| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Feb 2019 21:30:03 +0900
From: Masami Hiramatsu <mhiramat@...nel.org>
To: Steven Rostedt <rostedt@...dmis.org>,
Linus Torvalds <torvalds@...ux-foundation.org>
Cc: mhiramat@...nel.org, linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>,
Ingo Molnar <mingo@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Changbin Du <changbin.du@...il.com>,
Jann Horn <jannh@...gle.com>,
Kees Cook <keescook@...omium.org>,
Andy Lutomirski <luto@...nel.org>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Nadav Amit <namit@...are.com>,
Peter Zijlstra <peterz@...radead.org>,
Joel Fernandes <joel@...lfernandes.org>
Subject: [PATCH v4 0/6] tracing/probes: uaccess: Add support user-space access
Hi,
Here is the v4 series of probe-event to support user-space access.
This version I fixed some issues pointed out by Steve (Thanks!)
and add a ftrace testcase for this feature.
- [4/6]: Add Steve's Ack
- [5/6]: Fix a bug and documentation
- [6/6]: New: add a new testcase
====
Kprobe event user-space memory access features:
For user-space access extension, this series adds 2 features,
"ustring" type and user-space dereference syntax. "ustring" is
used for recording a null-terminated string in user-space from
kprobe events.
"ustring" type is easy, it is able to use instead of "string"
type, so if you want to record a user-space string via
"__user char *", you can use ustring type instead of string.
For example,
echo 'p do_sys_open path=+0($arg2):ustring' >> kprobe_events
will record the path string from user-space.
The user-space dereference syntax is also simple. Thi just
adds 'u' prefix before an offset value.
+|-u<OFFSET>(<FETCHARG>)
e.g. +u8(%ax), +u0(+0(%si))
This is more generic. If you want to refer the variable in user-
space from its address or access a field in data structure in
user-space, you need to use this.
For example, if you probe do_sched_setscheduler(pid, policy,
param) and record param->sched_priority, you can add new
probe as below;
p do_sched_setscheduler priority=+u0($arg3)
Actually, with this feature, "ustring" type is not absolutely
necessary, because these are same meanings.
+0($arg2):ustring == +u0($arg2):string
Note that kprobe event provides these methods, but it doesn't
change it from kernel to user automatically because we do not
know whether the given address is in userspace or kernel on
some arch.
For perf-probe, we can add some attribute for each argument
which indicate that the variable in user space. If gcc/clang
supports debuginfo for __user (address_space attribute),
perf-probe can support it and automatically choose the
correct dereference method.
Thank you,
---
Masami Hiramatsu (5):
uaccess: Use user_access_ok() in user_access_begin()
uaccess: Add non-pagefault user-space read functions
tracing/probe: Add ustring type for user-space string
tracing/probe: Support user-space dereference
selftests/ftrace: Add user-memory access syntax testcase
Peter Zijlstra (1):
uaccess: Add user_access_ok()
Documentation/trace/kprobetrace.rst | 28 +++++-
Documentation/trace/uprobetracer.rst | 9 +-
arch/x86/include/asm/uaccess.h | 10 ++
include/linux/uaccess.h | 33 +++++++
kernel/trace/trace.c | 7 +
kernel/trace/trace_kprobe.c | 43 +++++++++
kernel/trace/trace_probe.c | 36 ++++++--
kernel/trace/trace_probe.h | 3 +
kernel/trace/trace_probe_tmpl.h | 37 +++++++-
kernel/trace/trace_uprobe.c | 19 ++++
mm/maccess.c | 94 +++++++++++++++++++-
.../ftrace/test.d/kprobe/kprobe_args_user.tc | 31 +++++++
12 files changed, 317 insertions(+), 33 deletions(-)
create mode 100644 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc
--
Masami Hiramatsu (Linaro) <mhiramat@...nel.org>
Powered by blists - more mailing lists