| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEf4BzYXy7GOnFwPWA+-Vn9oOSJ7m--KMBBsZPw8-tx=0rbAdA@mail.gmail.com> Date: Tue, 15 Jul 2025 10:11:05 -0700 From: Andrii Nakryiko <andrii.nakryiko@...il.com> To: Menglong Dong <menglong.dong@...ux.dev> Cc: Menglong Dong <menglong8.dong@...il.com>, alexei.starovoitov@...il.com, rostedt@...dmis.org, jolsa@...nel.org, bpf@...r.kernel.org, Menglong Dong <dongml2@...natelecom.cn>, John Fastabend <john.fastabend@...il.com>, Martin KaFai Lau <martin.lau@...ux.dev>, Eduard Zingerman <eddyz87@...il.com>, Song Liu <song@...nel.org>, Yonghong Song <yonghong.song@...ux.dev>, KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>, Simon Horman <horms@...nel.org>, linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [PATCH bpf-next v2 06/18] bpf: tracing: add support to record and check the accessed args On Mon, Jul 14, 2025 at 4:45 PM Menglong Dong <menglong.dong@...ux.dev> wrote: > > > On 2025/7/15 06:07, Andrii Nakryiko wrote: > > On Thu, Jul 3, 2025 at 5:20 AM Menglong Dong <menglong8.dong@...il.com> wrote: > >> In this commit, we add the 'accessed_args' field to struct bpf_prog_aux, > >> which is used to record the accessed index of the function args in > >> btf_ctx_access(). > > Do we need to bother giving access to arguments through direct ctx[i] > > access for these multi-fentry/fexit programs? We have > > bpf_get_func_arg_cnt() and bpf_get_func_arg() which can be used to get > > any given argument at runtime. > > > Hi Andrii. This commit is not for that purpose. We remember all the accessed > args to bpf_prog_aux->accessed_args. And when we attach the tracing-multi > prog to the kernel functions, we will check if the accessed arguments are > consistent between all the target functions. > > The bpf_prog_aux->accessed_args will be used in > https://lore.kernel.org/bpf/20250703121521.1874196-12-dongml2@chinatelecom.cn/ > > in bpf_tracing_check_multi() to do such checking. > > With such checking, the target functions don't need to have > the same prototype, which makes tracing-multi more flexible. Yeah, and my point is why even track this at verifier level. If we don't allow direct ctx[i] access and only access arguments through bpf_get_func_arg(), we can check actual number of arguments at runtime and if program is trying to access something that's not there, we'll just return error code, so user can handle this generically. I'm just not sure if there is a need to do anything more than that. > > Thanks! > Menglong Dong > > > > > >> Meanwhile, we add the function btf_check_func_part_match() to compare the > >> accessed function args of two function prototype. This function will be > >> used in the following commit. > >> > >> Signed-off-by: Menglong Dong <dongml2@...natelecom.cn> > >> --- > >> include/linux/bpf.h | 4 ++ > >> include/linux/btf.h | 3 +- > >> kernel/bpf/btf.c | 108 +++++++++++++++++++++++++++++++++++++++++- > >> net/sched/bpf_qdisc.c | 2 +- > >> 4 files changed, 113 insertions(+), 4 deletions(-) > >> > > [...] > >
Powered by blists - more mailing lists