From: Masami Hiramatsu <mhiramat@kernel.org>
To: "Joel Fernandes (Google)" <joel@joelfernandes.org>
Cc: linux-kernel@vger.kernel.org,
Michal Gregorczyk <michalgr@live.com>,
Adrian Ratiu <adrian.ratiu@collabora.com>,
Mohammad Husain <russoue@gmail.com>,
Qais Yousef <qais.yousef@arm.com>,
Srinivas Ramana <sramana@codeaurora.org>,
duyuchao <yuchao.du@unisoc.com>,
Manjo Raja Rao <linux@manojrajarao.com>,
Karim Yaghmour <karim.yaghmour@opersys.com>,
Tamir Carmeli <carmeli.tamir@gmail.com>,
Yonghong Song <yhs@fb.com>, Alexei Starovoitov <ast@kernel.org>,
Brendan Gregg <brendan.d.gregg@gmail.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Peter Ziljstra <peterz@infradead.org>,
Steven Rostedt <rostedt@goodmis.org>,
Kees Cook <keescook@chromium.org>,
kernel-team@android.com, Daniel Borkmann <daniel@iogearbox.net>,
Ingo Molnar <mingo@redhat.com>,
netdev@vger.kernel.org
Subject: Re: [PATCH RFC] bpf: Add support for reading user pointers
Date: Mon, 6 May 2019 23:47:51 +0900 [thread overview]
Message-ID: <20190506234751.65c92139dccbfa025bdfe300@kernel.org> (raw)
In-Reply-To: <20190502204958.7868-1-joel@joelfernandes.org>
Hi Joel,
On Thu, 2 May 2019 16:49:58 -0400
"Joel Fernandes (Google)" <joel@joelfernandes.org> wrote:
> The eBPF based opensnoop tool fails to read the file path string passed
> to the do_sys_open function. This is because it is a pointer to
> userspace address and causes an -EFAULT when read with
> probe_kernel_read. This is not an issue when running the tool on x86 but
> is an issue on arm64. This patch adds a new bpf function call based
> which calls the recently proposed probe_user_read function [1].
> Using this function call from opensnoop fixes the issue on arm64.
>
> [1] https://lore.kernel.org/patchwork/patch/1051588/
Anyway, this series is still out-of-tree. We have to push this or similar
update into kernel at first. I can resend v7 on the latest -tip tree including
this patch if you update the description.
Thank you,
>
> Cc: Michal Gregorczyk <michalgr@live.com>
> Cc: Adrian Ratiu <adrian.ratiu@collabora.com>
> Cc: Mohammad Husain <russoue@gmail.com>
> Cc: Qais Yousef <qais.yousef@arm.com>
> Cc: Srinivas Ramana <sramana@codeaurora.org>
> Cc: duyuchao <yuchao.du@unisoc.com>
> Cc: Manjo Raja Rao <linux@manojrajarao.com>
> Cc: Karim Yaghmour <karim.yaghmour@opersys.com>
> Cc: Tamir Carmeli <carmeli.tamir@gmail.com>
> Cc: Yonghong Song <yhs@fb.com>
> Cc: Alexei Starovoitov <ast@kernel.org>
> Cc: Brendan Gregg <brendan.d.gregg@gmail.com>
> Cc: Masami Hiramatsu <mhiramat@kernel.org>
> Cc: Peter Ziljstra <peterz@infradead.org>
> Cc: Steven Rostedt <rostedt@goodmis.org>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: kernel-team@android.com
> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
> ---
> include/uapi/linux/bpf.h | 7 ++++++-
> kernel/trace/bpf_trace.c | 22 ++++++++++++++++++++++
> tools/include/uapi/linux/bpf.h | 7 ++++++-
> 3 files changed, 34 insertions(+), 2 deletions(-)
>
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index e99e3e6f8b37..6fec701eaa46 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -539,6 +539,10 @@ union bpf_attr {
> * @mode: operation mode (enum bpf_adj_room_mode)
> * @flags: reserved for future use
> * Return: 0 on success or negative error code
> + *
> + * int bpf_probe_read_user(void *dst, int size, void *src)
> + * Read a userspace pointer safely.
> + * Return: 0 on success or negative error
> */
> #define __BPF_FUNC_MAPPER(FN) \
> FN(unspec), \
> @@ -591,7 +595,8 @@ union bpf_attr {
> FN(get_socket_uid), \
> FN(set_hash), \
> FN(setsockopt), \
> - FN(skb_adjust_room),
> + FN(skb_adjust_room), \
> + FN(probe_read_user),
>
> /* integer value in 'imm' field of BPF_CALL instruction selects which helper
> * function eBPF program intends to call
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index dc498b605d5d..1e1a11d9faa8 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -81,6 +81,26 @@ static const struct bpf_func_proto bpf_probe_read_proto = {
> .arg3_type = ARG_ANYTHING,
> };
>
> +BPF_CALL_3(bpf_probe_read_user, void *, dst, u32, size, const void *, unsafe_ptr)
> +{
> + int ret;
> +
> + ret = probe_user_read(dst, unsafe_ptr, size);
> + if (unlikely(ret < 0))
> + memset(dst, 0, size);
> +
> + return ret;
> +}
> +
> +static const struct bpf_func_proto bpf_probe_read_user_proto = {
> + .func = bpf_probe_read_user,
> + .gpl_only = true,
> + .ret_type = RET_INTEGER,
> + .arg1_type = ARG_PTR_TO_UNINIT_MEM,
> + .arg2_type = ARG_CONST_SIZE,
> + .arg3_type = ARG_ANYTHING,
> +};
> +
> BPF_CALL_3(bpf_probe_write_user, void *, unsafe_ptr, const void *, src,
> u32, size)
> {
> @@ -459,6 +479,8 @@ static const struct bpf_func_proto *tracing_func_proto(enum bpf_func_id func_id)
> return &bpf_map_delete_elem_proto;
> case BPF_FUNC_probe_read:
> return &bpf_probe_read_proto;
> + case BPF_FUNC_probe_read_user:
> + return &bpf_probe_read_user_proto;
> case BPF_FUNC_ktime_get_ns:
> return &bpf_ktime_get_ns_proto;
> case BPF_FUNC_tail_call:
> diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h
> index e99e3e6f8b37..6fec701eaa46 100644
> --- a/tools/include/uapi/linux/bpf.h
> +++ b/tools/include/uapi/linux/bpf.h
> @@ -539,6 +539,10 @@ union bpf_attr {
> * @mode: operation mode (enum bpf_adj_room_mode)
> * @flags: reserved for future use
> * Return: 0 on success or negative error code
> + *
> + * int bpf_probe_read_user(void *dst, int size, void *src)
> + * Read a userspace pointer safely.
> + * Return: 0 on success or negative error
> */
> #define __BPF_FUNC_MAPPER(FN) \
> FN(unspec), \
> @@ -591,7 +595,8 @@ union bpf_attr {
> FN(get_socket_uid), \
> FN(set_hash), \
> FN(setsockopt), \
> - FN(skb_adjust_room),
> + FN(skb_adjust_room), \
> + FN(probe_read_user),
>
> /* integer value in 'imm' field of BPF_CALL instruction selects which helper
> * function eBPF program intends to call
> --
> 2.21.0.593.g511ec345e18-goog
>
--
Masami Hiramatsu <mhiramat@kernel.org>
next prev parent reply other threads:[~2019-05-06 14:52 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-02 20:49 [PATCH RFC] bpf: Add support for reading user pointers Joel Fernandes (Google)
2019-05-03 12:12 ` Qais Yousef
2019-05-03 13:49 ` Joel Fernandes
2019-05-03 13:54 ` Peter Zijlstra
2019-05-03 15:09 ` Joel Fernandes
2019-05-05 11:04 ` Qais Yousef
2019-05-05 13:29 ` Joel Fernandes
2019-05-05 14:46 ` Qais Yousef
2019-05-05 15:52 ` Joel Fernandes
2019-05-05 18:03 ` Joel Fernandes
2019-05-05 18:51 ` Andrii Nakryiko
2019-05-06 0:01 ` Qais Yousef
2019-05-06 18:35 ` Will Deacon
2019-05-06 20:58 ` Joel Fernandes
2019-05-06 21:57 ` Qais Yousef
2019-05-07 9:52 ` Will Deacon
2019-05-08 2:00 ` Joel Fernandes
2019-05-05 7:19 ` Alexei Starovoitov
2019-05-05 13:33 ` Joel Fernandes
2019-05-06 14:47 ` Masami Hiramatsu [this message]
2019-05-06 16:14 ` Joel Fernandes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190506234751.65c92139dccbfa025bdfe300@kernel.org \
--to=mhiramat@kernel.org \
--cc=adrian.ratiu@collabora.com \
--cc=ast@kernel.org \
--cc=brendan.d.gregg@gmail.com \
--cc=carmeli.tamir@gmail.com \
--cc=daniel@iogearbox.net \
--cc=joel@joelfernandes.org \
--cc=karim.yaghmour@opersys.com \
--cc=keescook@chromium.org \
--cc=kernel-team@android.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@manojrajarao.com \
--cc=michalgr@live.com \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=qais.yousef@arm.com \
--cc=rostedt@goodmis.org \
--cc=russoue@gmail.com \
--cc=sramana@codeaurora.org \
--cc=yhs@fb.com \
--cc=yuchao.du@unisoc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).