From: Alexei Starovoitov <ast-uqk4Ao+rVK5Wk0Htik3J/w@public.gmane.org>
To: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
David Laight
<David.Laight-ZS65k/vG3HxXrIkS9f7CXA@public.gmane.org>
Cc: Steven Rostedt <rostedt-nx8X9YLhiw1AfugRpC6u6w@public.gmane.org>,
Namhyung Kim <namhyung-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Arnaldo Carvalho de Melo
<acme-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
Jiri Olsa <jolsa-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Masami Hiramatsu
<masami.hiramatsu.pt-FCd8Q96Dh0JBDgjK7y7TUQ@public.gmane.org>,
"David S. Miller" <davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>,
Daniel Borkmann <daniel-FeC+5ew28dpmcu3hnIyYJQ@public.gmane.org>,
Peter Zijlstra
<a.p.zijlstra-/NLkJaSkS4VmR6Xm/wNWPw@public.gmane.org>,
"linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [PATCH v10 tip 5/9] tracing: allow BPF programs to call bpf_trace_printk()
Date: Mon, 23 Mar 2015 10:50:09 -0700 [thread overview]
Message-ID: <55105251.6070807@plumgrid.com> (raw)
In-Reply-To: <20150323120753.GA22560-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
On 3/23/15 5:07 AM, Ingo Molnar wrote:
>
> * David Laight <David.Laight-ZS65k/vG3HxXrIkS9f7CXA@public.gmane.org> wrote:
>
>> From: Alexei Starovoitov
>>> Debugging of BPF programs needs some form of printk from the program,
>>> so let programs call limited trace_printk() with %d %u %x %p modifiers only.
>>
>> Should anyone be allowed to use BPF programs to determine the kernel
>> addresses of any items?
>> Looks as though it is leaking kernel addresses to userspace.
>> Note that the problem is with the arguments, not the format string.
>
> All of these are privileged operations - inherent if you are trying to
> debug the kernel.
yep.
There is a plan to add 'pointer leak detector' to bpf verifier and
'constant blinding' pass, so in the future we may let unprivileged
users load programs. seccomp will be first such user. But it will
take long time.
next prev parent reply other threads:[~2015-03-23 17:50 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-22 19:39 [PATCH v10 tip 0/9] tracing: attach eBPF programs to kprobes Alexei Starovoitov
2015-03-22 19:39 ` [PATCH v10 tip 1/9] bpf: make internal bpf API independent of CONFIG_BPF_SYSCALL ifdefs Alexei Starovoitov
[not found] ` <1427053150-32213-1-git-send-email-ast-uqk4Ao+rVK5Wk0Htik3J/w@public.gmane.org>
2015-03-22 19:39 ` [PATCH v10 tip 2/9] tracing: add kprobe flag Alexei Starovoitov
2015-03-22 19:39 ` [PATCH v10 tip 3/9] tracing: attach BPF programs to kprobes Alexei Starovoitov
2015-03-23 2:14 ` Masami Hiramatsu
2015-03-22 19:39 ` [PATCH v10 tip 4/9] tracing: allow BPF programs to call bpf_ktime_get_ns() Alexei Starovoitov
2015-03-22 19:39 ` [PATCH v10 tip 5/9] tracing: allow BPF programs to call bpf_trace_printk() Alexei Starovoitov
2015-03-23 11:37 ` David Laight
[not found] ` <063D6719AE5E284EB5DD2968C1650D6D1CB07731-VkEWCZq2GCInGFn1LkZF6NBPR1lH4CV8@public.gmane.org>
2015-03-23 12:07 ` Ingo Molnar
[not found] ` <20150323120753.GA22560-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-03-23 17:50 ` Alexei Starovoitov [this message]
2015-03-22 19:39 ` [PATCH v10 tip 6/9] samples: bpf: simple non-portable kprobe filter example Alexei Starovoitov
2015-03-22 19:39 ` [PATCH v10 tip 7/9] samples: bpf: counting example for kfree_skb and write syscall Alexei Starovoitov
2015-03-22 19:39 ` [PATCH v10 tip 8/9] samples: bpf: IO latency analysis (iosnoop/heatmap) Alexei Starovoitov
2015-03-22 19:39 ` [PATCH v10 tip 9/9] samples: bpf: kmem_alloc/free tracker Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55105251.6070807@plumgrid.com \
--to=ast-uqk4ao+rvk5wk0htik3j/w@public.gmane.org \
--cc=David.Laight-ZS65k/vG3HxXrIkS9f7CXA@public.gmane.org \
--cc=a.p.zijlstra-/NLkJaSkS4VmR6Xm/wNWPw@public.gmane.org \
--cc=acme-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=daniel-FeC+5ew28dpmcu3hnIyYJQ@public.gmane.org \
--cc=davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org \
--cc=jolsa-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=masami.hiramatsu.pt-FCd8Q96Dh0JBDgjK7y7TUQ@public.gmane.org \
--cc=mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=namhyung-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=rostedt-nx8X9YLhiw1AfugRpC6u6w@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).