lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <151557939382.6629.18074658376309258555.stgit@devbox>
Date:   Wed, 10 Jan 2018 19:16:34 +0900
From:   Masami Hiramatsu <mhiramat@...nel.org>
To:     Alexei Starovoitov <ast@...com>, Josef Bacik <jbacik@...com>
Cc:     rostedt@...dmis.org, mingo@...hat.com, davem@...emloft.net,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        ast@...nel.org, kernel-team@...com, daniel@...earbox.net,
        linux-btrfs@...r.kernel.org, darrick.wong@...cle.com,
        mhiramat@...nel.org, Josef Bacik <josef@...icpanda.com>,
        Akinobu Mita <akinobu.mita@...il.com>
Subject: [PATCH bpf-next v3 0/5] Separate error injection table from kprobes

Hi,

Here are the 3rd version of patches to moving error injection
table from kprobes. This series includes some fixes and error
type descriptions which we discussed in the previous thread.

Here is the previous version:

https://lkml.org/lkml/2017/12/26/26

There are 2 main reasons why I separate it from kprobes.

 - kprobes users can modify execution path not only at 
   error-injection whitelist functions but also other
   functions.

 - This error injection information is also useful for
   ftrace (function-hook) and livepatch. It should not
   be limited by CONFIG_KPROBES.

So I introduced CONFIG_FUNCTION_ERROR_INJECTION for this feature.

Unfortunately currently CONFIG_FUNCTION_ERROR_INJECTION depends on
CONFIG_KPROBES because of arch_deref_entry_point(), which should
be provided by asm/types.h as ppc64 and ia64 do or kallsyms
subsystem. Anyway, since that is another story, I will make
another series to fix it.

For [1/5], I tested it by test_override_return.sh on the
kernel with CONFIG_DYNAMIC_FTRACE=n, and succeeded as below.
(actually I'v found some bugs and fixed, thanks Alexei!)

  ======
  # LANG=C ./test_override_return.sh 
  1+0 records in
  1+0 records out
  1048576 bytes (1.0 MB, 1.0 MiB) copied, 0.00200037 s, 524 MB/s
  btrfs-progs v4.9.1
  See http://btrfs.wiki.kernel.org for more information.

  Performing full device TRIM /dev/loop1 (1001.00MiB) ...
  Label:              (null)
  UUID:               02635ea7-f6d1-4ee8-a677-4354a38f6930
  Node size:          16384
  Sector size:        4096
  Filesystem size:    1001.00MiB
  Block group profiles:
    Data:             single            8.00MiB
    Metadata:         DUP              50.00MiB
    System:           DUP               8.00MiB
  SSD detected:       no
  Incompat features:  extref, skinny-metadata
  Number of devices:  1
  Devices:
     ID        SIZE  PATH
      1  1001.00MiB  /dev/loop1

  mount: /opt/samples/bpf/tmpmnt: mount(2) system call failed: Cannot allocate memory.
  SUCCESS!
  ======

I've removed RFC from this series, but actually, [4/5] and [5/5]
will be need more discussion. So please feel free to merge
[1/5] to [3/5] separately.

[4/5] introduces error return types for describing what error
values the function callers must expect.
For the purpose of error injection test is to find out hidden
problems which caller doesn't handle errors correctly. So if the
caller is programmed correctly, even if we inject an error, it
continues to work as expected. However, if we inject a succeed
return value even though the callee doesn't do anything, the
caller does wrong processing (and end up with kernel panic, or
even worse data corruption). That is not what we want to do
with error injection.
[5/5] introduces function-based error injection interface via
debugfs, which can cause "success injection", So I coupled it
with [4/5] to ensure the expected error types for the target
function.

Changes in v3:
 - [1/5] Move arch_ftrace_kprobe_override_function() to core.c
      to remove CONFIG_KPROBE_ON_FTRACE dependency, and fix a
      bug in trace_kprobe_on_func_entry().
 - [3/5] Fix a build error and typos, separate CONFIG_MODULES
      dependent code, add CONFIG_KPROBES dependency, and call
      error-injection init function in late_initcall stage.
 - [4/5] Newly added
 - [5/5] Check and adjust error value for each target function
         and add more documents and example.

Thank you,

---

Masami Hiramatsu (5):
      tracing/kprobe: bpf: Check error injectable event is on function entry
      tracing/kprobe: bpf: Compare instruction pointer with original one
      error-injection: Separate error-injection from kprobe
      error-injection: Add injectable error types
      error-injection: Support fault injection framework


 Documentation/fault-injection/fault-injection.txt |   62 +++++
 arch/Kconfig                                      |    2 
 arch/x86/Kconfig                                  |    2 
 arch/x86/include/asm/error-injection.h            |   13 +
 arch/x86/include/asm/kprobes.h                    |    4 
 arch/x86/kernel/kprobes/ftrace.c                  |   14 -
 arch/x86/lib/Makefile                             |    1 
 arch/x86/lib/error-inject.c                       |   19 ++
 fs/btrfs/disk-io.c                                |    2 
 fs/btrfs/free-space-cache.c                       |    2 
 include/asm-generic/error-injection.h             |   35 +++
 include/asm-generic/vmlinux.lds.h                 |   14 +
 include/linux/bpf.h                               |   12 -
 include/linux/error-injection.h                   |   27 ++
 include/linux/kprobes.h                           |    1 
 include/linux/module.h                            |    7 -
 kernel/Makefile                                   |    1 
 kernel/fail_function.c                            |  217 +++++++++++++++++++
 kernel/kprobes.c                                  |  163 --------------
 kernel/module.c                                   |    8 -
 kernel/trace/Kconfig                              |    4 
 kernel/trace/bpf_trace.c                          |    9 -
 kernel/trace/trace_kprobe.c                       |   33 +--
 kernel/trace/trace_probe.h                        |   12 +
 lib/Kconfig.debug                                 |   14 +
 lib/Makefile                                      |    1 
 lib/error-inject.c                                |  242 +++++++++++++++++++++
 27 files changed, 679 insertions(+), 242 deletions(-)
 create mode 100644 arch/x86/include/asm/error-injection.h
 create mode 100644 arch/x86/lib/error-inject.c
 create mode 100644 include/asm-generic/error-injection.h
 create mode 100644 include/linux/error-injection.h
 create mode 100644 kernel/fail_function.c
 create mode 100644 lib/error-inject.c

--
Masami Hiramatsu (Linaro)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ