lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 2 Mar 2020 08:35:17 -0800
From:   Yonghong Song <yhs@...com>
To:     Andrii Nakryiko <andriin@...com>, <bpf@...r.kernel.org>,
        <netdev@...r.kernel.org>, <ast@...com>, <daniel@...earbox.net>,
        <ethercflow@...il.com>
CC:     <andrii.nakryiko@...il.com>, <kernel-team@...com>
Subject: Re: [PATCH bpf-next 1/3] bpf: reliably preserve btf_trace_xxx types



On 3/1/20 12:10 AM, Andrii Nakryiko wrote:
> btf_trace_xxx types, crucial for tp_btf BPF programs (raw tracepoint with
> verifier-checked direct memory access), have to be preserved in kernel BTF to
> allow verifier do its job and enforce type/memory safety. It was reported
> ([0]) that for kernels built with Clang current type-casting approach doesn't
> preserve these types.
> 
> This patch fixes it by declaring an anonymous union for each registered
> tracepoint, capturing both struct bpf_raw_event_map information, as well as
> recording btf_trace_##call type reliably. Structurally, it's still the same
> content as for a plain struct bpf_raw_event_map, so no other changes are
> necessary.
> 
>    [0] https://github.com/iovisor/bcc/issues/2770#issuecomment-591007692
> 
> Fixes: e8c423fb31fa ("bpf: Add typecast to raw_tracepoints to help BTF generation")
> Reported-by: Wenbo Zhang <ethercflow@...il.com>
> Signed-off-by: Andrii Nakryiko <andriin@...com>

clang seems doing a little bit optimization here...
The change looks good. It is hard to have code to preserve the types in 
the header. union seems an acceptable way.

Acked-by: Yonghong Song <yhs@...com>

> ---
>   include/trace/bpf_probe.h | 18 +++++++++++-------
>   1 file changed, 11 insertions(+), 7 deletions(-)
> 
> diff --git a/include/trace/bpf_probe.h b/include/trace/bpf_probe.h
> index b04c29270973..1ce3be63add1 100644
> --- a/include/trace/bpf_probe.h
> +++ b/include/trace/bpf_probe.h
> @@ -75,13 +75,17 @@ static inline void bpf_test_probe_##call(void)				\
>   	check_trace_callback_type_##call(__bpf_trace_##template);	\
>   }									\
>   typedef void (*btf_trace_##call)(void *__data, proto);			\
> -static struct bpf_raw_event_map	__used					\
> -	__attribute__((section("__bpf_raw_tp_map")))			\
> -__bpf_trace_tp_map_##call = {						\
> -	.tp		= &__tracepoint_##call,				\
> -	.bpf_func	= (void *)(btf_trace_##call)__bpf_trace_##template,	\
> -	.num_args	= COUNT_ARGS(args),				\
> -	.writable_size	= size,						\
> +static union {								\
> +	struct bpf_raw_event_map event;					\
> +	btf_trace_##call handler;					\
> +} __bpf_trace_tp_map_##call __used					\
> +__attribute__((section("__bpf_raw_tp_map"))) = {			\
> +	.event = {							\
> +		.tp		= &__tracepoint_##call,			\
> +		.bpf_func	= __bpf_trace_##template,		\
> +		.num_args	= COUNT_ARGS(args),			\
> +		.writable_size	= size,					\
> +	},								\
>   };
>   
>   #define FIRST(x, ...) x
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ