From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932570AbdJPWTb (ORCPT ); Mon, 16 Oct 2017 18:19:31 -0400 Received: from www62.your-server.de ([213.133.104.62]:45829 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932551AbdJPWT2 (ORCPT ); Mon, 16 Oct 2017 18:19:28 -0400 Message-ID: <59E5306E.8050000@iogearbox.net> Date: Tue, 17 Oct 2017 00:19:26 +0200 From: Daniel Borkmann User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Alexei Starovoitov , Richard Weinberger CC: "netdev@vger.kernel.org" , "linux-kernel@vger.kernel.org" , Alexei Starovoitov Subject: Re: [PATCH 3/3] bpf: Make sure that ->comm does not change under us. References: In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10/17/2017 12:10 AM, Alexei Starovoitov wrote: > On Mon, Oct 16, 2017 at 2:10 PM, Richard Weinberger wrote: >> Am Montag, 16. Oktober 2017, 23:02:06 CEST schrieb Daniel Borkmann: >>> On 10/16/2017 10:55 PM, Richard Weinberger wrote: >>>> Am Montag, 16. Oktober 2017, 22:50:43 CEST schrieb Daniel Borkmann: >>>>>> struct task_struct *task = current; >>>>>> >>>>>> + task_lock(task); >>>>>> >>>>>> strncpy(buf, task->comm, size); >>>>>> >>>>>> + task_unlock(task); >>>>> >>>>> Wouldn't this potentially lead to a deadlock? E.g. you attach yourself >>>>> to task_lock() / spin_lock() / etc, and then the BPF prog triggers the >>>>> bpf_get_current_comm() taking the lock again ... >>>> >>>> Yes, but doesn't the same apply to the use case when I attach to strncpy() >>>> and run bpf_get_current_comm()? >>> >>> You mean due to recursion? In that case trace_call_bpf() would bail out >>> due to the bpf_prog_active counter. >> >> Ah, that's true. >> So, when someone wants to use bpf_get_current_comm() while tracing task_lock, >> we have a problem. I agree. >> On the other hand, without locking the function may return wrong results. > > it will surely race with somebody else setting task comm and it's fine. > all of bpf tracing is read-only, so locks are only allowed inside bpf core > bits like maps. Taking core locks like task_lock() is quite scary. > bpf scripts rely on bpf_probe_read() of all sorts of kernel fields > so reading comm here w/o lock is fine. Yeah, and perf_event_comm() -> perf_event_comm_event() out of __set_task_comm() is having same approach wrt comm read-out.