| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 May 2019 14:02:53 +0900
From: Masami Hiramatsu <mhiramat@...nel.org>
To: Arnaldo Carvalho de Melo <acme@...nel.org>
Cc: Ingo Molnar <mingo@...nel.org>,
Steven Rostedt <rostedt@...dmis.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Shuah Khan <shuah@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>,
Andrew Morton <akpm@...ux-foundation.org>,
Changbin Du <changbin.du@...il.com>,
Jann Horn <jannh@...gle.com>,
Kees Cook <keescook@...omium.org>,
Andy Lutomirski <luto@...nel.org>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Nadav Amit <namit@...are.com>,
Joel Fernandes <joel@...lfernandes.org>, yhs@...com
Subject: Re: [PATCH -tip v8 0/6] tracing/probes: uaccess: Add support
user-space access
On Mon, 13 May 2019 15:38:24 -0300
Arnaldo Carvalho de Melo <acme@...nel.org> wrote:
> Em Fri, May 10, 2019 at 12:12:49AM +0900, Masami Hiramatsu escreveu:
> > Hi,
> >
> > Here is the v8 series of probe-event to support user-space access.
> > Previous version is here.
> >
> > https://lkml.kernel.org/r/155732230159.12756.15040196512285621636.stgit@devnote2
> >
> > In this version, I fixed some typos/style issues and renamed fields
> > according to Ingo's comment, and added Ack from Steve.
> >
> > Also this version is rebased on the latest -tip/master tree.
>
> Ingo, since this touches 'perf probe' and Steven already provided an
> Acked-by, if you're ok with it I can process these, testing the 'perf
> probe' changes and then ship it to you in my next pull req, ok?
Thanks Arnaldo! For the perf probe enhancement, it should work on
the kernel which doesn't support 'u' prefix. :)
Thank you,
>
> - Arnaldo
>
> > Changes in v8:
> > [2/6] Fix style issues and typos according to Ingo's comment.
> > [3/6] Fix style issues according to Ingo's comment.
> > [6/6] Fix a typo and rename user field to user_access field.
> >
> >
> > In summary, strncpy_from_user() should work as below
> >
> > - strncpy_from_user() can access user memory with set_fs(USER_DS)
> > in task context
> >
> > - strncpy_from_user() can access kernel memory with set_fs(KERNEL_DS)
> > in task context (e.g. devtmpfsd and init)
> >
> > - strncpy_from_user() can access user/kernel memory (depends on DS)
> > in IRQ context if pagefault is disabled. (both verified)
> >
> > Note that this changes the warning behavior when
> > CONFIG_DEBUG_ATOMIC_SLEEP=y, it still warns when
> > __copy_from_user_inatomic() is called in IRQ context, but don't
> > warn if pagefault is disabled because it will not sleep in
> > atomic.
> >
> > ====
> > Kprobe event user-space memory access features:
> >
> > For user-space access extension, this series adds 2 features,
> > "ustring" type and user-space dereference syntax. "ustring" is
> > used for recording a null-terminated string in user-space from
> > kprobe events.
> >
> > "ustring" type is easy, it is able to use instead of "string"
> > type, so if you want to record a user-space string via
> > "__user char *", you can use ustring type instead of string.
> > For example,
> >
> > echo 'p do_sys_open path=+0($arg2):ustring' >> kprobe_events
> >
> > will record the path string from user-space.
> >
> > The user-space dereference syntax is also simple. Thi just
> > adds 'u' prefix before an offset value.
> >
> > +|-u<OFFSET>(<FETCHARG>)
> >
> > e.g. +u8(%ax), +u0(+0(%si))
> >
> > This is more generic. If you want to refer the variable in user-
> > space from its address or access a field in data structure in
> > user-space, you need to use this.
> >
> > For example, if you probe do_sched_setscheduler(pid, policy,
> > param) and record param->sched_priority, you can add new
> > probe as below;
> >
> > p do_sched_setscheduler priority=+u0($arg3)
> >
> > Actually, with this feature, "ustring" type is not absolutely
> > necessary, because these are same meanings.
> >
> > +0($arg2):ustring == +u0($arg2):string
> >
> > Note that kprobe event provides these methods, but it doesn't
> > change it from kernel to user automatically because we do not
> > know whether the given address is in userspace or kernel on
> > some arch.
> >
> >
> > Thank you,
> >
> > ---
> >
> > Masami Hiramatsu (6):
> > x86/uaccess: Allow access_ok() in irq context if pagefault_disabled
> > uaccess: Add non-pagefault user-space read functions
> > tracing/probe: Add ustring type for user-space string
> > tracing/probe: Support user-space dereference
> > selftests/ftrace: Add user-memory access syntax testcase
> > perf-probe: Add user memory access attribute support
> >
> >
> > Documentation/trace/kprobetrace.rst | 28 ++++-
> > Documentation/trace/uprobetracer.rst | 10 +-
> > arch/x86/include/asm/uaccess.h | 4 -
> > include/linux/uaccess.h | 19 +++
> > kernel/trace/trace.c | 7 +
> > kernel/trace/trace_kprobe.c | 37 ++++++
> > kernel/trace/trace_probe.c | 37 +++++-
> > kernel/trace/trace_probe.h | 3
> > kernel/trace/trace_probe_tmpl.h | 37 +++++-
> > kernel/trace/trace_uprobe.c | 19 +++
> > mm/maccess.c | 122 +++++++++++++++++++-
> > tools/perf/Documentation/perf-probe.txt | 3
> > tools/perf/util/probe-event.c | 11 ++
> > tools/perf/util/probe-event.h | 2
> > tools/perf/util/probe-file.c | 7 +
> > tools/perf/util/probe-file.h | 1
> > tools/perf/util/probe-finder.c | 19 ++-
> > .../ftrace/test.d/kprobe/kprobe_args_user.tc | 32 +++++
> > 18 files changed, 357 insertions(+), 41 deletions(-)
> > create mode 100644 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_args_user.tc
> >
> > --
> > Masami Hiramatsu (Linaro) <mhiramat@...nel.org>
>
> --
>
> - Arnaldo
--
Masami Hiramatsu <mhiramat@...nel.org>
Powered by blists - more mailing lists