| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 May 2019 16:13:04 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: Ingo Molnar <mingo@...nel.org>
Cc: Masami Hiramatsu <mhiramat@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Shuah Khan <shuah@...nel.org>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>,
Andrew Morton <akpm@...ux-foundation.org>,
Changbin Du <changbin.du@...il.com>,
Jann Horn <jannh@...gle.com>,
Kees Cook <keescook@...omium.org>,
Andy Lutomirski <luto@...nel.org>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Nadav Amit <namit@...are.com>,
Joel Fernandes <joel@...lfernandes.org>, yhs@...com
Subject: Re: [PATCH v7 0/6] tracing/probes: uaccess: Add support user-space
access
Ingo,
Can you take this. You can add:
Acked-by: Steven Rostedt (VMware) <rostedt@...dmis.org>
to the entire series.
Thanks!
-- Steve
On Wed, 8 May 2019 22:31:41 +0900
Masami Hiramatsu <mhiramat@...nel.org> wrote:
> Hi,
>
> Here is the v7 series of probe-event to support user-space access.
> Previous version is here.
>
> https://lkml.kernel.org/r/155289137555.7218.9282784065958321058.stgit@devnote2
>
> In this version, I fixed some documentation according to Steve's
> comment. This can be applied against the latest tracing/for-next
> + probeevent bugfix.
>
> https://lkml.kernel.org/r/155723732200.9149.10482668315693777743.stgit@devnote2
>
> Changes in v7:
> - [4/6] Fix typos and update document according to Steve's comment.
>
> In summary, strncpy_from_user() should work as below
>
> - strncpy_from_user() can access user memory with set_fs(USER_DS)
> in task context
>
> - strncpy_from_user() can access kernel memory with set_fs(KERNEL_DS)
> in task context (e.g. devtmpfsd and init)
>
> - strncpy_from_user() can access user/kernel memory (depends on DS)
> in IRQ context if pagefault is disabled. (both verified)
>
> Note that this changes the warning behavior when
> CONFIG_DEBUG_ATOMIC_SLEEP=y, it still warns when
> __copy_from_user_inatomic() is called in IRQ context, but don't
> warn if pagefault is disabled because it will not sleep in
> atomic.
>
> ====
> Kprobe event user-space memory access features:
>
> For user-space access extension, this series adds 2 features,
> "ustring" type and user-space dereference syntax. "ustring" is
> used for recording a null-terminated string in user-space from
> kprobe events.
>
> "ustring" type is easy, it is able to use instead of "string"
> type, so if you want to record a user-space string via
> "__user char *", you can use ustring type instead of string.
> For example,
>
> echo 'p do_sys_open path=+0($arg2):ustring' >> kprobe_events
>
> will record the path string from user-space.
>
> The user-space dereference syntax is also simple. Thi just
> adds 'u' prefix before an offset value.
>
> +|-u<OFFSET>(<FETCHARG>)
>
> e.g. +u8(%ax), +u0(+0(%si))
>
> This is more generic. If you want to refer the variable in user-
> space from its address or access a field in data structure in
> user-space, you need to use this.
>
> For example, if you probe do_sched_setscheduler(pid, policy,
> param) and record param->sched_priority, you can add new
> probe as below;
>
> p do_sched_setscheduler priority=+u0($arg3)
>
> Actually, with this feature, "ustring" type is not absolutely
> necessary, because these are same meanings.
>
> +0($arg2):ustring == +u0($arg2):string
>
> Note that kprobe event provides these methods, but it doesn't
> change it from kernel to user automatically because we do not
> know whether the given address is in userspace or kernel on
> some arch.
>
>
> Thank you,
>
> ---
>
> Masami Hiramatsu (6):
> x86/uaccess: Allow access_ok() in irq context if pagefault_disabled
> uaccess: Add non-pagefault user-space read functions
> tracing/probe: Add ustring type for user-space string
> tracing/probe: Support user-space dereference
> selftests/ftrace: Add user-memory access syntax testcase
> perf-probe: Add user memory access attribute support
>
>
> Documentation/trace/kprobetrace.rst | 28 ++++-
> Documentation/trace/uprobetracer.rst | 10 +-
> arch/x86/include/asm/uaccess.h | 4 +
> include/linux/uaccess.h | 19 +++
> kernel/trace/trace.c | 7 +
> kernel/trace/trace_kprobe.c | 35 ++++++
> kernel/trace/trace_probe.c | 37 +++++-
> kernel/trace/trace_probe.h | 3 +
> kernel/trace/trace_probe_tmpl.h | 37 +++++-
> kernel/trace/trace_uprobe.c | 19 +++
> mm/maccess.c | 117 +++++++++++++++++++-
> tools/perf/Documentation/perf-probe.txt | 3 -
> tools/perf/util/probe-event.c | 11 ++
> tools/perf/util/probe-event.h | 2
> tools/perf/util/probe-file.c | 7 +
> tools/perf/util/probe-file.h | 1
> tools/perf/util/probe-finder.c | 19 ++-
> .../ftrace/test.d/kprobe/kprobe_args_user.tc | 32 +++++
> 18 files changed, 350 insertions(+), 41 deletions(-)
> create mode 100644 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc
>
> --
> Masami Hiramatsu (Linaro) <mhiramat@...nel.org>
Powered by blists - more mailing lists