lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAEf4BzZv55t8jzUupK1_cMk9M46AHXiFc7KWO5y64upfkLc6Eg@mail.gmail.com>
Date: Fri, 6 Sep 2024 18:14:39 -0700
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Philo Lu <lulie@...ux.alibaba.com>
Cc: bpf@...r.kernel.org, edumazet@...gle.com, rostedt@...dmis.org, 
	mhiramat@...nel.org, mathieu.desnoyers@...icios.com, martin.lau@...ux.dev, 
	ast@...nel.org, daniel@...earbox.net, andrii@...nel.org, eddyz87@...il.com, 
	song@...nel.org, yonghong.song@...ux.dev, john.fastabend@...il.com, 
	kpsingh@...nel.org, sdf@...ichev.me, haoluo@...gle.com, jolsa@...nel.org, 
	davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com, mykolal@...com, 
	shuah@...nel.org, mcoquelin.stm32@...il.com, alexandre.torgue@...s.st.com, 
	thinker.li@...il.com, juntong.deng@...look.com, jrife@...gle.com, 
	alan.maguire@...cle.com, davemarchevsky@...com, dxu@...uu.xyz, 
	vmalik@...hat.com, cupertino.miranda@...cle.com, mattbobrowski@...gle.com, 
	xuanzhuo@...ux.alibaba.com, netdev@...r.kernel.org, 
	linux-trace-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v2 1/5] bpf: Support __nullable argument suffix
 for tp_btf

On Thu, Sep 5, 2024 at 12:56 AM Philo Lu <lulie@...ux.alibaba.com> wrote:
>
> Pointers passed to tp_btf were trusted to be valid, but some tracepoints
> do take NULL pointer as input, such as trace_tcp_send_reset(). Then the
> invalid memory access cannot be detected by verifier.
>
> This patch fix it by add a suffix "__nullable" to the unreliable
> argument. The suffix is shown in btf, and PTR_MAYBE_NULL will be added
> to nullable arguments. Then users must check the pointer before use it.
>
> A problem here is that we use "btf_trace_##call" to search func_proto.
> As it is a typedef, argument names as well as the suffix are not
> recorded. To solve this, I use bpf_raw_event_map to find
> "__bpf_trace##template" from "btf_trace_##call", and then we can see the
> suffix.

BTW, just curious, is it a pure coincidence that I solved the same
problem in retsnoop with the same approach (see extensive comment in
[0]) about 2 weeks ago, or retsnoop's approach was an inspiration
here?

  [0] https://github.com/anakryiko/retsnoop/commit/7b253fc55b51d447e5ea91d99f60d9c34934f799

>
> Suggested-by: Alexei Starovoitov <ast@...nel.org>
> Signed-off-by: Philo Lu <lulie@...ux.alibaba.com>
> ---
>  kernel/bpf/btf.c      | 13 +++++++++++++
>  kernel/bpf/verifier.c | 36 +++++++++++++++++++++++++++++++++---
>  2 files changed, 46 insertions(+), 3 deletions(-)
>

[...]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ