lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190513183412.GD8003@kernel.org>
Date:   Mon, 13 May 2019 15:38:24 -0300
From:   Arnaldo Carvalho de Melo <arnaldo.melo@...il.com>
To:     Ingo Molnar <mingo@...nel.org>,
        Masami Hiramatsu <mhiramat@...nel.org>
Cc:     Steven Rostedt <rostedt@...dmis.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Shuah Khan <shuah@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        linux-kernel@...r.kernel.org,
        Andy Lutomirski <luto@...capital.net>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Changbin Du <changbin.du@...il.com>,
        Jann Horn <jannh@...gle.com>,
        Kees Cook <keescook@...omium.org>,
        Andy Lutomirski <luto@...nel.org>,
        Alexei Starovoitov <alexei.starovoitov@...il.com>,
        Nadav Amit <namit@...are.com>,
        Joel Fernandes <joel@...lfernandes.org>, yhs@...com
Subject: Re: [PATCH -tip v8 0/6] tracing/probes: uaccess: Add support
 user-space access

Em Fri, May 10, 2019 at 12:12:49AM +0900, Masami Hiramatsu escreveu:
> Hi,
> 
> Here is the v8 series of probe-event to support user-space access.
> Previous version is here.
> 
> https://lkml.kernel.org/r/155732230159.12756.15040196512285621636.stgit@devnote2
> 
> In this version, I fixed some typos/style issues and renamed fields
> according to Ingo's comment, and added Ack from Steve.
> 
> Also this version is rebased on the latest -tip/master tree.

Ingo, since this touches 'perf probe' and Steven already provided an
Acked-by, if you're ok with it I can process these, testing the 'perf
probe' changes and then ship it to you in my next pull req, ok?

- Arnaldo
 
> Changes in v8:
>  [2/6] Fix style issues and typos according to Ingo's comment.
>  [3/6] Fix style issues according to Ingo's comment.
>  [6/6] Fix a typo and rename user field to user_access field.
> 
> 
> In summary, strncpy_from_user() should work as below
> 
>  - strncpy_from_user() can access user memory with set_fs(USER_DS)
>    in task context
> 
>  - strncpy_from_user() can access kernel memory with set_fs(KERNEL_DS)
>    in task context (e.g. devtmpfsd and init)
> 
>  - strncpy_from_user() can access user/kernel memory (depends on DS)
>    in IRQ context if pagefault is disabled. (both verified)
> 
> Note that this changes the warning behavior when
> CONFIG_DEBUG_ATOMIC_SLEEP=y, it still warns when
> __copy_from_user_inatomic() is called in IRQ context, but don't
> warn if pagefault is disabled because it will not sleep in
> atomic.
> 
> ====
> Kprobe event user-space memory access features:
> 
> For user-space access extension, this series adds 2 features,
> "ustring" type and user-space dereference syntax. "ustring" is
> used for recording a null-terminated string in user-space from
> kprobe events.
> 
> "ustring" type is easy, it is able to use instead of "string"
> type, so if you want to record a user-space string via
> "__user char *", you can use ustring type instead of string.
> For example,
> 
> echo 'p do_sys_open path=+0($arg2):ustring' >> kprobe_events
> 
> will record the path string from user-space.
> 
> The user-space dereference syntax is also simple. Thi just
> adds 'u' prefix before an offset value.
> 
>    +|-u<OFFSET>(<FETCHARG>)
> 
> e.g. +u8(%ax), +u0(+0(%si))
> 
> This is more generic. If you want to refer the variable in user-
> space from its address or access a field in data structure in
> user-space, you need to use this.
> 
> For example, if you probe do_sched_setscheduler(pid, policy,
> param) and record param->sched_priority, you can add new
> probe as below;
>     
>    p do_sched_setscheduler priority=+u0($arg3)
> 
> Actually, with this feature, "ustring" type is not absolutely
> necessary, because these are same meanings.
> 
>   +0($arg2):ustring == +u0($arg2):string
> 
> Note that kprobe event provides these methods, but it doesn't
> change it from kernel to user automatically because we do not
> know whether the given address is in userspace or kernel on
> some arch.
> 
> 
> Thank you,
> 
> ---
> 
> Masami Hiramatsu (6):
>       x86/uaccess: Allow access_ok() in irq context if pagefault_disabled
>       uaccess: Add non-pagefault user-space read functions
>       tracing/probe: Add ustring type for user-space string
>       tracing/probe: Support user-space dereference
>       selftests/ftrace: Add user-memory access syntax testcase
>       perf-probe: Add user memory access attribute support
> 
> 
>  Documentation/trace/kprobetrace.rst                |   28 ++++-
>  Documentation/trace/uprobetracer.rst               |   10 +-
>  arch/x86/include/asm/uaccess.h                     |    4 -
>  include/linux/uaccess.h                            |   19 +++
>  kernel/trace/trace.c                               |    7 +
>  kernel/trace/trace_kprobe.c                        |   37 ++++++
>  kernel/trace/trace_probe.c                         |   37 +++++-
>  kernel/trace/trace_probe.h                         |    3 
>  kernel/trace/trace_probe_tmpl.h                    |   37 +++++-
>  kernel/trace/trace_uprobe.c                        |   19 +++
>  mm/maccess.c                                       |  122 +++++++++++++++++++-
>  tools/perf/Documentation/perf-probe.txt            |    3 
>  tools/perf/util/probe-event.c                      |   11 ++
>  tools/perf/util/probe-event.h                      |    2 
>  tools/perf/util/probe-file.c                       |    7 +
>  tools/perf/util/probe-file.h                       |    1 
>  tools/perf/util/probe-finder.c                     |   19 ++-
>  .../ftrace/test.d/kprobe/kprobe_args_user.tc       |   32 +++++
>  18 files changed, 357 insertions(+), 41 deletions(-)
>  create mode 100644 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc
> 
> --
> Masami Hiramatsu (Linaro) <mhiramat@...nel.org>

-- 

- Arnaldo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ