| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180312230625.cea180f66d44dc1ea4930fa7@kernel.org>
Date: Mon, 12 Mar 2018 23:06:25 +0900
From: Masami Hiramatsu <mhiramat@...nel.org>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: Alexei Starovoitov <ast@...com>, Josef Bacik <jbacik@...com>,
rostedt@...dmis.org, mingo@...hat.com, davem@...emloft.net,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
ast@...nel.org, kernel-team@...com, linux-btrfs@...r.kernel.org,
darrick.wong@...cle.com, Josef Bacik <josef@...icpanda.com>,
Akinobu Mita <akinobu.mita@...il.com>
Subject: Re: [BUGFIX PATCH bpf-next] error-injection: Fix to prohibit jump
optimization
On Mon, 12 Mar 2018 11:44:21 +0100
Daniel Borkmann <daniel@...earbox.net> wrote:
> Hi Masami,
>
> On 03/12/2018 11:27 AM, Masami Hiramatsu wrote:
> > On Mon, 12 Mar 2018 19:00:49 +0900
> > Masami Hiramatsu <mhiramat@...nel.org> wrote:
> >
> >> Since the kprobe which was optimized by jump can not change
> >> the execution path, the kprobe for error-injection must not
> >> be optimized. To prohibit it, set a dummy post-handler as
> >> officially stated in Documentation/kprobes.txt.
> >
> > Note that trace-probe based BPF is not affected, because it
> > ensures the trace-probe is based on ftrace, which is not
> > jump optimized.
>
> Thanks for the fix! I presume this should go via bpf instead of bpf-next
> tree since 4b1a29a7f542 ("error-injection: Support fault injection framework")
> is in Linus' tree as well. Unless there are objection I would rather route
> it that way so it would be for 4.16.
Ah, right! It should go into 4.16. It should be applicable cleanly either tree
since there is only the above commit on kernel/fail_function.c :)
Thanks,
>
> Thanks,
> Daniel
>
> > Thanks,
> >
> >>
> >> Fixes: 4b1a29a7f542 ("error-injection: Support fault injection framework")
> >> Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
> >> ---
> >> kernel/fail_function.c | 10 ++++++++++
> >> 1 file changed, 10 insertions(+)
> >>
> >> diff --git a/kernel/fail_function.c b/kernel/fail_function.c
> >> index 21b0122cb39c..1d5632d8bbcc 100644
> >> --- a/kernel/fail_function.c
> >> +++ b/kernel/fail_function.c
> >> @@ -14,6 +14,15 @@
> >>
> >> static int fei_kprobe_handler(struct kprobe *kp, struct pt_regs *regs);
> >>
> >> +static void fei_post_handler(struct kprobe *kp, struct pt_regs *regs,
> >> + unsigned long flags)
> >> +{
> >> + /*
> >> + * A dummy post handler is required to prohibit optimizing, because
> >> + * jump optimization does not support execution path overriding.
> >> + */
> >> +}
> >> +
> >> struct fei_attr {
> >> struct list_head list;
> >> struct kprobe kp;
> >> @@ -56,6 +65,7 @@ static struct fei_attr *fei_attr_new(const char *sym, unsigned long addr)
> >> return NULL;
> >> }
> >> attr->kp.pre_handler = fei_kprobe_handler;
> >> + attr->kp.post_handler = fei_post_handler;
> >> attr->retval = adjust_error_retval(addr, 0);
> >> INIT_LIST_HEAD(&attr->list);
> >> }
> >>
> >
> >
>
--
Masami Hiramatsu <mhiramat@...nel.org>
Powered by blists - more mailing lists