| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aLdnq7EayjFVbGYp@google.com> Date: Tue, 2 Sep 2025 14:54:51 -0700 From: Namhyung Kim <namhyung@...nel.org> To: Ian Rogers <irogers@...gle.com> Cc: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...hat.com>, Arnaldo Carvalho de Melo <acme@...nel.org>, Mark Rutland <mark.rutland@....com>, Alexander Shishkin <alexander.shishkin@...ux.intel.com>, Jiri Olsa <jolsa@...nel.org>, Adrian Hunter <adrian.hunter@...el.com>, Kan Liang <kan.liang@...ux.intel.com>, Blake Jones <blakejones@...gle.com>, Zhongqiu Han <quic_zhonhan@...cinc.com>, Andrii Nakryiko <andrii@...nel.org>, Song Liu <songliubraving@...com>, Dave Marchevsky <davemarchevsky@...com>, linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org, bpf@...r.kernel.org, Howard Chu <howardchu95@...il.com>, song@...nel.org, Yonghong Song <yonghong.song@...ux.dev> Subject: Re: [PATCH v1 0/3] Fix use-after-free race in bpf_prog_info synthesis Hi Ian, On Tue, Sep 02, 2025 at 11:17:10AM -0700, Ian Rogers wrote: > The addition of more use of bpf_prog_info for gather BPF metadata in: > https://lore.kernel.org/all/20250612194939.162730-1-blakejones@google.com/ > and the ever richer perf trace testing, such as: > https://lore.kernel.org/all/20250528191148.89118-1-howardchu95@gmail.com/ > frequently triggered a latent perf bug in v6.17 when the perf and > libbpf updates came together. The bug would cause segvs and was reported here: > https://lore.kernel.org/lkml/CAP-5=fWJQcmUOP7MuCA2ihKnDAHUCOBLkQFEkQES-1ZZTrgf8Q@mail.gmail.com/ > > To fix the issue the 1st and 3rd patch are necessary. Both patches > address a race of either the sideband thread updating perf's state or > the kernel state changing over two system calls. Thanks a lot for the fix! > > The use-after-free was introduced by: > https://lore.kernel.org/r/20241205084500.823660-4-quic_zhonhan@quicinc.com > The lack of failing getting the bpf_prog_info for changes in the > kernel was introduced in: > https://lore.kernel.org/r/20211011082031.4148337-4-davemarchevsky@fb.com > > As v6.17 is currently actively segv-ing in perf test I'd recommend > these patches go into v6.17 asap. Sure, I'll add them to perf-tools tree. > > When running the perf tests on v6.17 I frequently see less critical > test failures addressed in: > https://lore.kernel.org/all/20250821221834.1312002-1-irogers@google.com/ Are they all from v6.17? > > Ian Rogers (3): > perf bpf-event: Fix use-after-free in synthesis > perf bpf-utils: Constify bpil_array_desc > perf bpf-utils: Harden get_bpf_prog_info_linear Reviewed-by: Namhyung Kim <namhyung@...nel.org> Thanks, Namhyung > > tools/perf/util/bpf-event.c | 39 ++++++++++++++++-------- > tools/perf/util/bpf-utils.c | 61 ++++++++++++++++++++++++------------- > 2 files changed, 66 insertions(+), 34 deletions(-) > > -- > 2.51.0.355.g5224444f11-goog >
Powered by blists - more mailing lists