| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230417154737.12740-1-laoar.shao@gmail.com>
Date: Mon, 17 Apr 2023 15:47:31 +0000
From: Yafang Shao <laoar.shao@...il.com>
To: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
kafai@...com, songliubraving@...com, yhs@...com,
john.fastabend@...il.com, kpsingh@...nel.org, sdf@...gle.com,
haoluo@...gle.com, jolsa@...nel.org, rostedt@...dmis.org,
mhiramat@...nel.org
Cc: bpf@...r.kernel.org, linux-trace-kernel@...r.kernel.org,
linux-kernel@...r.kernel.org, Yafang Shao <laoar.shao@...il.com>
Subject: [PATCH bpf-next 0/6] bpf: Tracing recursion prevention mechanism improvement
Currently we use prog->active to prevent tracing recursion, but it has
some downsides,
- It can't identify different contexts
That said, if a process context is interrupted by a irq context and
the irq context runs the same code path, it will be considered as
recursion. For example,
normal:
this_cpu_inc_return(*(prog->active)) == 1 <- OK
irq:
this_cpu_inc_return(*(prog->active)) == 1 <- FAIL!
[ Considered as recusion ]
- It has to maintain a percpu area
A percpu area will be allocated for each prog when the prog is loaded
and be freed when the prog is destroyed.
Let's replace it with the generic tracing recursion prevention mechanism,
which can work fine with anything. In the above example, the irq context
won't be considered as recursion again,
normal:
test_recursion_try_acquire() <- OK
softirq:
test_recursion_try_acquire() <- OK
irq:
test_recursion_try_acquire() <- OK
Note that, currently one single recursion in process context is allowed
due to the TRACE_CTX_TRANSITION workaround, which can be fixed in the
future. That said, below behavior is expected currently,
normal:
test_recursion_try_acquire() <- OK
[ recursion happens ] <- one single recursion is allowed
test_recursion_try_acquire() <- OK
[ recursion happens ]
test_recursion_try_acquire() <- RECURSION!
To adapt to this behavior, the bpf recursion selftest is changed.
Steven Rostedt (Google) (1):
tracing: Add generic test_recursion_try_acquire()
Yafang Shao (5):
bpf: Add __rcu_read_{lock,unlock} into btf id deny list
tracing: Add the comment for allowing one single recursion in process
context
selftests/bpf: Allow one single recursion in fentry recursion test
bpf: Improve tracing recursion prevention mechanism
bpf: Remove some denied functions from the btf id deny list
include/linux/bpf.h | 2 +-
include/linux/trace_recursion.h | 49 ++++++++++++++++------
kernel/bpf/core.c | 10 -----
kernel/bpf/trampoline.c | 44 ++++++++++++++-----
kernel/bpf/verifier.c | 10 ++---
kernel/trace/bpf_trace.c | 12 +++---
kernel/trace/ftrace.c | 2 +
tools/testing/selftests/bpf/prog_tests/recursion.c | 7 +++-
tools/testing/selftests/bpf/test_progs.h | 19 +++++++++
9 files changed, 107 insertions(+), 48 deletions(-)
--
1.8.3.1
Powered by blists - more mailing lists