From: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
To: Alexei Starovoitov <alexei.starovoitov@gmail.com>,
Vince Weaver <vincent.weaver@maine.edu>
Cc: linux-kernel@vger.kernel.org,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>,
"David S. Miller" <davem@davemloft.net>,
Peter Zijlstra <a.p.zijlstra@chello.nl>,
Ingo Molnar <mingo@redhat.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>
Subject: Re: Re: perf, kprobes: fuzzer generates huge number of WARNings
Date: Wed, 08 Jul 2015 22:11:57 +0900 [thread overview]
Message-ID: <559D219D.1090507@hitachi.com> (raw)
In-Reply-To: <20150707212137.GA6287@Alexeis-MacBook-Pro.local>
On 2015/07/08 6:21, Alexei Starovoitov wrote:
> On Tue, Jul 07, 2015 at 05:08:51PM -0400, Vince Weaver wrote:
>> On Tue, 7 Jul 2015, Alexei Starovoitov wrote:
>>
>>> On Tue, Jul 07, 2015 at 12:00:12AM -0400, Vince Weaver wrote:
>>>>
>>>> Well the BPF hack is in the fuzzer, not the kernel. And it's not really a
>>>> hack, it just turned out to be a huge pain to figure out how to
>>>> manually create a valid BPF program in conjunction with a valid kprobe
>>>> event.
>>>
>>> You mean automatically generating valid bpf program? That's definitely hard.
>>> If you mean just few hardcoded programs then take them from samples or
>>> from test_bpf ?
>>
>> there's already code in trinity that in theory autogenerates bpf programs,
>> but for now I was just trying to hook up a short known valid one.
>>
>> it might not be possible to really test things though, as you need to be
>> root to create a kprobe and attach a BPF program, but my fuzzer when run
>> as root often does all kinds of other stuff that will crash a machine.
>> Is it ever planned to allow using bpf/kprobes without requiring full
>> CAP_ADMIN privledges?
>
> I suspect kprobes will forever be root only, whereas for bpf I'm thinking
> to introduce CAP_BPF, but before that we need to finish constant blinding
> and add address leak prevention. So not soon.
Currently I don't plan to do that. Actually systemtap allows that, but
with much bigger blacklist. I think we can make a tool which also
allows user to add new events on the limited functions (white-list).
But anyway, since these can expose kernel function addresses to users,
it is highly recommended to limit users by some capabilities.
>>>> I did have to sprinkle printks in the kprobe and bpf code to find out
>>>> where various EINVAL returns were coming from, so potentially this is just
>>>> a problem of printks happening where they shouldn't. I'll remove those
>>>> changes and try to reproduce this tomorrow.
>>>
>>> could you please elaborate on this further. Which EINVALs you talking about?
>>
>> When you are trying to create a kprobe and bpf file there's about 10
>> different ways to get EINVAL as a return value and no way of knowing which
>> one you are hitting. I added printks so I could know what issue was
>> causing the einval. (from memory, the problems I hit were not zeroing out
>> the attr structure, having a wrong instruction count, and a few others).
Hmm I must fix some parts of kprobes by changing retval or showing more
precise messages.
Thanks!
> I see. I guess anyone trying to use syscall directly will be facing such
> issues, but libbpf that is being developed to be used by perf and others
> should solve these problems.
--
Masami HIRAMATSU
Linux Technology Research Center, System Productivity Research Dept.
Center for Technology Innovation - Systems Engineering
Hitachi, Ltd., Research & Development Group
E-mail: masami.hiramatsu.pt@hitachi.com
prev parent reply other threads:[~2015-07-08 13:12 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-06 21:27 perf, kprobes: fuzzer generates huge number of WARNings Vince Weaver
2015-07-06 21:29 ` Steven Rostedt
2015-07-07 3:53 ` Vince Weaver
2015-07-07 2:25 ` Masami Hiramatsu
2015-07-07 4:00 ` Vince Weaver
2015-07-07 10:35 ` Masami Hiramatsu
2015-07-07 15:06 ` Vince Weaver
2015-07-07 15:10 ` Steven Rostedt
2015-07-07 18:06 ` Vince Weaver
2015-07-08 3:13 ` Masami Hiramatsu
2015-07-07 15:11 ` Vince Weaver
2015-07-09 9:58 ` Masami Hiramatsu
2015-07-07 19:18 ` Alexei Starovoitov
2015-07-07 21:08 ` Vince Weaver
2015-07-07 21:21 ` Alexei Starovoitov
2015-07-08 13:11 ` Masami Hiramatsu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=559D219D.1090507@hitachi.com \
--to=masami.hiramatsu.pt@hitachi.com \
--cc=a.p.zijlstra@chello.nl \
--cc=acme@kernel.org \
--cc=alexei.starovoitov@gmail.com \
--cc=ananth@in.ibm.com \
--cc=anil.s.keshavamurthy@intel.com \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rostedt@goodmis.org \
--cc=vincent.weaver@maine.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.