From: Yonghong Song <yhs@fb.com>
To: Liam Howlett <liam.howlett@oracle.com>,
Alexei Starovoitov <alexei.starovoitov@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Luigi Rizzo <lrizzo@google.com>,
Peter Zijlstra <peterz@infradead.org>,
Jason Gunthorpe <jgg@ziepe.ca>,
Daniel Borkmann <daniel@iogearbox.net>, bpf <bpf@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Alexei Starovoitov <ast@kernel.org>,
Andrii Nakryiko <andrii@kernel.org>,
"kernel-team@fb.com" <kernel-team@fb.com>,
"walken@fb.com" <walken@fb.com>
Subject: Re: [PATCH mm/bpf v2] mm: bpf: add find_vma_no_check() without lockdep_assert on mm->mmap_lock
Date: Wed, 8 Sep 2021 11:45:14 -0700 [thread overview]
Message-ID: <97b17544-b572-30b4-bc2f-6e7b77892a39@fb.com> (raw)
In-Reply-To: <20210908183032.zoh6dj5xh455z47f@revolver>
On 9/8/21 11:30 AM, Liam Howlett wrote:
> * Alexei Starovoitov <alexei.starovoitov@gmail.com> [210908 14:21]:
>> On Wed, Sep 8, 2021 at 11:15 AM Andrew Morton <akpm@linux-foundation.org> wrote:
>>>
>>> On Wed, 8 Sep 2021 11:02:58 -0700 Alexei Starovoitov <alexei.starovoitov@gmail.com> wrote:
>>>
>>>>> Please describe the expected userspace-visible change from Peter's
>>>>> patch in full detail?
>>>>
>>>> User space expects build_id to be available. Peter patch simply removes
>>>> that feature.
>>>
>>> Are you sure? He ends up with
>>
>> More than sure :)
>> Just look at below.
>>
>>> static void stack_map_get_build_id_offset(struct bpf_stack_build_id *id_offs,
>>> u64 *ips, u32 trace_nr, bool user)
>>> {
>>> int i;
>>>
>>> /* cannot access current->mm, fall back to ips */
>>> for (i = 0; i < trace_nr; i++) {
>>> id_offs[i].status = BPF_STACK_BUILD_ID_IP;
>>> id_offs[i].ip = ips[i];
>>> memset(id_offs[i].build_id, 0, BUILD_ID_SIZE_MAX);
>>> }
>>> return;
>>> }
>>>
>>> and you're saying that userspace won't like this because we didn't set
>>> BPF_STACK_BUILD_ID_VALID?
>>
>> The patch forces the "fallback path" that in production is seen 0.001%
>> Meaning that user space doesn't see build_id any more. It sees IPs only.
>> The user space cannot correlate IPs to binaries. That's what build_id enabled.
>
> I was thinking of decomposing the checks in my first response to two
> functions.
>
> Something like this:
> --------------
> diff --git a/mm/mmap.c b/mm/mmap.c
> index dce46105e3df..8afc1d22aa61 100644
> --- a/mm/mmap.c
> +++ b/mm/mmap.c
> @@ -2293,12 +2293,13 @@ get_unmapped_area(struct file *file, unsigned long addr, unsigned long len,
> EXPORT_SYMBOL(get_unmapped_area);
>
> /* Look up the first VMA which satisfies addr < vm_end, NULL if none. */
> -struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr)
> +struct vm_area_struct *find_vma_non_owner(struct mm_struct *mm,
> + unsigned long addr)
> {
> struct rb_node *rb_node;
> struct vm_area_struct *vma;
>
> - mmap_assert_locked(mm);
> + VM_BUG_ON_MM(!rwsem_is_locked(&mm->mmap_lock), mm);
> /* Check the cache first. */
> vma = vmacache_find(mm, addr);
> if (likely(vma))
> @@ -2325,6 +2326,11 @@ struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr)
> return vma;
> }
>
> +struct vm_area_struct *find_vma(struct mm_struct *mm, unsigned long addr)
> +{
> + lockdep_assert_held(&mm->mmap_lock);
> + return find_vma_non_owner(mm, addr);
> +}
> EXPORT_SYMBOL(find_vma);
>
> /*
>
> --------------
>
> Although this leaks more into the mm API and was referred to as ugly
> previously, it does provide a working solution and still maintains the
> same level of checking.
>
> Would it push the back actors to just switch to non_owner though?
Thanks, Liam. This should work for bpf side as well as we can just call
find_vma_no_owner(). I will submit v3 soon.
>
>
> Thanks,
> Liam
>
next prev parent reply other threads:[~2021-09-08 18:46 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-08 4:44 [PATCH mm/bpf v2] mm: bpf: add find_vma_no_check() without lockdep_assert on mm->mmap_lock Yonghong Song
2021-09-08 12:20 ` Daniel Borkmann
2021-09-08 13:53 ` Jason Gunthorpe
2021-09-08 14:15 ` Peter Zijlstra
2021-09-08 14:43 ` Luigi Rizzo
2021-09-08 15:12 ` Liam Howlett
2021-09-08 16:09 ` Yonghong Song
2021-09-08 17:09 ` Luigi Rizzo
2021-09-08 17:21 ` Alexei Starovoitov
2021-09-08 17:52 ` Andrew Morton
2021-09-08 18:02 ` Alexei Starovoitov
2021-09-08 18:15 ` Andrew Morton
2021-09-08 18:20 ` Alexei Starovoitov
2021-09-08 18:30 ` Liam Howlett
2021-09-08 18:45 ` Yonghong Song [this message]
2021-09-08 18:49 ` Jason Gunthorpe
2021-09-08 19:11 ` Yonghong Song
2021-09-08 23:33 ` Jason Gunthorpe
2021-09-09 5:50 ` Yonghong Song
2021-09-09 8:05 ` Peter Zijlstra
2021-09-08 18:43 ` Liam Howlett
2021-09-08 19:42 ` Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=97b17544-b572-30b4-bc2f-6e7b77892a39@fb.com \
--to=yhs@fb.com \
--cc=akpm@linux-foundation.org \
--cc=alexei.starovoitov@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jgg@ziepe.ca \
--cc=kernel-team@fb.com \
--cc=liam.howlett@oracle.com \
--cc=linux-mm@kvack.org \
--cc=lrizzo@google.com \
--cc=peterz@infradead.org \
--cc=walken@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox