probe_write_common_error

probe_write_common_error

[Gilad Reti]

When I try to probe_write_common into a writable location (e.g a
memory address on a usermode stack) which is not yet mapped or mapped
as read only to the memory, the function sometimes return a EFAULT
(bad address) error. This is happening since the pagefault handler was
disabled and thus this memory location won't be mapped when the
function tries to write into it, an error will be returned and no data
will be written.
Is that behavior intended? Did you want those functions to have as
less side-effects are possible?

Re: probe_write_common_error

[Alexei Starovoitov]

On Tue, Mar 31, 2020 at 07:16:28PM +0300, Gilad Reti wrote:
> When I try to probe_write_common into a writable location (e.g a
> memory address on a usermode stack) which is not yet mapped or mapped
> as read only to the memory, the function sometimes return a EFAULT
> (bad address) error. This is happening since the pagefault handler was
> disabled and thus this memory location won't be mapped when the
> function tries to write into it, an error will be returned and no data
> will be written.
> Is that behavior intended? Did you want those functions to have as
> less side-effects are possible?

You mean bpf_probe_write_user() helper?
Yes it's a non-faulting helper that will fail if prog is trying to
write into a valid memory that could have been served with minor fault.
The main reason for this is that bpf progs are not allowed to sleep.
We're working on sleepable bpf progs that will be able to do copy_from/to_user
from the context where it is safe to sleep. Like syscall entry.
Could you please share more about your use case, so we can make sure
that it will be covered by upcoming work?

Re: probe_write_common_error

[Alexei Starovoitov]

re-added mailing list back. pls don't remove it from cc.

On Thu, Apr 2, 2020 at 1:05 AM Gilad Reti <gilad.reti@gmail.com> wrote:
>
> On Thu, Apr 2, 2020 at 2:28 AM Alexei Starovoitov
> <alexei.starovoitov@gmail.com> wrote:
> >
> > On Tue, Mar 31, 2020 at 07:16:28PM +0300, Gilad Reti wrote:
> > > When I try to probe_write_common into a writable location (e.g a
> > > memory address on a usermode stack) which is not yet mapped or mapped
> > > as read only to the memory, the function sometimes return a EFAULT
> > > (bad address) error. This is happening since the pagefault handler was
> > > disabled and thus this memory location won't be mapped when the
> > > function tries to write into it, an error will be returned and no data
> > > will be written.
> > > Is that behavior intended? Did you want those functions to have as
> > > less side-effects are possible?
> >
> > You mean bpf_probe_write_user() helper?
> Well yes, but it calls probe_write_common which disables the pagefault
> handler so I asked about it.
> > Yes it's a non-faulting helper that will fail if prog is trying to
> > write into a valid memory that could have been served with minor fault.
> > The main reason for this is that bpf progs are not allowed to sleep.
> > We're working on sleepable bpf progs that will be able to do copy_from/to_user
> > from the context where it is safe to sleep. Like syscall entry.
> Thanks!
> > Could you please share more about your use case, so we can make sure
> > that it will be covered by upcoming work?
> Sure. I was playing with modifying kprobed syscall parameters (for
> example, changing the path of an openat syscall etc).

yes, but what is the use case?
Why do you want to modify path of openat syscall?

Re: probe_write_common_error

[Gilad Reti]

On Thu, Apr 2, 2020 at 6:38 PM Alexei Starovoitov
<alexei.starovoitov@gmail.com> wrote:
>
> re-added mailing list back. pls don't remove it from cc.
Sorry, this wasn't on purpose.
>
> On Thu, Apr 2, 2020 at 1:05 AM Gilad Reti <gilad.reti@gmail.com> wrote:
> >
> > On Thu, Apr 2, 2020 at 2:28 AM Alexei Starovoitov
> > <alexei.starovoitov@gmail.com> wrote:
> > >
> > > On Tue, Mar 31, 2020 at 07:16:28PM +0300, Gilad Reti wrote:
> > > > When I try to probe_write_common into a writable location (e.g a
> > > > memory address on a usermode stack) which is not yet mapped or mapped
> > > > as read only to the memory, the function sometimes return a EFAULT
> > > > (bad address) error. This is happening since the pagefault handler was
> > > > disabled and thus this memory location won't be mapped when the
> > > > function tries to write into it, an error will be returned and no data
> > > > will be written.
> > > > Is that behavior intended? Did you want those functions to have as
> > > > less side-effects are possible?
> > >
> > > You mean bpf_probe_write_user() helper?
> > Well yes, but it calls probe_write_common which disables the pagefault
> > handler so I asked about it.
> > > Yes it's a non-faulting helper that will fail if prog is trying to
> > > write into a valid memory that could have been served with minor fault.
> > > The main reason for this is that bpf progs are not allowed to sleep.
> > > We're working on sleepable bpf progs that will be able to do copy_from/to_user
> > > from the context where it is safe to sleep. Like syscall entry.
> > Thanks!
> > > Could you please share more about your use case, so we can make sure
> > > that it will be covered by upcoming work?
> > Sure. I was playing with modifying kprobed syscall parameters (for
> > example, changing the path of an openat syscall etc).
>
> yes, but what is the use case?
> Why do you want to modify path of openat syscall?
I had no specific use case. I have seen that eBPF can modify usermode
memory and wanted to experiment with that...

Re: probe_write_common_error

[John Fastabend]

Gilad Reti wrote:
> On Thu, Apr 2, 2020 at 6:38 PM Alexei Starovoitov
> <alexei.starovoitov@gmail.com> wrote:
> >
> > re-added mailing list back. pls don't remove it from cc.
> Sorry, this wasn't on purpose.
> >
> > On Thu, Apr 2, 2020 at 1:05 AM Gilad Reti <gilad.reti@gmail.com> wrote:
> > >
> > > On Thu, Apr 2, 2020 at 2:28 AM Alexei Starovoitov
> > > <alexei.starovoitov@gmail.com> wrote:
> > > >
> > > > On Tue, Mar 31, 2020 at 07:16:28PM +0300, Gilad Reti wrote:
> > > > > When I try to probe_write_common into a writable location (e.g a
> > > > > memory address on a usermode stack) which is not yet mapped or mapped
> > > > > as read only to the memory, the function sometimes return a EFAULT
> > > > > (bad address) error. This is happening since the pagefault handler was
> > > > > disabled and thus this memory location won't be mapped when the
> > > > > function tries to write into it, an error will be returned and no data
> > > > > will be written.
> > > > > Is that behavior intended? Did you want those functions to have as
> > > > > less side-effects are possible?
> > > >
> > > > You mean bpf_probe_write_user() helper?
> > > Well yes, but it calls probe_write_common which disables the pagefault
> > > handler so I asked about it.
> > > > Yes it's a non-faulting helper that will fail if prog is trying to
> > > > write into a valid memory that could have been served with minor fault.
> > > > The main reason for this is that bpf progs are not allowed to sleep.
> > > > We're working on sleepable bpf progs that will be able to do copy_from/to_user
> > > > from the context where it is safe to sleep. Like syscall entry.
> > > Thanks!
> > > > Could you please share more about your use case, so we can make sure
> > > > that it will be covered by upcoming work?
> > > Sure. I was playing with modifying kprobed syscall parameters (for
> > > example, changing the path of an openat syscall etc).
> >
> > yes, but what is the use case?
> > Why do you want to modify path of openat syscall?
> I had no specific use case. I have seen that eBPF can modify usermode
> memory and wanted to experiment with that...

Late reply but figured its worth adding a concrete example.

We have a use case to read user memory from syscall (args when they are
pointers to memory for example) where we can cause a page fault. Sleepable
bpf progs with copy helpers would solve this for us.

Thanks,
John