* probe_write_common_error @ 2020-03-31 16:16 Gilad Reti 2020-04-01 23:28 ` probe_write_common_error Alexei Starovoitov 0 siblings, 1 reply; 5+ messages in thread From: Gilad Reti @ 2020-03-31 16:16 UTC (permalink / raw) To: bpf When I try to probe_write_common into a writable location (e.g a memory address on a usermode stack) which is not yet mapped or mapped as read only to the memory, the function sometimes return a EFAULT (bad address) error. This is happening since the pagefault handler was disabled and thus this memory location won't be mapped when the function tries to write into it, an error will be returned and no data will be written. Is that behavior intended? Did you want those functions to have as less side-effects are possible? ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: probe_write_common_error 2020-03-31 16:16 probe_write_common_error Gilad Reti @ 2020-04-01 23:28 ` Alexei Starovoitov [not found] ` <CANaYP3GgpWKpiW-ATQ6UYLwNWJ3EqBKf-6d8Ki4xWXHVBOGvQw@mail.gmail.com> 0 siblings, 1 reply; 5+ messages in thread From: Alexei Starovoitov @ 2020-04-01 23:28 UTC (permalink / raw) To: Gilad Reti; +Cc: bpf On Tue, Mar 31, 2020 at 07:16:28PM +0300, Gilad Reti wrote: > When I try to probe_write_common into a writable location (e.g a > memory address on a usermode stack) which is not yet mapped or mapped > as read only to the memory, the function sometimes return a EFAULT > (bad address) error. This is happening since the pagefault handler was > disabled and thus this memory location won't be mapped when the > function tries to write into it, an error will be returned and no data > will be written. > Is that behavior intended? Did you want those functions to have as > less side-effects are possible? You mean bpf_probe_write_user() helper? Yes it's a non-faulting helper that will fail if prog is trying to write into a valid memory that could have been served with minor fault. The main reason for this is that bpf progs are not allowed to sleep. We're working on sleepable bpf progs that will be able to do copy_from/to_user from the context where it is safe to sleep. Like syscall entry. Could you please share more about your use case, so we can make sure that it will be covered by upcoming work? ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <CANaYP3GgpWKpiW-ATQ6UYLwNWJ3EqBKf-6d8Ki4xWXHVBOGvQw@mail.gmail.com>]
* Re: probe_write_common_error [not found] ` <CANaYP3GgpWKpiW-ATQ6UYLwNWJ3EqBKf-6d8Ki4xWXHVBOGvQw@mail.gmail.com> @ 2020-04-02 15:37 ` Alexei Starovoitov 2020-04-02 16:16 ` probe_write_common_error Gilad Reti 0 siblings, 1 reply; 5+ messages in thread From: Alexei Starovoitov @ 2020-04-02 15:37 UTC (permalink / raw) To: Gilad Reti, bpf re-added mailing list back. pls don't remove it from cc. On Thu, Apr 2, 2020 at 1:05 AM Gilad Reti <gilad.reti@gmail.com> wrote: > > On Thu, Apr 2, 2020 at 2:28 AM Alexei Starovoitov > <alexei.starovoitov@gmail.com> wrote: > > > > On Tue, Mar 31, 2020 at 07:16:28PM +0300, Gilad Reti wrote: > > > When I try to probe_write_common into a writable location (e.g a > > > memory address on a usermode stack) which is not yet mapped or mapped > > > as read only to the memory, the function sometimes return a EFAULT > > > (bad address) error. This is happening since the pagefault handler was > > > disabled and thus this memory location won't be mapped when the > > > function tries to write into it, an error will be returned and no data > > > will be written. > > > Is that behavior intended? Did you want those functions to have as > > > less side-effects are possible? > > > > You mean bpf_probe_write_user() helper? > Well yes, but it calls probe_write_common which disables the pagefault > handler so I asked about it. > > Yes it's a non-faulting helper that will fail if prog is trying to > > write into a valid memory that could have been served with minor fault. > > The main reason for this is that bpf progs are not allowed to sleep. > > We're working on sleepable bpf progs that will be able to do copy_from/to_user > > from the context where it is safe to sleep. Like syscall entry. > Thanks! > > Could you please share more about your use case, so we can make sure > > that it will be covered by upcoming work? > Sure. I was playing with modifying kprobed syscall parameters (for > example, changing the path of an openat syscall etc). yes, but what is the use case? Why do you want to modify path of openat syscall? ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: probe_write_common_error 2020-04-02 15:37 ` probe_write_common_error Alexei Starovoitov @ 2020-04-02 16:16 ` Gilad Reti 2020-04-21 18:54 ` probe_write_common_error John Fastabend 0 siblings, 1 reply; 5+ messages in thread From: Gilad Reti @ 2020-04-02 16:16 UTC (permalink / raw) To: Alexei Starovoitov; +Cc: bpf On Thu, Apr 2, 2020 at 6:38 PM Alexei Starovoitov <alexei.starovoitov@gmail.com> wrote: > > re-added mailing list back. pls don't remove it from cc. Sorry, this wasn't on purpose. > > On Thu, Apr 2, 2020 at 1:05 AM Gilad Reti <gilad.reti@gmail.com> wrote: > > > > On Thu, Apr 2, 2020 at 2:28 AM Alexei Starovoitov > > <alexei.starovoitov@gmail.com> wrote: > > > > > > On Tue, Mar 31, 2020 at 07:16:28PM +0300, Gilad Reti wrote: > > > > When I try to probe_write_common into a writable location (e.g a > > > > memory address on a usermode stack) which is not yet mapped or mapped > > > > as read only to the memory, the function sometimes return a EFAULT > > > > (bad address) error. This is happening since the pagefault handler was > > > > disabled and thus this memory location won't be mapped when the > > > > function tries to write into it, an error will be returned and no data > > > > will be written. > > > > Is that behavior intended? Did you want those functions to have as > > > > less side-effects are possible? > > > > > > You mean bpf_probe_write_user() helper? > > Well yes, but it calls probe_write_common which disables the pagefault > > handler so I asked about it. > > > Yes it's a non-faulting helper that will fail if prog is trying to > > > write into a valid memory that could have been served with minor fault. > > > The main reason for this is that bpf progs are not allowed to sleep. > > > We're working on sleepable bpf progs that will be able to do copy_from/to_user > > > from the context where it is safe to sleep. Like syscall entry. > > Thanks! > > > Could you please share more about your use case, so we can make sure > > > that it will be covered by upcoming work? > > Sure. I was playing with modifying kprobed syscall parameters (for > > example, changing the path of an openat syscall etc). > > yes, but what is the use case? > Why do you want to modify path of openat syscall? I had no specific use case. I have seen that eBPF can modify usermode memory and wanted to experiment with that... ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: probe_write_common_error 2020-04-02 16:16 ` probe_write_common_error Gilad Reti @ 2020-04-21 18:54 ` John Fastabend 0 siblings, 0 replies; 5+ messages in thread From: John Fastabend @ 2020-04-21 18:54 UTC (permalink / raw) To: Gilad Reti, Alexei Starovoitov; +Cc: bpf Gilad Reti wrote: > On Thu, Apr 2, 2020 at 6:38 PM Alexei Starovoitov > <alexei.starovoitov@gmail.com> wrote: > > > > re-added mailing list back. pls don't remove it from cc. > Sorry, this wasn't on purpose. > > > > On Thu, Apr 2, 2020 at 1:05 AM Gilad Reti <gilad.reti@gmail.com> wrote: > > > > > > On Thu, Apr 2, 2020 at 2:28 AM Alexei Starovoitov > > > <alexei.starovoitov@gmail.com> wrote: > > > > > > > > On Tue, Mar 31, 2020 at 07:16:28PM +0300, Gilad Reti wrote: > > > > > When I try to probe_write_common into a writable location (e.g a > > > > > memory address on a usermode stack) which is not yet mapped or mapped > > > > > as read only to the memory, the function sometimes return a EFAULT > > > > > (bad address) error. This is happening since the pagefault handler was > > > > > disabled and thus this memory location won't be mapped when the > > > > > function tries to write into it, an error will be returned and no data > > > > > will be written. > > > > > Is that behavior intended? Did you want those functions to have as > > > > > less side-effects are possible? > > > > > > > > You mean bpf_probe_write_user() helper? > > > Well yes, but it calls probe_write_common which disables the pagefault > > > handler so I asked about it. > > > > Yes it's a non-faulting helper that will fail if prog is trying to > > > > write into a valid memory that could have been served with minor fault. > > > > The main reason for this is that bpf progs are not allowed to sleep. > > > > We're working on sleepable bpf progs that will be able to do copy_from/to_user > > > > from the context where it is safe to sleep. Like syscall entry. > > > Thanks! > > > > Could you please share more about your use case, so we can make sure > > > > that it will be covered by upcoming work? > > > Sure. I was playing with modifying kprobed syscall parameters (for > > > example, changing the path of an openat syscall etc). > > > > yes, but what is the use case? > > Why do you want to modify path of openat syscall? > I had no specific use case. I have seen that eBPF can modify usermode > memory and wanted to experiment with that... Late reply but figured its worth adding a concrete example. We have a use case to read user memory from syscall (args when they are pointers to memory for example) where we can cause a page fault. Sleepable bpf progs with copy helpers would solve this for us. Thanks, John ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-04-21 18:54 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-03-31 16:16 probe_write_common_error Gilad Reti 2020-04-01 23:28 ` probe_write_common_error Alexei Starovoitov [not found] ` <CANaYP3GgpWKpiW-ATQ6UYLwNWJ3EqBKf-6d8Ki4xWXHVBOGvQw@mail.gmail.com> 2020-04-02 15:37 ` probe_write_common_error Alexei Starovoitov 2020-04-02 16:16 ` probe_write_common_error Gilad Reti 2020-04-21 18:54 ` probe_write_common_error John Fastabend
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).