| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <175197568917.977073.2201559708302320631.stgit@mhiramat.tok.corp.google.com>
Date: Tue, 8 Jul 2025 20:54:49 +0900
From: "Masami Hiramatsu (Google)" <mhiramat@...nel.org>
To: Steven Rostedt <rostedt@...dmis.org>,
Masami Hiramatsu <mhiramat@...nel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
linux-kernel@...r.kernel.org,
linux-trace-kernel@...r.kernel.org
Subject: [PATCH 1/2] tracing: Remove "__attribute__()" from the type field of event format
From: Masami Hiramatsu (Google) <mhiramat@...nel.org>
With CONFIG_DEBUG_INFO_BTF=y and PAHOLE_HAS_BTF_TAG=y, `__user` is
converted to `__attribute__((btf_type_tag("user")))`. In this case,
some syscall events have it for __user data, like below;
/sys/kernel/tracing # cat events/syscalls/sys_enter_openat/format
name: sys_enter_openat
ID: 720
format:
field:unsigned short common_type; offset:0; size:2; signed:0;
field:unsigned char common_flags; offset:2; size:1; signed:0;
field:unsigned char common_preempt_count; offset:3; size:1; signed:0;
field:int common_pid; offset:4; size:4; signed:1;
field:int __syscall_nr; offset:8; size:4; signed:1;
field:int dfd; offset:16; size:8; signed:0;
field:const char __attribute__((btf_type_tag("user"))) * filename; offset:24; size:8; signed:0;
field:int flags; offset:32; size:8; signed:0;
field:umode_t mode; offset:40; size:8; signed:0;
Then the trace event filter fails to set the string acceptable flag
(FILTER_PTR_STRING) to the field and rejects setting string filter;
# echo 'filename.ustring ~ "*ftracetest-dir.wbx24v*"' \
>> events/syscalls/sys_enter_openat/filter
sh: write error: Invalid argument
# cat error_log
[ 723.743637] event filter parse error: error: Expecting numeric field
Command: filename.ustring ~ "*ftracetest-dir.wbx24v*"
Since this __attribute__ makes format parsing complicated and not
needed, remove the __attribute__(.*) from the type string.
Signed-off-by: Masami Hiramatsu (Google) <mhiramat@...nel.org>
---
kernel/trace/trace_events.c | 44 ++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 43 insertions(+), 1 deletion(-)
diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c
index 120531268abf..2f950aceb783 100644
--- a/kernel/trace/trace_events.c
+++ b/kernel/trace/trace_events.c
@@ -112,18 +112,59 @@ trace_find_event_field(struct trace_event_call *call, char *name)
return __find_event_field(&ftrace_common_fields, name);
}
-static int __trace_define_field(struct list_head *head, const char *type,
+#define ATTRIBUTE_STR "__attribute__"
+
+/* Remove all __attribute__() from type */
+static void sanitize_field_type(char *type)
+{
+ static const int attr_len = strlen(ATTRIBUTE_STR);
+ char *attr, *tmp, *next;
+ int depth;
+
+ next = type;
+ while ((attr = strstr(next, ATTRIBUTE_STR))) {
+ next = attr + attr_len;
+
+ /* Retry if __attribute__ is a part of type name. */
+ if ((attr != type && !isspace(attr[-1])) ||
+ attr[attr_len] != '(')
+ continue;
+
+ depth = 0;
+ while ((tmp = strpbrk(next, "()"))) {
+ if (*tmp == '(')
+ depth++;
+ else
+ depth--;
+ next = tmp + 1;
+ if (depth == 0)
+ break;
+ }
+ next = skip_spaces(next);
+ strcpy(attr, next);
+ }
+}
+
+static int __trace_define_field(struct list_head *head, const char *__type,
const char *name, int offset, int size,
int is_signed, int filter_type, int len,
int need_test)
{
struct ftrace_event_field *field;
+ char *type;
field = kmem_cache_alloc(field_cachep, GFP_TRACE);
if (!field)
return -ENOMEM;
field->name = name;
+
+ type = kstrdup(__type, GFP_KERNEL);
+ if (!type) {
+ kfree(field);
+ return -ENOMEM;
+ }
+ sanitize_field_type(type);
field->type = type;
if (filter_type == FILTER_OTHER)
@@ -225,6 +266,7 @@ static void trace_destroy_fields(struct trace_event_call *call)
head = trace_get_fields(call);
list_for_each_entry_safe(field, next, head, link) {
list_del(&field->link);
+ kfree(field->type);
kmem_cache_free(field_cachep, field);
}
}
Powered by blists - more mailing lists