-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sys/linux: support for BPF filesystem #1456
base: master
Are you sure you want to change the base?
Conversation
Use of the global path is problematic for several reasons:
We generally try to prepare isolated environment for each test, grep cgroup/mount in executor/*.h. That code is also used in reproducers so a repro will create all necessary env as well. |
Signed-off-by: Paul Chaignon <paul.chaignon@orange.com>
Thanks for the review! I've updated the branch with just |
Codecov Report
@@ Coverage Diff @@
## master #1456 +/- ##
==========================================
+ Coverage 56.42% 56.44% +0.01%
==========================================
Files 135 135
Lines 25796 25796
==========================================
+ Hits 14555 14560 +5
+ Misses 10570 10566 -4
+ Partials 671 670 -1
Continue to review full report at Codecov.
|
I'm not quite sure how to proceed with this issue. It looks like we would need either 1) a way to refer to the executor's temporary directory from syscall descriptions, or 2) to chroot into that temporary directory after mounting the BPF filesystem. I'm guessing option 1 is preferred (?). Option 2 is probably only okay when using the namespace sandbox and even then we'll have another issue: we can't mount the BPF filesystem into a user namespace. |
A test process always have cwd set to the temp directory, so a name like "bpf" will refer to the temp dir (well, not after chdir into a subdir, but we can live with that, the same for any other file names). |
Hm, right. Not sure why I didn't consider a relative path. I will update the pull request for that. |
|
I don't think we'll need changes in these scripts after all.
As far as I can see (through quick tests), the bpf filesystem mounts are not global. Each mount contains its own entries, so we can simply mount it inside the tests' private directories. |
This pull requests puts filenames for the
bpf$OBJ_PIN_(MAP|PROG)
andbpf$OBJ_GET_(MAP|PROG)
syscalls on the/sys/fs/bpf/
filesystem. I've checked that it works correctly by running syzkaller long enough that it managed to pin a map!Note that I've also updated
create-image.sh
to mount the BPF filesystem at startup time. Since this special filesystem is only supported in Linux 4.4+, it may create issues for older kernels. Is that something we care about forcreate-image.sh
? Should there be an option to not write that line to/etc/fstab
(+documentation)?