lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <c9d5d930-f6d8-1f83-4d5d-3b175b86cc8a@iogearbox.net>
Date:   Tue, 26 Nov 2019 00:11:47 +0100
From:   Daniel Borkmann <daniel@...earbox.net>
To:     "Daniel T. Lee" <danieltimlee@...il.com>,
        Alexei Starovoitov <ast@...nel.org>
Cc:     netdev@...r.kernel.org, bpf@...r.kernel.org
Subject: Re: [PATCH,bpf-next 2/2] samples: bpf: fix syscall_tp due to unused
 syscall

On 11/23/19 6:51 AM, Daniel T. Lee wrote:
> Currently, open() is called from the user program and it calls the syscall
> 'sys_openat', not the 'sys_open'. This leads to an error of the program
> of user side, due to the fact that the counter maps are zero since no
> function such 'sys_open' is called.
> 
> This commit adds the kernel bpf program which are attached to the
> tracepoint 'sys_enter_openat' and 'sys_enter_openat'.
> 
> Signed-off-by: Daniel T. Lee <danieltimlee@...il.com>
> ---
>   samples/bpf/syscall_tp_kern.c | 14 ++++++++++++++
>   1 file changed, 14 insertions(+)
> 
> diff --git a/samples/bpf/syscall_tp_kern.c b/samples/bpf/syscall_tp_kern.c
> index 1d78819ffef1..4ea91b1d3e03 100644
> --- a/samples/bpf/syscall_tp_kern.c
> +++ b/samples/bpf/syscall_tp_kern.c
> @@ -51,9 +51,23 @@ int trace_enter_open(struct syscalls_enter_open_args *ctx)
>   	return 0;
>   }
>   
> +SEC("tracepoint/syscalls/sys_enter_openat")
> +int trace_enter_open_at(struct syscalls_enter_open_args *ctx)
> +{
> +	count((void *)&enter_open_map);

Nit: cast to void * not needed, same in below 3 locations.

> +	return 0;
> +}
> +
>   SEC("tracepoint/syscalls/sys_exit_open")
>   int trace_enter_exit(struct syscalls_exit_open_args *ctx)
>   {
>   	count((void *)&exit_open_map);
>   	return 0;
>   }
> +
> +SEC("tracepoint/syscalls/sys_exit_openat")
> +int trace_enter_exit_at(struct syscalls_exit_open_args *ctx)
> +{
> +	count((void *)&exit_open_map);
> +	return 0;
> +}
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ