lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 6 May 2019 12:14:29 -0400
From:   Joel Fernandes <joel@...lfernandes.org>
To:     Masami Hiramatsu <mhiramat@...nel.org>
Cc:     linux-kernel@...r.kernel.org,
        Michal Gregorczyk <michalgr@...e.com>,
        Adrian Ratiu <adrian.ratiu@...labora.com>,
        Mohammad Husain <russoue@...il.com>,
        Qais Yousef <qais.yousef@....com>,
        Srinivas Ramana <sramana@...eaurora.org>,
        duyuchao <yuchao.du@...soc.com>,
        Manjo Raja Rao <linux@...ojrajarao.com>,
        Karim Yaghmour <karim.yaghmour@...rsys.com>,
        Tamir Carmeli <carmeli.tamir@...il.com>,
        Yonghong Song <yhs@...com>,
        Alexei Starovoitov <ast@...nel.org>,
        Brendan Gregg <brendan.d.gregg@...il.com>,
        Peter Ziljstra <peterz@...radead.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Kees Cook <keescook@...omium.org>, kernel-team@...roid.com,
        Daniel Borkmann <daniel@...earbox.net>,
        Ingo Molnar <mingo@...hat.com>, netdev@...r.kernel.org
Subject: Re: [PATCH RFC] bpf: Add support for reading user pointers

On Mon, May 06, 2019 at 11:47:51PM +0900, Masami Hiramatsu wrote:
> Hi Joel,
> 
> On Thu,  2 May 2019 16:49:58 -0400
> "Joel Fernandes (Google)" <joel@...lfernandes.org> wrote:
> 
> > The eBPF based opensnoop tool fails to read the file path string passed
> > to the do_sys_open function. This is because it is a pointer to
> > userspace address and causes an -EFAULT when read with
> > probe_kernel_read. This is not an issue when running the tool on x86 but
> > is an issue on arm64. This patch adds a new bpf function call based
> > which calls the recently proposed probe_user_read function [1].
> > Using this function call from opensnoop fixes the issue on arm64.
> > 
> > [1] https://lore.kernel.org/patchwork/patch/1051588/
> 
> Anyway, this series is still out-of-tree. We have to push this or similar
> update into kernel at first. I can resend v7 on the latest -tip tree including
> this patch if you update the description.

Sounds good. I also have to split it up and add a deprecation for the old
API. I will get this done today and then you can include them in your series,
thanks! Once I send them, could you CC bpf maintainers on the patches too in
the future? thanks.

 - Joel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ