a/libbpf_android/include/libbpf_android.h b/libbpf_android/include/libbpf_android.h
index a3d5f03..3fb777b 100644
--- a/libbpf_android/include/libbpf_android.h
+++ b/libbpf_android/include/libbpf_android.h
@@ -24,7 +24,8 @@ namespace android {
 namespace bpf {
 
 // BPF loader implementation. Loads an eBPF ELF object
-int loadProg(const char* elfPath, bool* isCritical, const char* prefix = "");
+int loadProg(const char* elfPath, bool* isCritical, const char* prefix = "",
+             const bpf_prog_type* allowed = nullptr, size_t numAllowed = 0);
 
 // Exposed for testing
 unsigned int readSectionUint(const char* name, std::ifstream& elfFile, unsigned int defVal);
author	Steven Moreland <smoreland@google.com>	2019-12-12 14:22:34 -0800
committer	Steven Moreland <smoreland@google.com>	2022-02-09 00:59:37 +0000
commit	0f10f3fd9f961abf78030922ac5638150b8c2694 (patch)
tree	bbe47c668eaa33b1dd8841bdc961c75791d25a84 /libbpf_android
parent	7429fcb8421ce0cd134bca8cc9141f5b64417ad1 (diff)
download	bpf-0f10f3fd9f961abf78030922ac5638150b8c2694.tar.gz