lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 27 Jan 2020 11:04:49 -0500
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Ingo Molnar <mingo@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        stable@...r.kernel.org, Masami Hiramatsu <mhiramat@...nel.org>,
        Thomas Richter <tmricht@...ux.ibm.com>
Subject: [GIT PULL][PATCH] tracing/kprobes: Have uname use __get_str() in
 print_fmt


Linus,

[ This is not a merge window pull, I was waiting on a tested-by from
  the reporter ]

Kprobe events added "ustring" to distinguish reading strings
from kernel space or user space. But the creating of the event format
file only checks for "string" to display string formats. "ustring" must
also be handled.


Please pull the latest trace-v5.5-rc7 tree, which can be found at:


  git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace.git
trace-v5.5-rc7

Tag SHA1: 83993af56b45a4c0b34401ee5bdd96c94180d77d
Head SHA1: 20279420ae3a8ef4c5d9fedc360a2c37a1dbdf1b


Steven Rostedt (VMware) (1):
      tracing/kprobes: Have uname use __get_str() in print_fmt

----
 kernel/trace/trace_probe.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
---------------------------
commit 20279420ae3a8ef4c5d9fedc360a2c37a1dbdf1b
Author: Steven Rostedt (VMware) <rostedt@...dmis.org>
Date:   Fri Jan 24 10:07:42 2020 -0500

    tracing/kprobes: Have uname use __get_str() in print_fmt
    
    Thomas Richter reported:
    
    > Test case 66 'Use vfs_getname probe to get syscall args filenames'
    > is broken on s390, but works on x86. The test case fails with:
    >
    >  [root@...lp76 perf]# perf test -F 66
    >  66: Use vfs_getname probe to get syscall args filenames
    >            :Recording open file:
    >  [ perf record: Woken up 1 times to write data ]
    >  [ perf record: Captured and wrote 0.004 MB /tmp/__perf_test.perf.data.TCdYj\
    >        (20 samples) ]
    >  Looking at perf.data file for vfs_getname records for the file we touched:
    >   FAILED!
    >   [root@...lp76 perf]#
    
    The root cause was the print_fmt of the kprobe event that referenced the
    "ustring"
    
    > Setting up the kprobe event using perf command:
    >
    >  # ./perf probe "vfs_getname=getname_flags:72 pathname=filename:ustring"
    >
    > generates this format file:
    >   [root@...lp76 perf]# cat /sys/kernel/debug/tracing/events/probe/\
    >         vfs_getname/format
    >   name: vfs_getname
    >   ID: 1172
    >   format:
    >     field:unsigned short common_type; offset:0; size:2; signed:0;
    >     field:unsigned char common_flags; offset:2; size:1; signed:0;
    >     field:unsigned char common_preempt_count; offset:3; size:1; signed:0;
    >     field:int common_pid; offset:4; size:4; signed:1;
    >
    >     field:unsigned long __probe_ip; offset:8; size:8; signed:0;
    >     field:__data_loc char[] pathname; offset:16; size:4; signed:1;
    >
    >     print fmt: "(%lx) pathname=\"%s\"", REC->__probe_ip, REC->pathname
    
    Instead of using "__get_str(pathname)" it referenced it directly.
    
    Link: http://lkml.kernel.org/r/20200124100742.4050c15e@gandalf.local.home
    
    Cc: stable@...r.kernel.org
    Fixes: 88903c464321 ("tracing/probe: Add ustring type for user-space string")
    Acked-by: Masami Hiramatsu <mhiramat@...nel.org>
    Reported-by: Thomas Richter <tmricht@...ux.ibm.com>
    Tested-by: Thomas Richter <tmricht@...ux.ibm.com>
    Signed-off-by: Steven Rostedt (VMware) <rostedt@...dmis.org>

diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
index 9ae87be422f2..ab8b6436d53f 100644
--- a/kernel/trace/trace_probe.c
+++ b/kernel/trace/trace_probe.c
@@ -876,7 +876,8 @@ static int __set_print_fmt(struct trace_probe *tp, char *buf, int len,
 	for (i = 0; i < tp->nr_args; i++) {
 		parg = tp->args + i;
 		if (parg->count) {
-			if (strcmp(parg->type->name, "string") == 0)
+			if ((strcmp(parg->type->name, "string") == 0) ||
+			    (strcmp(parg->type->name, "ustring") == 0))
 				fmt = ", __get_str(%s[%d])";
 			else
 				fmt = ", REC->%s[%d]";
@@ -884,7 +885,8 @@ static int __set_print_fmt(struct trace_probe *tp, char *buf, int len,
 				pos += snprintf(buf + pos, LEN_OR_ZERO,
 						fmt, parg->name, j);
 		} else {
-			if (strcmp(parg->type->name, "string") == 0)
+			if ((strcmp(parg->type->name, "string") == 0) ||
+			    (strcmp(parg->type->name, "ustring") == 0))
 				fmt = ", __get_str(%s)";
 			else
 				fmt = ", REC->%s";

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ