bpf.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Andrii Nakryiko <andrii.nakryiko@gmail.com>
To: Daniel Borkmann <daniel@iogearbox.net>
Cc: bpf <bpf@vger.kernel.org>, Networking <netdev@vger.kernel.org>,
	Alexei Starovoitov <ast@kernel.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	x86@kernel.org
Subject: Re: [PATCH bpf-next v2 2/8] uaccess: Add strict non-pagefault kernel-space read function
Date: Thu, 31 Oct 2019 13:12:06 -0700	[thread overview]
Message-ID: <CAEf4BzZ=pBcoUA7jxS7MiO8dYT4s-JGR1HG++DmbmqoKYM5qWw@mail.gmail.com> (raw)
In-Reply-To: <59ffcedeed70cdae86fbd803b87cc581a82577d7.1572483054.git.daniel@iogearbox.net>

On Wed, Oct 30, 2019 at 6:00 PM Daniel Borkmann <daniel@iogearbox.net> wrote:
>
> Add two new probe_kernel_read_strict() and strncpy_from_unsafe_strict()
> helpers which by default alias to the __probe_kernel_read() and the
> __strncpy_from_unsafe(), respectively, but can be overridden by archs
> which have non-overlapping address ranges for kernel space and user
> space in order to bail out with -EFAULT when attempting to probe user
> memory including non-canonical user access addresses [0].
>
> The idea is that these helpers are complementary to the probe_user_read()
> and strncpy_from_unsafe_user() which probe user-only memory. Both added
> helpers here do the same, but for kernel-only addresses.
>
> Both set of helpers are going to be used for BPF tracing. They also
> explicitly avoid throwing the splat for non-canonical user addresses from
> 00c42373d397 ("x86-64: add warning for non-canonical user access address
> dereferences").
>
> For compat, the current probe_kernel_read() and strncpy_from_unsafe() are
> left as-is.
>
>   [0] Documentation/x86/x86_64/mm.txt
>
>       4-level page tables: 0x0000800000000000 - 0xffff7fffffffffff
>       5-level page tables: 0x0100000000000000 - 0xfeffffffffffffff
>
> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Masami Hiramatsu <mhiramat@kernel.org>
> Cc: x86@kernel.org
> ---

Acked-by: Andrii Nakryiko <andriin@fb.com>

>  arch/x86/mm/Makefile    |  2 +-
>  arch/x86/mm/maccess.c   | 38 ++++++++++++++++++++++++++++++++++++++
>  include/linux/uaccess.h |  4 ++++
>  mm/maccess.c            | 25 ++++++++++++++++++++++++-
>  4 files changed, 67 insertions(+), 2 deletions(-)
>  create mode 100644 arch/x86/mm/maccess.c
>

[...]

  reply	other threads:[~2019-10-31 20:12 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-31  1:00 [PATCH bpf-next v2 0/8] Fix BPF probe memory helpers Daniel Borkmann
2019-10-31  1:00 ` [PATCH bpf-next v2 1/8] uaccess: Add non-pagefault user-space write function Daniel Borkmann
2019-10-31  1:00 ` [PATCH bpf-next v2 2/8] uaccess: Add strict non-pagefault kernel-space read function Daniel Borkmann
2019-10-31 20:12   ` Andrii Nakryiko [this message]
2019-10-31  1:00 ` [PATCH bpf-next v2 3/8] bpf: Make use of probe_user_write in probe write helper Daniel Borkmann
2019-10-31  1:00 ` [PATCH bpf-next v2 4/8] bpf: Add probe_read_{user,kernel} and probe_read_{user,kernel}_str helpers Daniel Borkmann
2019-10-31 20:07   ` Andrii Nakryiko
2019-10-31  1:00 ` [PATCH bpf-next v2 5/8] bpf: Switch BPF probe insns to bpf_probe_read_kernel Daniel Borkmann
2019-10-31 20:08   ` Andrii Nakryiko
2019-10-31  1:00 ` [PATCH bpf-next v2 6/8] bpf, samples: Use bpf_probe_read_user where appropriate Daniel Borkmann
2019-10-31  1:00 ` [PATCH bpf-next v2 7/8] bpf, testing: Convert prog tests to probe_read_{user,kernel}{,_str} helper Daniel Borkmann
2019-10-31 20:10   ` Andrii Nakryiko
2019-10-31  1:00 ` [PATCH bpf-next v2 8/8] bpf, testing: Add selftest to read/write sockaddr from user space Daniel Borkmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAEf4BzZ=pBcoUA7jxS7MiO8dYT4s-JGR1HG++DmbmqoKYM5qWw@mail.gmail.com' \
    --to=andrii.nakryiko@gmail.com \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=mhiramat@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=torvalds@linux-foundation.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).