* [PATCH bpf 1/2] bpf: Add override check to kprobe multi link attach
@ 2023-09-07 20:06 Jiri Olsa
2023-09-08 13:48 ` Alan Maguire
2023-09-09 0:00 ` patchwork-bot+netdevbpf
0 siblings, 2 replies; 5+ messages in thread
From: Jiri Olsa @ 2023-09-07 20:06 UTC (permalink / raw)
To: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko
Cc: stable, bpf, Martin KaFai Lau, Song Liu, Yonghong Song,
John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo,
Djalal Harouni
Currently the multi_kprobe link attach does not check error
injection list for programs with bpf_override_return helper
and allows them to attach anywhere. Adding the missing check.
Cc: stable@vger.kernel.org
Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
---
kernel/trace/bpf_trace.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index a7264b2c17ad..c1c1af63ced2 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -2853,6 +2853,17 @@ static int get_modules_for_addrs(struct module ***mods, unsigned long *addrs, u3
return arr.mods_cnt;
}
+static int addrs_check_error_injection_list(unsigned long *addrs, u32 cnt)
+{
+ u32 i;
+
+ for (i = 0; i < cnt; i++) {
+ if (!within_error_injection_list(addrs[i]))
+ return -EINVAL;
+ }
+ return 0;
+}
+
int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
{
struct bpf_kprobe_multi_link *link = NULL;
@@ -2930,6 +2941,11 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
goto error;
}
+ if (prog->kprobe_override && addrs_check_error_injection_list(addrs, cnt)) {
+ err = -EINVAL;
+ goto error;
+ }
+
link = kzalloc(sizeof(*link), GFP_KERNEL);
if (!link) {
err = -ENOMEM;
--
2.41.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH bpf 1/2] bpf: Add override check to kprobe multi link attach
2023-09-07 20:06 [PATCH bpf 1/2] bpf: Add override check to kprobe multi link attach Jiri Olsa
@ 2023-09-08 13:48 ` Alan Maguire
2023-09-08 23:50 ` Andrii Nakryiko
2023-09-09 0:00 ` patchwork-bot+netdevbpf
1 sibling, 1 reply; 5+ messages in thread
From: Alan Maguire @ 2023-09-08 13:48 UTC (permalink / raw)
To: Jiri Olsa, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko
Cc: stable, bpf, Martin KaFai Lau, Song Liu, Yonghong Song,
John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo,
Djalal Harouni
On 07/09/2023 21:06, Jiri Olsa wrote:
> Currently the multi_kprobe link attach does not check error
> injection list for programs with bpf_override_return helper
> and allows them to attach anywhere. Adding the missing check.
>
> Cc: stable@vger.kernel.org
> Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
> Signed-off-by: Jiri Olsa <jolsa@kernel.org>
For the series,
Reviewed-by: Alan Maguire <alan.maguire@oracle.com>
...with one small question below...
> ---
> kernel/trace/bpf_trace.c | 16 ++++++++++++++++
> 1 file changed, 16 insertions(+)
>
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index a7264b2c17ad..c1c1af63ced2 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -2853,6 +2853,17 @@ static int get_modules_for_addrs(struct module ***mods, unsigned long *addrs, u3
> return arr.mods_cnt;
> }
>
> +static int addrs_check_error_injection_list(unsigned long *addrs, u32 cnt)
> +{
> + u32 i;
> +
> + for (i = 0; i < cnt; i++) {
> + if (!within_error_injection_list(addrs[i]))
> + return -EINVAL;
do we need a check like trace_kprobe_on_func_entry() to verify that
it's a combination of function entry+kprobe override, or is that
handled elsewhere/not needed? perf_event_attach_bpf_prog() does
/*
* Kprobe override only works if they are on the function entry,
* and only if they are on the opt-in list.
*/
if (prog->kprobe_override &&
(!trace_kprobe_on_func_entry(event->tp_event) ||
!trace_kprobe_error_injectable(event->tp_event)))
return -EINVAL;
if this is needed, it might be good to augment the selftest to
cover the case of specifying non-entry+kprobe override. thanks!
Alan
> + return 0;
> +}
> +
> int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
> {
> struct bpf_kprobe_multi_link *link = NULL;
> @@ -2930,6 +2941,11 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
> goto error;
> }
>
> + if (prog->kprobe_override && addrs_check_error_injection_list(addrs, cnt)) {
> + err = -EINVAL;
> + goto error;
> + }
> +
> link = kzalloc(sizeof(*link), GFP_KERNEL);
> if (!link) {
> err = -ENOMEM;
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH bpf 1/2] bpf: Add override check to kprobe multi link attach
2023-09-08 13:48 ` Alan Maguire
@ 2023-09-08 23:50 ` Andrii Nakryiko
2023-09-09 18:51 ` Jiri Olsa
0 siblings, 1 reply; 5+ messages in thread
From: Andrii Nakryiko @ 2023-09-08 23:50 UTC (permalink / raw)
To: Alan Maguire
Cc: Jiri Olsa, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko,
stable, bpf, Martin KaFai Lau, Song Liu, Yonghong Song,
John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo,
Djalal Harouni
On Fri, Sep 8, 2023 at 6:49 AM Alan Maguire <alan.maguire@oracle.com> wrote:
>
> On 07/09/2023 21:06, Jiri Olsa wrote:
> > Currently the multi_kprobe link attach does not check error
> > injection list for programs with bpf_override_return helper
> > and allows them to attach anywhere. Adding the missing check.
> >
> > Cc: stable@vger.kernel.org
> > Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
> > Signed-off-by: Jiri Olsa <jolsa@kernel.org>
>
> For the series,
>
> Reviewed-by: Alan Maguire <alan.maguire@oracle.com>
>
> ...with one small question below...
>
> > ---
> > kernel/trace/bpf_trace.c | 16 ++++++++++++++++
> > 1 file changed, 16 insertions(+)
> >
> > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> > index a7264b2c17ad..c1c1af63ced2 100644
> > --- a/kernel/trace/bpf_trace.c
> > +++ b/kernel/trace/bpf_trace.c
> > @@ -2853,6 +2853,17 @@ static int get_modules_for_addrs(struct module ***mods, unsigned long *addrs, u3
> > return arr.mods_cnt;
> > }
> >
> > +static int addrs_check_error_injection_list(unsigned long *addrs, u32 cnt)
> > +{
> > + u32 i;
> > +
> > + for (i = 0; i < cnt; i++) {
> > + if (!within_error_injection_list(addrs[i]))
> > + return -EINVAL;
>
> do we need a check like trace_kprobe_on_func_entry() to verify that
> it's a combination of function entry+kprobe override, or is that
> handled elsewhere/not needed? perf_event_attach_bpf_prog() does
multi-kprobe programs are always attached at function entry, so I
believe it's not necessary?
>
> /*
> * Kprobe override only works if they are on the function entry,
> * and only if they are on the opt-in list.
> */
> if (prog->kprobe_override &&
> (!trace_kprobe_on_func_entry(event->tp_event) ||
> !trace_kprobe_error_injectable(event->tp_event)))
> return -EINVAL;
>
>
> if this is needed, it might be good to augment the selftest to
> cover the case of specifying non-entry+kprobe override. thanks!
>
> Alan
>
>
> > + return 0;
> > +}
> > +
> > int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
> > {
> > struct bpf_kprobe_multi_link *link = NULL;
> > @@ -2930,6 +2941,11 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
> > goto error;
> > }
> >
> > + if (prog->kprobe_override && addrs_check_error_injection_list(addrs, cnt)) {
> > + err = -EINVAL;
> > + goto error;
> > + }
> > +
> > link = kzalloc(sizeof(*link), GFP_KERNEL);
> > if (!link) {
> > err = -ENOMEM;
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH bpf 1/2] bpf: Add override check to kprobe multi link attach
2023-09-07 20:06 [PATCH bpf 1/2] bpf: Add override check to kprobe multi link attach Jiri Olsa
2023-09-08 13:48 ` Alan Maguire
@ 2023-09-09 0:00 ` patchwork-bot+netdevbpf
1 sibling, 0 replies; 5+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-09-09 0:00 UTC (permalink / raw)
To: Jiri Olsa
Cc: ast, daniel, andrii, stable, bpf, kafai, songliubraving, yhs,
john.fastabend, kpsingh, sdf, haoluo, tixxdz
Hello:
This series was applied to bpf/bpf.git (master)
by Andrii Nakryiko <andrii@kernel.org>:
On Thu, 7 Sep 2023 22:06:51 +0200 you wrote:
> Currently the multi_kprobe link attach does not check error
> injection list for programs with bpf_override_return helper
> and allows them to attach anywhere. Adding the missing check.
>
> Cc: stable@vger.kernel.org
> Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
> Signed-off-by: Jiri Olsa <jolsa@kernel.org>
>
> [...]
Here is the summary with links:
- [bpf,1/2] bpf: Add override check to kprobe multi link attach
https://git.kernel.org/bpf/bpf/c/41bc46c12a80
- [bpf,2/2] selftests/bpf: Add kprobe_multi override test
https://git.kernel.org/bpf/bpf/c/7182e56411b9
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH bpf 1/2] bpf: Add override check to kprobe multi link attach
2023-09-08 23:50 ` Andrii Nakryiko
@ 2023-09-09 18:51 ` Jiri Olsa
0 siblings, 0 replies; 5+ messages in thread
From: Jiri Olsa @ 2023-09-09 18:51 UTC (permalink / raw)
To: Andrii Nakryiko
Cc: Alan Maguire, Alexei Starovoitov, Daniel Borkmann,
Andrii Nakryiko, stable, bpf, Martin KaFai Lau, Song Liu,
Yonghong Song, John Fastabend, KP Singh, Stanislav Fomichev,
Hao Luo, Djalal Harouni
On Fri, Sep 08, 2023 at 04:50:54PM -0700, Andrii Nakryiko wrote:
> On Fri, Sep 8, 2023 at 6:49 AM Alan Maguire <alan.maguire@oracle.com> wrote:
> >
> > On 07/09/2023 21:06, Jiri Olsa wrote:
> > > Currently the multi_kprobe link attach does not check error
> > > injection list for programs with bpf_override_return helper
> > > and allows them to attach anywhere. Adding the missing check.
> > >
> > > Cc: stable@vger.kernel.org
> > > Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
> > > Signed-off-by: Jiri Olsa <jolsa@kernel.org>
> >
> > For the series,
> >
> > Reviewed-by: Alan Maguire <alan.maguire@oracle.com>
> >
> > ...with one small question below...
> >
> > > ---
> > > kernel/trace/bpf_trace.c | 16 ++++++++++++++++
> > > 1 file changed, 16 insertions(+)
> > >
> > > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> > > index a7264b2c17ad..c1c1af63ced2 100644
> > > --- a/kernel/trace/bpf_trace.c
> > > +++ b/kernel/trace/bpf_trace.c
> > > @@ -2853,6 +2853,17 @@ static int get_modules_for_addrs(struct module ***mods, unsigned long *addrs, u3
> > > return arr.mods_cnt;
> > > }
> > >
> > > +static int addrs_check_error_injection_list(unsigned long *addrs, u32 cnt)
> > > +{
> > > + u32 i;
> > > +
> > > + for (i = 0; i < cnt; i++) {
> > > + if (!within_error_injection_list(addrs[i]))
> > > + return -EINVAL;
> >
> > do we need a check like trace_kprobe_on_func_entry() to verify that
> > it's a combination of function entry+kprobe override, or is that
> > handled elsewhere/not needed? perf_event_attach_bpf_prog() does
>
> multi-kprobe programs are always attached at function entry, so I
> believe it's not necessary?
yes, fprobe allows only function entry.. should have put it in comment
thanks,
jirka
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-09-09 18:51 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-07 20:06 [PATCH bpf 1/2] bpf: Add override check to kprobe multi link attach Jiri Olsa
2023-09-08 13:48 ` Alan Maguire
2023-09-08 23:50 ` Andrii Nakryiko
2023-09-09 18:51 ` Jiri Olsa
2023-09-09 0:00 ` patchwork-bot+netdevbpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox