| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 May 2019 15:57:11 -0400
From: Joel Fernandes <joel@...lfernandes.org>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: linux-kernel@...r.kernel.org,
Michal Gregorczyk <michalgr@...e.com>,
Adrian Ratiu <adrian.ratiu@...labora.com>,
Mohammad Husain <russoue@...il.com>,
Qais Yousef <qais.yousef@....com>,
Srinivas Ramana <sramana@...eaurora.org>,
duyuchao <yuchao.du@...soc.com>,
Manjo Raja Rao <linux@...ojrajarao.com>,
Karim Yaghmour <karim.yaghmour@...rsys.com>,
Tamir Carmeli <carmeli.tamir@...il.com>,
Yonghong Song <yhs@...com>,
Alexei Starovoitov <ast@...nel.org>,
Brendan Gregg <brendan.d.gregg@...il.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
Peter Ziljstra <peterz@...radead.org>,
Andrii Nakryiko <andrii.nakryiko@...il.com>,
Steven Rostedt <rostedt@...dmis.org>,
Kees Cook <keescook@...omium.org>, kernel-team@...roid.com,
bpf@...r.kernel.org, Ingo Molnar <mingo@...hat.com>,
Martin KaFai Lau <kafai@...com>, netdev@...r.kernel.org,
Song Liu <songliubraving@...com>
Subject: Re: [PATCH v2 1/4] bpf: Add support for reading user pointers
On Mon, May 06, 2019 at 09:11:19PM +0200, Daniel Borkmann wrote:
> On 05/06/2019 08:31 PM, Joel Fernandes (Google) wrote:
> > The eBPF based opensnoop tool fails to read the file path string passed
> > to the do_sys_open function. This is because it is a pointer to
> > userspace address and causes an -EFAULT when read with
> > probe_kernel_read. This is not an issue when running the tool on x86 but
> > is an issue on arm64. This patch adds a new bpf function call based
> > which calls the recently proposed probe_user_read function [1].
> > Using this function call from opensnoop fixes the issue on arm64.
> >
> > [1] https://lore.kernel.org/patchwork/patch/1051588/
> >
> > Cc: Michal Gregorczyk <michalgr@...e.com>
> > Cc: Adrian Ratiu <adrian.ratiu@...labora.com>
> > Cc: Mohammad Husain <russoue@...il.com>
> > Cc: Qais Yousef <qais.yousef@....com>
> > Cc: Srinivas Ramana <sramana@...eaurora.org>
> > Cc: duyuchao <yuchao.du@...soc.com>
> > Cc: Manjo Raja Rao <linux@...ojrajarao.com>
> > Cc: Karim Yaghmour <karim.yaghmour@...rsys.com>
> > Cc: Tamir Carmeli <carmeli.tamir@...il.com>
> > Cc: Yonghong Song <yhs@...com>
> > Cc: Alexei Starovoitov <ast@...nel.org>
> > Cc: Brendan Gregg <brendan.d.gregg@...il.com>
> > Cc: Masami Hiramatsu <mhiramat@...nel.org>
> > Cc: Peter Ziljstra <peterz@...radead.org>
> > Cc: Andrii Nakryiko <andrii.nakryiko@...il.com>
> > Cc: Steven Rostedt <rostedt@...dmis.org>
> > Cc: Kees Cook <keescook@...omium.org>
> > Cc: kernel-team@...roid.com
> > Signed-off-by: Joel Fernandes (Google) <joel@...lfernandes.org>
> > ---
> > Masami, could you carry these patches in the series where are you add
> > probe_user_read function?
> >
> > Previous submissions is here:
> > https://lore.kernel.org/patchwork/patch/1069552/
> > v1->v2: split tools uapi sync into separate commit, added deprecation
> > warning for old bpf_probe_read function.
>
> Please properly submit this series to bpf tree once the base
> infrastructure from Masami is upstream.
Could you clarify what do you mean by "properly submit this series to bpf
tree" mean? bpf@...r.kernel.org is CC'd.
> This series here should
> also fix up all current probe read usage under samples/bpf/ and
> tools/testing/selftests/bpf/.
Ok. Agreed, will do that.
thanks,
- Joel
Powered by blists - more mailing lists