From: Dominik Brodowski <linux@dominikbrodowski.net>
To: linux-kernel@vger.kernel.org, torvalds@linux-foundation.org,
viro@ZenIV.linux.org.uk, arnd@arndb.de,
linux-arch@vger.kernel.org
Cc: Howard McLauchlan <hmclauchlan@fb.com>
Subject: [PATCH 45/45] bpf: whitelist all syscalls for error injection
Date: Thu, 22 Mar 2018 10:00:59 +0100 [thread overview]
Message-ID: <20180322090059.19361-46-linux@dominikbrodowski.net> (raw)
In-Reply-To: <20180322090059.19361-1-linux@dominikbrodowski.net>
From: Howard McLauchlan <hmclauchlan@fb.com>
Error injection is a useful mechanism to fail arbitrary kernel
functions. However, it is often hard to guarantee an error propagates
appropriately to user space programs. By injecting into syscalls, we can
return arbitrary values to user space directly; this increases
flexibility and robustness in testing, allowing us to test user space
error paths effectively.
The following script, for example, fails calls to sys_open() from a
given pid:
from bcc import BPF
from sys import argv
pid = argv[1]
prog = r"""
int kprobe__SyS_open(struct pt_regs *ctx, const char *pathname, int flags)
{
u32 pid = bpf_get_current_pid_tgid();
if (pid == %s)
bpf_override_return(ctx, -ENOMEM);
return 0;
}
""" % pid
b = BPF(text=prog)
while 1:
b.perf_buffer_poll()
This patch whitelists all syscalls defined with SYSCALL_DEFINE and
COMPAT_SYSCALL_DEFINE for error injection. These changes are not
intended to be considered stable, and would normally be configured off.
Signed-off-by: Howard McLauchlan <hmclauchlan@fb.com>
Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
---
include/linux/compat.h | 3 +++
include/linux/syscalls.h | 3 +++
2 files changed, 6 insertions(+)
diff --git a/include/linux/compat.h b/include/linux/compat.h
index f1649a5e6716..57eb263a3bc9 100644
--- a/include/linux/compat.h
+++ b/include/linux/compat.h
@@ -33,6 +33,8 @@
#endif
#define COMPAT_SYSCALL_DEFINE0(name) \
+ asmlinkage long compat_sys_##name(void); \
+ ALLOW_ERROR_INJECTION(compat_sys_##name, ERRNO); \
asmlinkage long compat_sys_##name(void)
#define COMPAT_SYSCALL_DEFINE1(name, ...) \
@@ -51,6 +53,7 @@
#define COMPAT_SYSCALL_DEFINEx(x, name, ...) \
asmlinkage long compat_sys##name(__MAP(x,__SC_DECL,__VA_ARGS__))\
__attribute__((alias(__stringify(compat_SyS##name)))); \
+ ALLOW_ERROR_INJECTION(compat_sys##name, ERRNO); \
static inline long C_SYSC##name(__MAP(x,__SC_DECL,__VA_ARGS__));\
asmlinkage long compat_SyS##name(__MAP(x,__SC_LONG,__VA_ARGS__));\
asmlinkage long compat_SyS##name(__MAP(x,__SC_LONG,__VA_ARGS__))\
diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
index 3591c4af33d8..cc6fcd7d5b3c 100644
--- a/include/linux/syscalls.h
+++ b/include/linux/syscalls.h
@@ -191,6 +191,8 @@ static inline int is_syscall_trace_event(struct trace_event_call *tp_event)
#define SYSCALL_DEFINE0(sname) \
SYSCALL_METADATA(_##sname, 0); \
+ asmlinkage long sys_##sname(void); \
+ ALLOW_ERROR_INJECTION(sys_##sname, ERRNO); \
asmlinkage long sys_##sname(void)
#define SYSCALL_DEFINE1(name, ...) SYSCALL_DEFINEx(1, _##name, __VA_ARGS__)
@@ -210,6 +212,7 @@ static inline int is_syscall_trace_event(struct trace_event_call *tp_event)
#define __SYSCALL_DEFINEx(x, name, ...) \
asmlinkage long sys##name(__MAP(x,__SC_DECL,__VA_ARGS__)) \
__attribute__((alias(__stringify(SyS##name)))); \
+ ALLOW_ERROR_INJECTION(sys##name, ERRNO); \
static inline long SYSC##name(__MAP(x,__SC_DECL,__VA_ARGS__)); \
asmlinkage long SyS##name(__MAP(x,__SC_LONG,__VA_ARGS__)); \
asmlinkage long SyS##name(__MAP(x,__SC_LONG,__VA_ARGS__)) \
--
2.16.2
next prev parent reply other threads:[~2018-03-22 9:00 UTC|newest]
Thread overview: 120+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-22 9:00 [PATCH 00/45] remove in-kernel syscall invocations (part 3 == remainder outside arch/) Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 01/45] fs: add ksys_getdents64() helper; remove in-kernel calls to sys_getdents64() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 02/45] fs: add ksys_ioctl() helper; remove in-kernel calls to sys_ioctl() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 03/45] fs: add ksys_lseek() helper; remove in-kernel calls to sys_lseek() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 04/45] fs: add ksys_read() helper; remove in-kernel calls to sys_read() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 05/45] fs: add ksys_sync() helper; remove in-kernel calls to sys_sync() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 06/45] fs: add do_lookup_dcookie() helper; remove in-kernel call to syscall Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 07/45] fs: add do_vmsplice() " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 08/45] fs: add kern_select() helper; remove in-kernel call to sys_select() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 09/45] fs: add ksys_truncate() wrapper; remove in-kernel calls to sys_truncate() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 10/45] fs: add ksys_p{read,write}64() helpers; remove in-kernel calls to syscalls Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 11/45] fs: add ksys_fallocate() wrapper; remove in-kernel calls to sys_fallocate() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 12/45] fs: add do_compat_fcntl64() helper; remove in-kernel call to comapt syscall Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 13/45] fs: add do_compat_select() " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 14/45] fs: add do_compat_signalfd4() " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 15/45] fs: add do_compat_futimesat() " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 16/45] inotify: add do_inotify_init() helper; remove in-kernel call to syscall Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-26 12:25 ` Jan Kara
2018-03-26 12:25 ` Jan Kara
2018-03-22 9:00 ` [PATCH 17/45] fanotify: add do_fanotify_mark() " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-26 12:25 ` Jan Kara
2018-03-26 12:25 ` Jan Kara
2018-03-22 9:00 ` [PATCH 18/45] fs/quota: add kernel_quotactl() " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-26 12:26 ` Jan Kara
2018-03-26 12:26 ` Jan Kara
2018-03-22 9:00 ` [PATCH 19/45] fs/quota: use COMPAT_SYSCALL_DEFINE for sys32_quotactl() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-26 12:33 ` Jan Kara
2018-03-26 12:33 ` Jan Kara
2018-03-22 9:00 ` [PATCH 20/45] kernel: add do_compat_sigaltstack() helper; remove in-kernel call to compat syscall Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 21/45] kernel: add ksys_setsid() helper; remove in-kernel call to sys_setsid() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 22/45] kernel: provide ksys_*() wrappers for syscalls called by kernel/uid16.c Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 10:21 ` Any chance that kernel/uid6.c can go? [Was: [PATCH 22/45] kernel: provide ksys_*() wrappers for syscalls called by kernel/uid16.c] Dominik Brodowski
2018-03-22 10:21 ` Dominik Brodowski
2018-03-22 17:57 ` Linus Torvalds
2018-03-22 17:57 ` Linus Torvalds
2018-03-22 9:00 ` [PATCH 23/45] sched: add do_sched_yield() helper; remove in-kernel call to sched_yield() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 17:29 ` Peter Zijlstra
2018-03-22 17:29 ` Peter Zijlstra
2018-03-22 17:41 ` Dominik Brodowski
2018-03-22 17:41 ` Dominik Brodowski
2018-03-22 17:44 ` Linus Torvalds
2018-03-22 17:44 ` Linus Torvalds
2018-03-22 9:00 ` [PATCH 24/45] kexec: call do_kexec_load() in compat syscall directly Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 25/45] mm: add kernel_migrate_pages() helper, move compat syscall to mm/mempolicy.c Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 26/45] mm: add kernel_move_pages() helper, move compat syscall to mm/migrate.c Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 27/45] mm: add kernel_mbind() helper; remove in-kernel call to syscall Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 28/45] mm: add kernel_[sg]et_mempolicy() helpers; remove in-kernel calls to syscalls Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 29/45] mm: add ksys_readahead() helper; remove in-kernel calls to sys_readahead() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 30/45] ipc: add semtimedop syscall/compat_syscall wrappers Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 31/45] ipc: add semget syscall wrapper Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 32/45] ipc: add semctl syscall/compat_syscall wrappers Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 33/45] ipc: add msgget syscall wrapper Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 34/45] ipc: add shmget " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 35/45] ipc: add shmdt " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 36/45] ipc: add shmctl syscall/compat_syscall wrappers Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 37/45] ipc: add msgctl " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 38/45] ipc: add msgrcv " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 39/45] ipc: add msgsnd " Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` [PATCH 40/45] x86: use _do_fork() in compat_sys_x86_clone() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:26 ` Thomas Gleixner
2018-03-22 9:26 ` Thomas Gleixner
2018-03-22 9:00 ` [PATCH 41/45] x86: remove compat_sys_x86_waitpid() Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:27 ` Thomas Gleixner
2018-03-22 9:27 ` Thomas Gleixner
2018-03-22 9:00 ` [PATCH 42/45] x86: fix sys_sigreturn() return type to be long, not unsigned long Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:27 ` Thomas Gleixner
2018-03-22 9:27 ` Thomas Gleixner
2018-03-22 9:00 ` [PATCH 43/45] x86/sigreturn: use SYSCALL_DEFINE0 Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:27 ` Thomas Gleixner
2018-03-22 9:27 ` Thomas Gleixner
2018-03-22 9:00 ` [PATCH 44/45] kernel/sys_ni: sort cond_syscall() entries Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski
2018-03-22 9:00 ` Dominik Brodowski [this message]
2018-03-22 9:00 ` [PATCH 45/45] bpf: whitelist all syscalls for error injection Dominik Brodowski
2018-03-22 20:29 ` [PATCH 00/45] remove in-kernel syscall invocations (part 3 == remainder outside arch/) Linus Torvalds
2018-03-22 20:29 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180322090059.19361-46-linux@dominikbrodowski.net \
--to=linux@dominikbrodowski.net \
--cc=arnd@arndb.de \
--cc=hmclauchlan@fb.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox