From patchwork Wed Jun 27 03:13:48 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexei Starovoitov X-Patchwork-Id: 140082 Delivered-To: patch@linaro.org Received: by 2002:a2e:9754:0:0:0:0:0 with SMTP id f20-v6csp331266ljj; Tue, 26 Jun 2018 20:14:07 -0700 (PDT) X-Google-Smtp-Source: AAOMgpc/ffUC6kauBY3aIu19QoFEszDD0yDSmrxhMSeZ1YTOG46xVCyrCRj/jg0z/3dNKPqU0ZsP X-Received: by 2002:a62:39cd:: with SMTP id u74-v6mr4074619pfj.95.1530069247715; Tue, 26 Jun 2018 20:14:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530069247; cv=none; d=google.com; s=arc-20160816; b=PiG4EHJNmfxv01Ika/MsJX6GiDcsfmHwzHZwxDkJCHndA+W5izwNLx4aLkqMl5nJJP ezfR+1B1mHP8SMcWLwKlW3lYrx1Dm864TSUcKqPTfKQkMyVR4xt/goVvCth5V82ozWnS HCnwQ7Bxer8FtEWfHUsMM9tASwcMNkKSeona5YSwplyYaZ2jLSXyahX3iunGFxil0yw9 A85yOurdpXYzR+LA9Quz3LZbkxjrJZZrXwV/wTpIuiky15GM7c+46MlbRGcZqgVgWXL0 QM4Vjkr7gl9E0WvakIGZJsqr+M5kZeULV553yJLIGslVL1o2d+qdn5TZKCxgWg+e9R3J Sw0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject :smtp-origin-cluster:cc:to:smtp-origin-hostname:from :smtp-origin-hostprefix:arc-authentication-results; bh=KsP7200wN6LvaxVF4rNe1BI7Mj/QO/8BxFjOhw4thX8=; b=efec52ef8PNOCvX/6NkzZPKKGfFCGVWMV9tMRR1iVo3gzO418cJh3bNVx/DWE17qF1 72IUYaBjaAInSqZGyJk6KUO4N//xZFC8iUb92ZUU2U4TxJ4Fs2Glkq6K9Z56VrRV2gLo IryAESB2OQjFJe0qSdcbuklAM9hc10SOkhidaCMrqI2eSUKLnPdDkXTb7kIBbTZ37qjG OIGVPzVI7wEyiTLICViyx0Z306f/aPIDtevZnOzxP9MpllHKApnBRvL1VE6esxLg+5KR dltVkFmc8vLi7oaRmLcWeIQTCgJEyENVm3PdolmPkNzpTMihJbMk7sjz3oMx+1VhHbLH UDsQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of netdev-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=netdev-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 61-v6si3115191plf.63.2018.06.26.20.14.07; Tue, 26 Jun 2018 20:14:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of netdev-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of netdev-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=netdev-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752282AbeF0DOE (ORCPT + 9 others); Tue, 26 Jun 2018 23:14:04 -0400 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:39348 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751879AbeF0DOE (ORCPT ); Tue, 26 Jun 2018 23:14:04 -0400 Received: from pps.filterd (m0109333.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w5R3A9A5004863 for ; Tue, 26 Jun 2018 20:14:03 -0700 Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2juyua89ms-7 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 26 Jun 2018 20:14:03 -0700 Received: from mx-out.facebook.com (192.168.52.123) by mail.thefacebook.com (192.168.16.14) with Microsoft SMTP Server (TLS) id 14.3.361.1; Tue, 26 Jun 2018 20:13:51 -0700 Received: by devbig007.ftw2.facebook.com (Postfix, from userid 572438) id A9D2D760962; Tue, 26 Jun 2018 20:13:48 -0700 (PDT) Smtp-Origin-Hostprefix: devbig From: Alexei Starovoitov Smtp-Origin-Hostname: devbig007.ftw2.facebook.com To: "David S . Miller" CC: , , , , , , Smtp-Origin-Cluster: ftw2c04 Subject: [PATCH net] bpfilter: include bpfilter_umh in assembly instead of using objcopy Date: Tue, 26 Jun 2018 20:13:48 -0700 Message-ID: <20180627031348.285964-1-ast@kernel.org> X-Mailer: git-send-email 2.17.1 X-FB-Internal: Safe MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-06-26_11:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Masahiro Yamada What we want here is to embed a user-space program into the kernel. Instead of the complex ELF magic, let's simply wrap it in the assembly with the '.incbin' directive. Signed-off-by: Masahiro Yamada Signed-off-by: Alexei Starovoitov --- I think this patch should 'fix' bpfilter build issue on all archs. cflags for cross CC may still be incorrect and embedded blob may fail to execute via fork_usermode_blob() (like in case of 'make ARCH=i386 net/bpfilter/' CC will build and link 64-bit binary that will be included into bpfilter.o or vmlinux and that binary will fail to run on 32-bit kernel), but that is separate issue that will be addressed in net-next time frame. Long term we've discussed to switch to something like klibc and keep it as part of the kernel to avoid relying on glibc and cc-can-link.sh. net/bpfilter/Makefile | 17 ++--------------- net/bpfilter/bpfilter_kern.c | 11 +++++------ net/bpfilter/bpfilter_umh_blob.S | 7 +++++++ 3 files changed, 14 insertions(+), 21 deletions(-) create mode 100644 net/bpfilter/bpfilter_umh_blob.S -- 2.17.1 diff --git a/net/bpfilter/Makefile b/net/bpfilter/Makefile index 051dc18b8ccb..39c6980b5d99 100644 --- a/net/bpfilter/Makefile +++ b/net/bpfilter/Makefile @@ -15,20 +15,7 @@ ifeq ($(CONFIG_BPFILTER_UMH), y) HOSTLDFLAGS += -static endif -# a bit of elf magic to convert bpfilter_umh binary into a binary blob -# inside bpfilter_umh.o elf file referenced by -# _binary_net_bpfilter_bpfilter_umh_start symbol -# which bpfilter_kern.c passes further into umh blob loader at run-time -quiet_cmd_copy_umh = GEN $@ - cmd_copy_umh = echo ':' > $(obj)/.bpfilter_umh.o.cmd; \ - $(OBJCOPY) -I binary \ - `LC_ALL=C $(OBJDUMP) -f net/bpfilter/bpfilter_umh \ - |awk -F' |,' '/file format/{print "-O",$$NF} \ - /^architecture:/{print "-B",$$2}'` \ - --rename-section .data=.init.rodata $< $@ - -$(obj)/bpfilter_umh.o: $(obj)/bpfilter_umh - $(call cmd,copy_umh) +$(obj)/bpfilter_umh_blob.o: $(obj)/bpfilter_umh obj-$(CONFIG_BPFILTER_UMH) += bpfilter.o -bpfilter-objs += bpfilter_kern.o bpfilter_umh.o +bpfilter-objs += bpfilter_kern.o bpfilter_umh_blob.o diff --git a/net/bpfilter/bpfilter_kern.c b/net/bpfilter/bpfilter_kern.c index 09522573f611..f0fc182d3db7 100644 --- a/net/bpfilter/bpfilter_kern.c +++ b/net/bpfilter/bpfilter_kern.c @@ -10,11 +10,8 @@ #include #include "msgfmt.h" -#define UMH_start _binary_net_bpfilter_bpfilter_umh_start -#define UMH_end _binary_net_bpfilter_bpfilter_umh_end - -extern char UMH_start; -extern char UMH_end; +extern char bpfilter_umh_start; +extern char bpfilter_umh_end; static struct umh_info info; /* since ip_getsockopt() can run in parallel, serialize access to umh */ @@ -93,7 +90,9 @@ static int __init load_umh(void) int err; /* fork usermode process */ - err = fork_usermode_blob(&UMH_start, &UMH_end - &UMH_start, &info); + err = fork_usermode_blob(&bpfilter_umh_start, + &bpfilter_umh_end - &bpfilter_umh_start, + &info); if (err) return err; pr_info("Loaded bpfilter_umh pid %d\n", info.pid); diff --git a/net/bpfilter/bpfilter_umh_blob.S b/net/bpfilter/bpfilter_umh_blob.S new file mode 100644 index 000000000000..40311d10d2f2 --- /dev/null +++ b/net/bpfilter/bpfilter_umh_blob.S @@ -0,0 +1,7 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + .section .init.rodata, "a" + .global bpfilter_umh_start +bpfilter_umh_start: + .incbin "net/bpfilter/bpfilter_umh" + .global bpfilter_umh_end +bpfilter_umh_end: