| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 May 2019 15:38:24 -0300
From: Arnaldo Carvalho de Melo <arnaldo.melo@...il.com>
To: Ingo Molnar <mingo@...nel.org>,
Masami Hiramatsu <mhiramat@...nel.org>
Cc: Steven Rostedt <rostedt@...dmis.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Shuah Khan <shuah@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>,
Andrew Morton <akpm@...ux-foundation.org>,
Changbin Du <changbin.du@...il.com>,
Jann Horn <jannh@...gle.com>,
Kees Cook <keescook@...omium.org>,
Andy Lutomirski <luto@...nel.org>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Nadav Amit <namit@...are.com>,
Joel Fernandes <joel@...lfernandes.org>, yhs@...com
Subject: Re: [PATCH -tip v8 0/6] tracing/probes: uaccess: Add support
user-space access
Em Fri, May 10, 2019 at 12:12:49AM +0900, Masami Hiramatsu escreveu:
> Hi,
>
> Here is the v8 series of probe-event to support user-space access.
> Previous version is here.
>
> https://lkml.kernel.org/r/155732230159.12756.15040196512285621636.stgit@devnote2
>
> In this version, I fixed some typos/style issues and renamed fields
> according to Ingo's comment, and added Ack from Steve.
>
> Also this version is rebased on the latest -tip/master tree.
Ingo, since this touches 'perf probe' and Steven already provided an
Acked-by, if you're ok with it I can process these, testing the 'perf
probe' changes and then ship it to you in my next pull req, ok?
- Arnaldo
> Changes in v8:
> [2/6] Fix style issues and typos according to Ingo's comment.
> [3/6] Fix style issues according to Ingo's comment.
> [6/6] Fix a typo and rename user field to user_access field.
>
>
> In summary, strncpy_from_user() should work as below
>
> - strncpy_from_user() can access user memory with set_fs(USER_DS)
> in task context
>
> - strncpy_from_user() can access kernel memory with set_fs(KERNEL_DS)
> in task context (e.g. devtmpfsd and init)
>
> - strncpy_from_user() can access user/kernel memory (depends on DS)
> in IRQ context if pagefault is disabled. (both verified)
>
> Note that this changes the warning behavior when
> CONFIG_DEBUG_ATOMIC_SLEEP=y, it still warns when
> __copy_from_user_inatomic() is called in IRQ context, but don't
> warn if pagefault is disabled because it will not sleep in
> atomic.
>
> ====
> Kprobe event user-space memory access features:
>
> For user-space access extension, this series adds 2 features,
> "ustring" type and user-space dereference syntax. "ustring" is
> used for recording a null-terminated string in user-space from
> kprobe events.
>
> "ustring" type is easy, it is able to use instead of "string"
> type, so if you want to record a user-space string via
> "__user char *", you can use ustring type instead of string.
> For example,
>
> echo 'p do_sys_open path=+0($arg2):ustring' >> kprobe_events
>
> will record the path string from user-space.
>
> The user-space dereference syntax is also simple. Thi just
> adds 'u' prefix before an offset value.
>
> +|-u<OFFSET>(<FETCHARG>)
>
> e.g. +u8(%ax), +u0(+0(%si))
>
> This is more generic. If you want to refer the variable in user-
> space from its address or access a field in data structure in
> user-space, you need to use this.
>
> For example, if you probe do_sched_setscheduler(pid, policy,
> param) and record param->sched_priority, you can add new
> probe as below;
>
> p do_sched_setscheduler priority=+u0($arg3)
>
> Actually, with this feature, "ustring" type is not absolutely
> necessary, because these are same meanings.
>
> +0($arg2):ustring == +u0($arg2):string
>
> Note that kprobe event provides these methods, but it doesn't
> change it from kernel to user automatically because we do not
> know whether the given address is in userspace or kernel on
> some arch.
>
>
> Thank you,
>
> ---
>
> Masami Hiramatsu (6):
> x86/uaccess: Allow access_ok() in irq context if pagefault_disabled
> uaccess: Add non-pagefault user-space read functions
> tracing/probe: Add ustring type for user-space string
> tracing/probe: Support user-space dereference
> selftests/ftrace: Add user-memory access syntax testcase
> perf-probe: Add user memory access attribute support
>
>
> Documentation/trace/kprobetrace.rst | 28 ++++-
> Documentation/trace/uprobetracer.rst | 10 +-
> arch/x86/include/asm/uaccess.h | 4 -
> include/linux/uaccess.h | 19 +++
> kernel/trace/trace.c | 7 +
> kernel/trace/trace_kprobe.c | 37 ++++++
> kernel/trace/trace_probe.c | 37 +++++-
> kernel/trace/trace_probe.h | 3
> kernel/trace/trace_probe_tmpl.h | 37 +++++-
> kernel/trace/trace_uprobe.c | 19 +++
> mm/maccess.c | 122 +++++++++++++++++++-
> tools/perf/Documentation/perf-probe.txt | 3
> tools/perf/util/probe-event.c | 11 ++
> tools/perf/util/probe-event.h | 2
> tools/perf/util/probe-file.c | 7 +
> tools/perf/util/probe-file.h | 1
> tools/perf/util/probe-finder.c | 19 ++-
> .../ftrace/test.d/kprobe/kprobe_args_user.tc | 32 +++++
> 18 files changed, 357 insertions(+), 41 deletions(-)
> create mode 100644 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc
>
> --
> Masami Hiramatsu (Linaro) <mhiramat@...nel.org>
--
- Arnaldo
Powered by blists - more mailing lists