| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 03 Jan 2023 13:05:42 +0100
From: Björn Töpel <bjorn@...nel.org>
To: Pu Lehui <pulehui@...weicloud.com>,
Xu Kuohai <xukuohai@...wei.com>, bpf@...r.kernel.org,
linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org
Cc: Luke Nelson <luke.r.nels@...il.com>, Xi Wang <xi.wang@...il.com>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <martin.lau@...ux.dev>,
Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...gle.com>,
Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
Paul Walmsley <paul.walmsley@...ive.com>,
Palmer Dabbelt <palmer@...belt.com>,
Albert Ou <aou@...s.berkeley.edu>,
Pu Lehui <pulehui@...wei.com>
Subject: Re: [RFC PATCH RESEND bpf-next 1/4] bpf: Rollback to text_poke when
arch not supported ftrace direct call
Pu Lehui <pulehui@...weicloud.com> writes:
> On 2022/12/20 10:32, Xu Kuohai wrote:
>> On 12/20/2022 10:13 AM, Pu Lehui wrote:
>>> From: Pu Lehui <pulehui@...wei.com>
>>>
>>> The current bpf trampoline attach to kernel functions via ftrace direct
>>> call API, while text_poke is applied for bpf2bpf attach and tail call
>>> optimization. For architectures that do not support ftrace direct call,
>>> text_poke is still able to attach bpf trampoline to kernel functions.
>>> Let's relax it by rollback to text_poke when architecture not supported.
>>>
>>> Signed-off-by: Pu Lehui <pulehui@...wei.com>
>>> ---
>>> kernel/bpf/trampoline.c | 8 ++------
>>> 1 file changed, 2 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/kernel/bpf/trampoline.c b/kernel/bpf/trampoline.c
>>> index d6395215b849..386197a7952c 100644
>>> --- a/kernel/bpf/trampoline.c
>>> +++ b/kernel/bpf/trampoline.c
>>> @@ -228,15 +228,11 @@ static int modify_fentry(struct bpf_trampoline
>>> *tr, void *old_addr, void *new_ad
>>> static int register_fentry(struct bpf_trampoline *tr, void *new_addr)
>>> {
>>> void *ip = tr->func.addr;
>>> - unsigned long faddr;
>>> int ret;
>>> - faddr = ftrace_location((unsigned long)ip);
>>> - if (faddr) {
>>> - if (!tr->fops)
>>> - return -ENOTSUPP;
>>> + if (IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS) &&
>>> + !!ftrace_location((unsigned long)ip))
>>> tr->func.ftrace_managed = true;
>>> - }
>>>
>>
>> After this patch, a kernel function with true trace_location will be
>> patched
>> by bpf when CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS is disabled, which
>> means
>> that a kernel function may be patched by both bpf and ftrace in a mutually
>> unaware way. This will cause ftrace and bpf_arch_text_poke to fail in a
>> somewhat random way if the function to be patched was already patched
>> by the other.
>
> Thanks for your review. And yes, this is a backward compatible solution
> for architectures that not support DYNAMIC_FTRACE_WITH_DIRECT_CALLS.
It's not "backward compatible". Reiterating what Kuohai said; The BPF
trampoline must be aware of ftrace's state -- with this patch, the
trampoline can't blindly poke the text managed my ftrace.
I'd recommend to remove this patch from the series.
Björn
Powered by blists - more mailing lists