| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YoTXiAk1EpZ0rLKE@krava>
Date: Wed, 18 May 2022 13:24:56 +0200
From: Jiri Olsa <olsajiri@...il.com>
To: Yonghong Song <yhs@...com>
Cc: Jiri Olsa <olsajiri@...il.com>,
Eugene Syromiatnikov <esyr@...hat.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
Steven Rostedt <rostedt@...dmis.org>,
Ingo Molnar <mingo@...hat.com>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>, netdev@...r.kernel.org,
bpf@...r.kernel.org, linux-kernel@...r.kernel.org,
Shuah Khan <shuah@...nel.org>, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH bpf-next v3 4/4] bpf_trace: pass array of u64 values in
kprobe_multi.addrs
On Tue, May 17, 2022 at 02:34:55PM -0700, Yonghong Song wrote:
>
>
> On 5/17/22 1:03 PM, Jiri Olsa wrote:
> > On Tue, May 17, 2022 at 02:30:50PM +0200, Eugene Syromiatnikov wrote:
> > > On Tue, May 17, 2022 at 11:12:34AM +0200, Jiri Olsa wrote:
> > > > On Tue, May 17, 2022 at 09:36:47AM +0200, Eugene Syromiatnikov wrote:
> > > > > With the interface as defined, it is impossible to pass 64-bit kernel
> > > > > addresses from a 32-bit userspace process in BPF_LINK_TYPE_KPROBE_MULTI,
> > > > > which severly limits the useability of the interface, change the ABI
> > > > > to accept an array of u64 values instead of (kernel? user?) longs.
> > > > > Interestingly, the rest of the libbpf infrastructure uses 64-bit values
> > > > > for kallsyms addresses already, so this patch also eliminates
> > > > > the sym_addr cast in tools/lib/bpf/libbpf.c:resolve_kprobe_multi_cb().
> > > >
> > > > so the problem is when we have 32bit user sace on 64bit kernel right?
> > > >
> > > > I think we should keep addrs as longs in uapi and have kernel to figure out
> > > > if it needs to read u32 or u64, like you did for symbols in previous patch
> > >
> > > No, it's not possible here, as addrs are kernel addrs and not user space
> > > addrs, so user space has to explicitly pass 64-bit addresses on 64-bit
> > > kernels (or have a notion whether it is running on a 64-bit
> > > or 32-bit kernel, and form the passed array accordingly, which is against
> > > the idea of compat layer that tries to abstract it out).
> >
> > hum :-\ I'll need to check on compat layer.. there must
> > be some other code doing this already somewhere, right?
so the 32bit application running on 64bit kernel using libbpf won't
work at the moment, right? because it sees:
bpf_kprobe_multi_opts::addrs as its 'unsigned long'
which is 4 bytes and it needs to put there 64bits kernel addresses
if we force the libbpf interface to use u64, then we should be fine
>
> I am not familiar with all these compatibility thing. But if we
> have 64-bit pointer for **syms, maybe we could also have
> 64-bit pointer for *syms for consistency?
right, perhaps we could have one function to read both syms and addrs arrays
>
> > jirka
> >
> > >
> > > > we'll need to fix also bpf_kprobe_multi_cookie_swap because it assumes
> > > > 64bit user space pointers
if we have both addresses and cookies 64 then this should be ok
> > > >
> > > > would be gret if we could have selftest for this
let's add selftest for this
thanks,
jirka
Powered by blists - more mailing lists