lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 5 Jul 2022 23:41:30 -0700
From:   Yonghong Song <>
To:     Andrii Nakryiko <>,
        Christoph Hellwig <>,
        Alan Maguire <>
Cc:     Yixun Lan <>, Palmer Dabbelt <>,,
        Paul Walmsley <>,
        Albert Ou <>,
        Alexei Starovoitov <>,
        Daniel Borkmann <>,
        Andrii Nakryiko <>,
        Martin KaFai Lau <>,
        Song Liu <>,
        John Fastabend <>,
        KP Singh <>,
        open list <>,
        Networking <>, bpf <>
Subject: Re: [PATCH] RISC-V/bpf: Enable bpf_probe_read{, str}()

On 7/5/22 10:00 PM, Andrii Nakryiko wrote:
> On Sun, Jul 3, 2022 at 10:53 PM Christoph Hellwig <> wrote:
>> On Sun, Jul 03, 2022 at 09:09:24PM +0800, Yixun Lan wrote:
>>> Enable this option to fix a bcc error in RISC-V platform
>>> And, the error shows as follows:
>> These should not be enabled on new platforms.  Use the proper helpers
>> to probe kernel vs user pointers instead.
> riscv existed as of [0], so I'd argue it is a proper bug fix, as
> corresponding select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE should
> have been added back then.
> But I also agree that BCC tools should be updated to use proper
> bpf_probe_read_{kernel,user}[_str()] helpers, please contribute such
> fixes to BCC tools and BCC itself as well. Cc'ed Alan as his ksnoop in
> libbpf-tools seems to be using bpf_probe_read() as well and needs to
> be fixed.

Yixun, the bcc change looks like below:

--- a/src/cc/frontends/clang/
+++ b/src/cc/frontends/clang/
@@ -132,7 +132,7 @@ static std::string 
check_bpf_probe_read_user(llvm::StringRef probe,

      /* For arch with overlapping address space, dont use 
bpf_probe_read for
       * user read. Just error out */
-#if defined(__s390x__)
+#if defined(__s390x__) || defined(__riscv_)
      overlap_addr = true;
      return "";

Basically, prevent using bpf_probe_read() helper, so it will force user
to use bpf_probe_read_user() or bpf_probe_read_kernel(). and this should
make it work for old kernels.

>    [0] 0ebeea8ca8a4 ("bpf: Restrict bpf_probe_read{, str}() only to
> archs where they work")

Powered by blists - more mailing lists