From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B7B7EEA6; Thu, 24 Oct 2024 02:05:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729735558; cv=none; b=k8cwKWYnbjJIFcHdBTrZ5WIE/cv3Gw9IyO0awQo2cPHs1j+qReCAedsCKM5NzlH/dwZdvkrTbt3x1WD0FeD4GnaEt1e2A5/G6qzKtE1jfCddAl7zYyDPJ/mi8ys1HQUC5VL200Oo1HUU12fZScMPaRl5k2NhzM4N5KRDJ4WdARE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729735558; c=relaxed/simple; bh=zojUPKo/a2Phs/uz9NZlQQm+PJPQVy1ZnEjHsf0HTb4=; h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=gsNpO9mWkMVxOSGKxyFu8veeq9xlE3SwxC8zhTL854+5V/bMX3P177TKU4nJY7s972YsI143lbKHs8p14gMySPSzDI+esvybTPQqP5M0bNo8G6sXDL9h10dWhjUIk3PzDr9pgEYrYU4oIjDlIONm0fNdDvVwF6FBywFyrA5Zj2M= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9805DC4CEC6; Thu, 24 Oct 2024 02:05:55 +0000 (UTC) Date: Wed, 23 Oct 2024 22:05:52 -0400 From: Steven Rostedt To: Mathieu Desnoyers Cc: Alexei Starovoitov , Jordan Rife , Arnaldo Carvalho de Melo , Alexander Shishkin , Andrii Nakryiko , Alexei Starovoitov , bpf , Joel Fernandes , LKML , Mark Rutland , Masami Hiramatsu , Ingo Molnar , Michael Jeanson , Namhyung Kim , "Paul E. McKenney" , Peter Zijlstra , syzbot+b390c8062d8387b6272a@syzkaller.appspotmail.com, Yonghong Song Subject: Re: [RFC PATCH] tracing: Fix syscall tracepoint use-after-free Message-ID: <20241023220552.74ca0c3e@rorschach.local.home> In-Reply-To: <7bcea009-b58c-4a00-b7cd-f2fc06b90a02@efficios.com> References: <20241023145640.1499722-1-jrife@google.com> <7bcea009-b58c-4a00-b7cd-f2fc06b90a02@efficios.com> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Wed, 23 Oct 2024 11:19:40 -0400 Mathieu Desnoyers wrote: > > > Looks like Mathieu patch broke bpf program contract somewhere. > > My patch series introduced this in the probe: > > #define __BPF_DECLARE_TRACE_SYSCALL(call, proto, args) \ > static notrace void \ > __bpf_trace_##call(void *__data, proto) \ > { \ > might_fault(); \ > preempt_disable_notrace(); \ Is the problem that we can call this function *after* the prog has been freed? That is, the preempt_disable_notrace() here is meaningless. Is there a way to add something here to make sure the program is still valid? Like set a flag in the link structure? (I don't know how BPF works well enough to know what is involved here, so excuse me if this is totally off) -- Steve > CONCATENATE(bpf_trace_run, COUNT_ARGS(args))(__data, CAST_TO_U64(args)); \ > preempt_enable_notrace(); \ > } >