lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <tencent_A0E82E0BEE925285F8156D540731DF805F05@qq.com>
Date:   Wed, 12 Apr 2023 16:16:24 +0800
From:   Rong Tao <rtoax@...mail.com>
To:     ast@...nel.org, rongtao@...tc.cn
Cc:     Daniel Borkmann <daniel@...earbox.net>,
        Andrii Nakryiko <andrii@...nel.org>,
        Martin KaFai Lau <martin.lau@...ux.dev>,
        Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
        John Fastabend <john.fastabend@...il.com>,
        KP Singh <kpsingh@...nel.org>,
        Stanislav Fomichev <sdf@...gle.com>,
        Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
        bpf@...r.kernel.org (open list:BPF [GENERAL] (Safe Dynamic Programs and
        Tools)), linux-kernel@...r.kernel.org (open list)
Subject: [PATCH bpf-next] samples/bpf: sampleip: Replace PAGE_OFFSET with _text address

From: Rong Tao <rongtao@...tc.cn>

Macro PAGE_OFFSET(0xffff880000000000) in sampleip_user.c is inaccurate,
for example, in aarch64 architecture, this value depends on the
CONFIG_ARM64_VA_BITS compilation configuration, this value defaults to 48,
the corresponding PAGE_OFFSET is 0xffff800000000000, if we use the value
defined in sampleip_user.c, then all KSYMs obtained by sampleip are (user)

Symbol error due to PAGE_OFFSET error:

    $ sudo ./sampleip 1
    Sampling at 99 Hertz for 1 seconds. Ctrl-C also ends.
    ADDR                KSYM                             COUNT
    0xffff80000810ceb8  (user)                           1
    0xffffb28ec880      (user)                           1
    0xffff8000080c82b8  (user)                           1
    0xffffb23fed24      (user)                           1
    0xffffb28944fc      (user)                           1
    0xffff8000084628bc  (user)                           1
    0xffffb2a935c0      (user)                           1
    0xffff80000844677c  (user)                           1
    0xffff80000857a3a4  (user)                           1
    ...

A few examples of addresses in the CONFIG_ARM64_VA_BITS=48 environment in
the aarch64 environment:

    $ sudo head /proc/kallsyms
    ffff8000080a0000 T _text
    ffff8000080b0000 t gic_handle_irq
    ffff8000080b0000 T _stext
    ffff8000080b0000 T __irqentry_text_start
    ffff8000080b00b0 t gic_handle_irq
    ffff8000080b0230 t gic_handle_irq
    ffff8000080b03b4 T __irqentry_text_end
    ffff8000080b03b8 T __softirqentry_text_start
    ffff8000080b03c0 T __do_softirq
    ffff8000080b0718 T __entry_text_start

We just need to replace the PAGE_OFFSET with the address _text in
/proc/kallsyms to solve this problem:

    $ sudo ./sampleip 1
    Sampling at 99 Hertz for 1 seconds. Ctrl-C also ends.
    ADDR                KSYM                             COUNT
    0xffffb2892ab0      (user)                           1
    0xffffb2b1edfc      (user)                           1
    0xffff800008462834  __arm64_sys_ppoll                1
    0xffff8000084b87f4  eventfd_read                     1
    0xffffb28e6788      (user)                           1
    0xffff8000081e96d8  rcu_all_qs                       1
    0xffffb2ada878      (user)                           1
    ...

Signed-off-by: Rong Tao <rongtao@...tc.cn>
---
 samples/bpf/sampleip_user.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/samples/bpf/sampleip_user.c b/samples/bpf/sampleip_user.c
index 921c505bb567..9283f47844fb 100644
--- a/samples/bpf/sampleip_user.c
+++ b/samples/bpf/sampleip_user.c
@@ -21,10 +21,10 @@
 #define DEFAULT_FREQ	99
 #define DEFAULT_SECS	5
 #define MAX_IPS		8192
-#define PAGE_OFFSET	0xffff880000000000
 
 static int map_fd;
 static int nr_cpus;
+static long _text_addr;
 
 static void usage(void)
 {
@@ -108,7 +108,7 @@ static void print_ip_map(int fd)
 	/* sort and print */
 	qsort(counts, max, sizeof(struct ipcount), count_cmp);
 	for (i = 0; i < max; i++) {
-		if (counts[i].ip > PAGE_OFFSET) {
+		if (counts[i].ip > _text_addr) {
 			sym = ksym_search(counts[i].ip);
 			if (!sym) {
 				printf("ksym not found. Is kallsyms loaded?\n");
@@ -169,6 +169,13 @@ int main(int argc, char **argv)
 		return 2;
 	}
 
+	/* used to determine whether the address is kernel space */
+	_text_addr = ksym_get_addr("_text");
+	if (!_text_addr) {
+		fprintf(stderr, "ERROR: no '_text' in /proc/kallsyms\n");
+		return 3;
+	}
+
 	/* create perf FDs for each CPU */
 	nr_cpus = sysconf(_SC_NPROCESSORS_ONLN);
 	links = calloc(nr_cpus, sizeof(struct bpf_link *));
-- 
2.31.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ