• D
    bpf: rework prog_digest into prog_tag · f1f7714e
    Daniel Borkmann 提交于
    Commit 7bd509e3 ("bpf: add prog_digest and expose it via
    fdinfo/netlink") was recently discussed, partially due to
    admittedly suboptimal name of "prog_digest" in combination
    with sha1 hash usage, thus inevitably and rightfully concerns
    about its security in terms of collision resistance were
    raised with regards to use-cases.
    
    The intended use cases are for debugging resp. introspection
    only for providing a stable "tag" over the instruction sequence
    that both kernel and user space can calculate independently.
    It's not usable at all for making a security relevant decision.
    So collisions where two different instruction sequences generate
    the same tag can happen, but ideally at a rather low rate. The
    "tag" will be dumped in hex and is short enough to introspect
    in tracepoints or kallsyms output along with other data such
    as stack trace, etc. Thus, this patch performs a rename into
    prog_tag and truncates the tag to a short output (64 bits) to
    make it obvious it's not collision-free.
    
    Should in future a hash or facility be needed with a security
    relevant focus, then we can think about requirements, constraints,
    etc that would fit to that situation. For now, rework the exposed
    parts for the current use cases as long as nothing has been
    released yet. Tested on x86_64 and s390x.
    
    Fixes: 7bd509e3 ("bpf: add prog_digest and expose it via fdinfo/netlink")
    Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
    Acked-by: NAlexei Starovoitov <ast@kernel.org>
    Cc: Andy Lutomirski <luto@kernel.org>
    Signed-off-by: NDavid S. Miller <davem@davemloft.net>
    f1f7714e
cls_bpf.c 14.5 KB