* [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame. @ 2024-04-01 19:16 Kui-Feng Lee 2024-04-02 16:58 ` Andrii Nakryiko 2024-04-03 22:15 ` John Fastabend 0 siblings, 2 replies; 6+ messages in thread From: Kui-Feng Lee @ 2024-04-01 19:16 UTC (permalink / raw) To: mhiramat, martin.lau, kernel-team, andrii, linux-trace-kernel, bpf Cc: sinquersw, kuifeng, Kui-Feng Lee rethook_find_ret_addr() prints a warning message and returns 0 when the target task is running and not the "current" task to prevent returning an incorrect return address. However, this check is incomplete as the target task can still transition to the running state when finding the return address, although it is safe with RCU. The issue we encounter is that the kernel frequently prints warning messages when BPF profiling programs call to bpf_get_task_stack() on running tasks. The callers should be aware and willing to take the risk of receiving an incorrect return address from a task that is currently running other than the "current" one. A warning is not needed here as the callers are intent on it. Signed-off-by: Kui-Feng Lee <thinker.li@gmail.com> --- kernel/trace/rethook.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/rethook.c b/kernel/trace/rethook.c index fa03094e9e69..4297a132a7ae 100644 --- a/kernel/trace/rethook.c +++ b/kernel/trace/rethook.c @@ -248,7 +248,7 @@ unsigned long rethook_find_ret_addr(struct task_struct *tsk, unsigned long frame if (WARN_ON_ONCE(!cur)) return 0; - if (WARN_ON_ONCE(tsk != current && task_is_running(tsk))) + if (tsk != current && task_is_running(tsk)) return 0; do { -- 2.34.1 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame. 2024-04-01 19:16 [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame Kui-Feng Lee @ 2024-04-02 16:58 ` Andrii Nakryiko 2024-04-03 14:36 ` Daniel Borkmann 2024-04-03 22:15 ` John Fastabend 1 sibling, 1 reply; 6+ messages in thread From: Andrii Nakryiko @ 2024-04-02 16:58 UTC (permalink / raw) To: Kui-Feng Lee Cc: mhiramat, martin.lau, kernel-team, andrii, linux-trace-kernel, bpf, sinquersw, kuifeng On Mon, Apr 1, 2024 at 12:16 PM Kui-Feng Lee <thinker.li@gmail.com> wrote: > > rethook_find_ret_addr() prints a warning message and returns 0 when the > target task is running and not the "current" task to prevent returning an > incorrect return address. However, this check is incomplete as the target > task can still transition to the running state when finding the return > address, although it is safe with RCU. > > The issue we encounter is that the kernel frequently prints warning > messages when BPF profiling programs call to bpf_get_task_stack() on > running tasks. > > The callers should be aware and willing to take the risk of receiving an > incorrect return address from a task that is currently running other than > the "current" one. A warning is not needed here as the callers are intent > on it. > > Signed-off-by: Kui-Feng Lee <thinker.li@gmail.com> > --- > kernel/trace/rethook.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/trace/rethook.c b/kernel/trace/rethook.c > index fa03094e9e69..4297a132a7ae 100644 > --- a/kernel/trace/rethook.c > +++ b/kernel/trace/rethook.c > @@ -248,7 +248,7 @@ unsigned long rethook_find_ret_addr(struct task_struct *tsk, unsigned long frame > if (WARN_ON_ONCE(!cur)) > return 0; > > - if (WARN_ON_ONCE(tsk != current && task_is_running(tsk))) > + if (tsk != current && task_is_running(tsk)) > return 0; > This should probably go through Masami's tree, but the change makes sense to me, given this is an expected condition. Acked-by: Andrii Nakryiko <andrii@kernel.org> > do { > -- > 2.34.1 > > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame. 2024-04-02 16:58 ` Andrii Nakryiko @ 2024-04-03 14:36 ` Daniel Borkmann 2024-04-08 1:13 ` Masami Hiramatsu 0 siblings, 1 reply; 6+ messages in thread From: Daniel Borkmann @ 2024-04-03 14:36 UTC (permalink / raw) To: Andrii Nakryiko, Kui-Feng Lee Cc: mhiramat, martin.lau, kernel-team, andrii, linux-trace-kernel, bpf, sinquersw, kuifeng On 4/2/24 6:58 PM, Andrii Nakryiko wrote: > On Mon, Apr 1, 2024 at 12:16 PM Kui-Feng Lee <thinker.li@gmail.com> wrote: >> >> rethook_find_ret_addr() prints a warning message and returns 0 when the >> target task is running and not the "current" task to prevent returning an >> incorrect return address. However, this check is incomplete as the target >> task can still transition to the running state when finding the return >> address, although it is safe with RCU. >> >> The issue we encounter is that the kernel frequently prints warning >> messages when BPF profiling programs call to bpf_get_task_stack() on >> running tasks. >> >> The callers should be aware and willing to take the risk of receiving an >> incorrect return address from a task that is currently running other than >> the "current" one. A warning is not needed here as the callers are intent >> on it. >> >> Signed-off-by: Kui-Feng Lee <thinker.li@gmail.com> >> --- >> kernel/trace/rethook.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/kernel/trace/rethook.c b/kernel/trace/rethook.c >> index fa03094e9e69..4297a132a7ae 100644 >> --- a/kernel/trace/rethook.c >> +++ b/kernel/trace/rethook.c >> @@ -248,7 +248,7 @@ unsigned long rethook_find_ret_addr(struct task_struct *tsk, unsigned long frame >> if (WARN_ON_ONCE(!cur)) >> return 0; >> >> - if (WARN_ON_ONCE(tsk != current && task_is_running(tsk))) >> + if (tsk != current && task_is_running(tsk)) >> return 0; >> > > This should probably go through Masami's tree, but the change makes > sense to me, given this is an expected condition. > > Acked-by: Andrii Nakryiko <andrii@kernel.org> Masami, I assume you'll pick this up? Thanks, Daniel ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame. 2024-04-03 14:36 ` Daniel Borkmann @ 2024-04-08 1:13 ` Masami Hiramatsu 2024-04-08 17:16 ` Kui-Feng Lee 0 siblings, 1 reply; 6+ messages in thread From: Masami Hiramatsu @ 2024-04-08 1:13 UTC (permalink / raw) To: Daniel Borkmann Cc: Andrii Nakryiko, Kui-Feng Lee, mhiramat, martin.lau, kernel-team, andrii, linux-trace-kernel, bpf, sinquersw, kuifeng On Wed, 3 Apr 2024 16:36:25 +0200 Daniel Borkmann <daniel@iogearbox.net> wrote: > On 4/2/24 6:58 PM, Andrii Nakryiko wrote: > > On Mon, Apr 1, 2024 at 12:16 PM Kui-Feng Lee <thinker.li@gmail.com> wrote: > >> > >> rethook_find_ret_addr() prints a warning message and returns 0 when the > >> target task is running and not the "current" task to prevent returning an > >> incorrect return address. However, this check is incomplete as the target > >> task can still transition to the running state when finding the return > >> address, although it is safe with RCU. Could you tell me more about this last part? This change just remove WARN_ON_ONCE() which warns that the user tries to unwind stack of a running task. This means the task can change the stack in parallel if the task is running on other CPU. Does the BPF stop the task? or do you have any RCU magic to copy the stack? > >> > >> The issue we encounter is that the kernel frequently prints warning > >> messages when BPF profiling programs call to bpf_get_task_stack() on > >> running tasks. Hmm, WARN_ON_ONCE should print it once, not frequently. > >> > >> The callers should be aware and willing to take the risk of receiving an > >> incorrect return address from a task that is currently running other than > >> the "current" one. A warning is not needed here as the callers are intent > >> on it. > >> > >> Signed-off-by: Kui-Feng Lee <thinker.li@gmail.com> > >> --- > >> kernel/trace/rethook.c | 2 +- > >> 1 file changed, 1 insertion(+), 1 deletion(-) > >> > >> diff --git a/kernel/trace/rethook.c b/kernel/trace/rethook.c > >> index fa03094e9e69..4297a132a7ae 100644 > >> --- a/kernel/trace/rethook.c > >> +++ b/kernel/trace/rethook.c > >> @@ -248,7 +248,7 @@ unsigned long rethook_find_ret_addr(struct task_struct *tsk, unsigned long frame > >> if (WARN_ON_ONCE(!cur)) > >> return 0; > >> > >> - if (WARN_ON_ONCE(tsk != current && task_is_running(tsk))) > >> + if (tsk != current && task_is_running(tsk)) > >> return 0; > >> > > > > This should probably go through Masami's tree, but the change makes > > sense to me, given this is an expected condition. > > > > Acked-by: Andrii Nakryiko <andrii@kernel.org> > > Masami, I assume you'll pick this up? OK, anyway it will just return 0 if this situation happens, and caller will get the trampoline address instead of correct return address in this case. I think it does not do any unsafe things. So I agree removing it. But I think the explanation is a bit confusing. Thank you, > > Thanks, > Daniel -- Masami Hiramatsu (Google) <mhiramat@kernel.org> ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame. 2024-04-08 1:13 ` Masami Hiramatsu @ 2024-04-08 17:16 ` Kui-Feng Lee 0 siblings, 0 replies; 6+ messages in thread From: Kui-Feng Lee @ 2024-04-08 17:16 UTC (permalink / raw) To: Masami Hiramatsu (Google), Daniel Borkmann Cc: Andrii Nakryiko, Kui-Feng Lee, martin.lau, kernel-team, andrii, linux-trace-kernel, bpf, kuifeng On 4/7/24 18:13, Masami Hiramatsu (Google) wrote: > On Wed, 3 Apr 2024 16:36:25 +0200 > Daniel Borkmann <daniel@iogearbox.net> wrote: > >> On 4/2/24 6:58 PM, Andrii Nakryiko wrote: >>> On Mon, Apr 1, 2024 at 12:16 PM Kui-Feng Lee <thinker.li@gmail.com> wrote: >>>> >>>> rethook_find_ret_addr() prints a warning message and returns 0 when the >>>> target task is running and not the "current" task to prevent returning an >>>> incorrect return address. However, this check is incomplete as the target >>>> task can still transition to the running state when finding the return >>>> address, although it is safe with RCU. > > Could you tell me more about this last part? This change just remove > WARN_ON_ONCE() which warns that the user tries to unwind stack of a running > task. This means the task can change the stack in parallel if the task is > running on other CPU. > Does the BPF stop the task? or do you have any RCU magic to copy the stack? No, the BPF doesn't stop the task or copy the stack. The last part tries to explain that this function can still return an incorrect address even with this check. And calling this function on a target task that is not "current" is safe. Since you think it is confusing. I will remove this part. > >>>> >>>> The issue we encounter is that the kernel frequently prints warning >>>> messages when BPF profiling programs call to bpf_get_task_stack() on >>>> running tasks. > > Hmm, WARN_ON_ONCE should print it once, not frequently. You are right! I should rephrase it. In a firm with a large number of hosts, this warning message become a noise. > >>>> >>>> The callers should be aware and willing to take the risk of receiving an >>>> incorrect return address from a task that is currently running other than >>>> the "current" one. A warning is not needed here as the callers are intent >>>> on it. >>>> >>>> Signed-off-by: Kui-Feng Lee <thinker.li@gmail.com> >>>> --- >>>> kernel/trace/rethook.c | 2 +- >>>> 1 file changed, 1 insertion(+), 1 deletion(-) >>>> >>>> diff --git a/kernel/trace/rethook.c b/kernel/trace/rethook.c >>>> index fa03094e9e69..4297a132a7ae 100644 >>>> --- a/kernel/trace/rethook.c >>>> +++ b/kernel/trace/rethook.c >>>> @@ -248,7 +248,7 @@ unsigned long rethook_find_ret_addr(struct task_struct *tsk, unsigned long frame >>>> if (WARN_ON_ONCE(!cur)) >>>> return 0; >>>> >>>> - if (WARN_ON_ONCE(tsk != current && task_is_running(tsk))) >>>> + if (tsk != current && task_is_running(tsk)) >>>> return 0; >>>> >>> >>> This should probably go through Masami's tree, but the change makes >>> sense to me, given this is an expected condition. >>> >>> Acked-by: Andrii Nakryiko <andrii@kernel.org> >> >> Masami, I assume you'll pick this up? > > OK, anyway it will just return 0 if this situation happens, and caller will > get the trampoline address instead of correct return address in this case. > I think it does not do any unsafe things. So I agree removing it. > But I think the explanation is a bit confusing. > > Thank you, > >> >> Thanks, >> Daniel > > ^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame. 2024-04-01 19:16 [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame Kui-Feng Lee 2024-04-02 16:58 ` Andrii Nakryiko @ 2024-04-03 22:15 ` John Fastabend 1 sibling, 0 replies; 6+ messages in thread From: John Fastabend @ 2024-04-03 22:15 UTC (permalink / raw) To: Kui-Feng Lee, mhiramat, martin.lau, kernel-team, andrii, linux-trace-kernel, bpf Cc: sinquersw, kuifeng, Kui-Feng Lee Kui-Feng Lee wrote: > rethook_find_ret_addr() prints a warning message and returns 0 when the > target task is running and not the "current" task to prevent returning an > incorrect return address. However, this check is incomplete as the target > task can still transition to the running state when finding the return > address, although it is safe with RCU. > > The issue we encounter is that the kernel frequently prints warning > messages when BPF profiling programs call to bpf_get_task_stack() on > running tasks. > > The callers should be aware and willing to take the risk of receiving an > incorrect return address from a task that is currently running other than > the "current" one. A warning is not needed here as the callers are intent > on it. > > Signed-off-by: Kui-Feng Lee <thinker.li@gmail.com> > --- > kernel/trace/rethook.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/trace/rethook.c b/kernel/trace/rethook.c > index fa03094e9e69..4297a132a7ae 100644 > --- a/kernel/trace/rethook.c > +++ b/kernel/trace/rethook.c > @@ -248,7 +248,7 @@ unsigned long rethook_find_ret_addr(struct task_struct *tsk, unsigned long frame > if (WARN_ON_ONCE(!cur)) > return 0; > > - if (WARN_ON_ONCE(tsk != current && task_is_running(tsk))) > + if (tsk != current && task_is_running(tsk)) > return 0; > > do { > -- > 2.34.1 > > Acked-by: John Fastabend <john.fastabend@gmail.com> ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-04-08 17:16 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2024-04-01 19:16 [PATCH bpf-next] rethook: Remove warning messages printed for finding return address of a frame Kui-Feng Lee 2024-04-02 16:58 ` Andrii Nakryiko 2024-04-03 14:36 ` Daniel Borkmann 2024-04-08 1:13 ` Masami Hiramatsu 2024-04-08 17:16 ` Kui-Feng Lee 2024-04-03 22:15 ` John Fastabend
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).