| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_A0E82E0BEE925285F8156D540731DF805F05@qq.com>
Date: Wed, 12 Apr 2023 16:16:24 +0800
From: Rong Tao <rtoax@...mail.com>
To: ast@...nel.org, rongtao@...tc.cn
Cc: Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <martin.lau@...ux.dev>,
Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...gle.com>,
Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
bpf@...r.kernel.org (open list:BPF [GENERAL] (Safe Dynamic Programs and
Tools)), linux-kernel@...r.kernel.org (open list)
Subject: [PATCH bpf-next] samples/bpf: sampleip: Replace PAGE_OFFSET with _text address
From: Rong Tao <rongtao@...tc.cn>
Macro PAGE_OFFSET(0xffff880000000000) in sampleip_user.c is inaccurate,
for example, in aarch64 architecture, this value depends on the
CONFIG_ARM64_VA_BITS compilation configuration, this value defaults to 48,
the corresponding PAGE_OFFSET is 0xffff800000000000, if we use the value
defined in sampleip_user.c, then all KSYMs obtained by sampleip are (user)
Symbol error due to PAGE_OFFSET error:
$ sudo ./sampleip 1
Sampling at 99 Hertz for 1 seconds. Ctrl-C also ends.
ADDR KSYM COUNT
0xffff80000810ceb8 (user) 1
0xffffb28ec880 (user) 1
0xffff8000080c82b8 (user) 1
0xffffb23fed24 (user) 1
0xffffb28944fc (user) 1
0xffff8000084628bc (user) 1
0xffffb2a935c0 (user) 1
0xffff80000844677c (user) 1
0xffff80000857a3a4 (user) 1
...
A few examples of addresses in the CONFIG_ARM64_VA_BITS=48 environment in
the aarch64 environment:
$ sudo head /proc/kallsyms
ffff8000080a0000 T _text
ffff8000080b0000 t gic_handle_irq
ffff8000080b0000 T _stext
ffff8000080b0000 T __irqentry_text_start
ffff8000080b00b0 t gic_handle_irq
ffff8000080b0230 t gic_handle_irq
ffff8000080b03b4 T __irqentry_text_end
ffff8000080b03b8 T __softirqentry_text_start
ffff8000080b03c0 T __do_softirq
ffff8000080b0718 T __entry_text_start
We just need to replace the PAGE_OFFSET with the address _text in
/proc/kallsyms to solve this problem:
$ sudo ./sampleip 1
Sampling at 99 Hertz for 1 seconds. Ctrl-C also ends.
ADDR KSYM COUNT
0xffffb2892ab0 (user) 1
0xffffb2b1edfc (user) 1
0xffff800008462834 __arm64_sys_ppoll 1
0xffff8000084b87f4 eventfd_read 1
0xffffb28e6788 (user) 1
0xffff8000081e96d8 rcu_all_qs 1
0xffffb2ada878 (user) 1
...
Signed-off-by: Rong Tao <rongtao@...tc.cn>
---
samples/bpf/sampleip_user.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/samples/bpf/sampleip_user.c b/samples/bpf/sampleip_user.c
index 921c505bb567..9283f47844fb 100644
--- a/samples/bpf/sampleip_user.c
+++ b/samples/bpf/sampleip_user.c
@@ -21,10 +21,10 @@
#define DEFAULT_FREQ 99
#define DEFAULT_SECS 5
#define MAX_IPS 8192
-#define PAGE_OFFSET 0xffff880000000000
static int map_fd;
static int nr_cpus;
+static long _text_addr;
static void usage(void)
{
@@ -108,7 +108,7 @@ static void print_ip_map(int fd)
/* sort and print */
qsort(counts, max, sizeof(struct ipcount), count_cmp);
for (i = 0; i < max; i++) {
- if (counts[i].ip > PAGE_OFFSET) {
+ if (counts[i].ip > _text_addr) {
sym = ksym_search(counts[i].ip);
if (!sym) {
printf("ksym not found. Is kallsyms loaded?\n");
@@ -169,6 +169,13 @@ int main(int argc, char **argv)
return 2;
}
+ /* used to determine whether the address is kernel space */
+ _text_addr = ksym_get_addr("_text");
+ if (!_text_addr) {
+ fprintf(stderr, "ERROR: no '_text' in /proc/kallsyms\n");
+ return 3;
+ }
+
/* create perf FDs for each CPU */
nr_cpus = sysconf(_SC_NPROCESSORS_ONLN);
links = calloc(nr_cpus, sizeof(struct bpf_link *));
--
2.31.1
Powered by blists - more mailing lists