| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Dec 2017 18:14:17 -0800
From: Alexei Starovoitov <ast@...com>
To: Masami Hiramatsu <mhiramat@...nel.org>,
Josef Bacik <josef@...icpanda.com>
CC: <rostedt@...dmis.org>, <mingo@...hat.com>, <davem@...emloft.net>,
<netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<ast@...nel.org>, <kernel-team@...com>, <daniel@...earbox.net>,
<linux-btrfs@...r.kernel.org>, <darrick.wong@...cle.com>,
Josef Bacik <jbacik@...com>
Subject: Re: [PATCH v10 1/5] add infrastructure for tagging functions as error
injectable
On 12/18/17 10:29 PM, Masami Hiramatsu wrote:
>>
>> +#if defined(__KERNEL__) && !defined(__ASSEMBLY__)
>> +#ifdef CONFIG_BPF_KPROBE_OVERRIDE
>
> BTW, CONFIG_BPF_KPROBE_OVERRIDE is also confusable name.
> Since this feature override a function to just return with
> some return value (as far as I understand, or would you
> also plan to modify execution path inside a function?),
> I think it should be better CONFIG_BPF_FUNCTION_OVERRIDE or
> CONFIG_BPF_EXECUTION_OVERRIDE.
I don't think such renaming makes sense.
The feature is overriding kprobe by changing how kprobe returns.
It doesn't override BPF_FUNCTION or BPF_EXECUTION.
The kernel enters and exists bpf program as normal.
> Indeed, BPF is based on kprobes, but it seems you are limiting it
> with ftrace (function-call trace) (I'm not sure the reason why),
> so using "kprobes" for this feature seems strange for me.
do you have an idea how kprobe override can happen when kprobe
placed in the middle of the function?
Please make your suggestion as patches based on top of bpf-next.
Thanks
Powered by blists - more mailing lists