From patchwork Tue Jan 7 02:06:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Rome X-Patchwork-Id: 13927965 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 58D1BE77188 for ; Tue, 7 Jan 2025 02:06:49 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D56416B008C; Mon, 6 Jan 2025 21:06:48 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D058A6B0092; Mon, 6 Jan 2025 21:06:48 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BCDCC6B0093; Mon, 6 Jan 2025 21:06:48 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id A15276B008C for ; Mon, 6 Jan 2025 21:06:48 -0500 (EST) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 3C3CE1605EB for ; Tue, 7 Jan 2025 02:06:48 +0000 (UTC) X-FDA: 82979017296.15.30FE645 Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) by imf17.hostedemail.com (Postfix) with ESMTP id 412A340010 for ; Tue, 7 Jan 2025 02:06:46 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=jordanrome.com header.s=s1-ionos header.b=LLfcfuEL; spf=pass (imf17.hostedemail.com: domain of linux@jordanrome.com designates 74.208.4.194 as permitted sender) smtp.mailfrom=linux@jordanrome.com; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736215606; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=3ePT0FPt9l0Qzkz0xRTw2LrsfjW4Z5KL+i91TUZCoiY=; b=JyffQoIMkwnXVL5Yp327UkQpenk4A1AojxKZgubPUO6xS4x9q80GZDNlL5pz84t6NYUl4Y YSBl1/UOKAOOCE1VV77AyvPfkRkuEr1iI/gdUAsgCtZJIPDBXtU4oy6fTF+OK5ydGLj0A+ M1meQGXIGWD0KsqJCHYmQpeB45qQNKk= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=jordanrome.com header.s=s1-ionos header.b=LLfcfuEL; spf=pass (imf17.hostedemail.com: domain of linux@jordanrome.com designates 74.208.4.194 as permitted sender) smtp.mailfrom=linux@jordanrome.com; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736215606; a=rsa-sha256; cv=none; b=FE421Jy2eGGBvocQY+aaIowVjZtMGhOvn1x59qlG17Itp2u7QfJOBSl8ap3WOf6lfAvYya wEsIEeXOJr2dZyYKEF0bdX8Js6ud5ALSrPEeB07oOO9xeUWrOojwa7kMuuJQYpGZsMv9cA u9cKKC7D0B+FhCVEjKbW6gvUwjruuFw= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jordanrome.com; s=s1-ionos; t=1736215603; x=1736820403; i=linux@jordanrome.com; bh=3ePT0FPt9l0Qzkz0xRTw2LrsfjW4Z5KL+i91TUZCoiY=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID: MIME-Version:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=LLfcfuELvgrXUfdzetejn93zJtVo9IkugFDPnz8j6EppWF2Gh4TlQ6o1SGnYNaQz uwG39vysRESCxE096SM+Nd4XNMLa1iAwOhFNSp1InLcHUxQsyMhM4B5cVPgXB8df9 SL8okuIyEiJDQFcvQiTzBaBCrC0gGCj5N03tBM4ky/noWSfXJvCWOcqcXb/4Lixfh EkiBKWTzhM9FoELLbJ7bMMvA5C2wgdmn1xvzbNCCsau23O2vCblP0aF6VAYPx1BBN uBrbcRvTvBd+0zwjEhshwk6Zplw8cTNCEHQzaXqSgFJL4Z4HTZhGGBZLJ3WaCkT0m yX6M3/swmOd+bdO8Nw== X-UI-Sender-Class: 55c96926-9e95-11ee-ae09-1f7a4046a0f6 Received: from localhost ([69.171.251.13]) by mrelay.perfora.net (mreueus002 [74.208.5.2]) with ESMTPSA (Nemesis) id 0MHIlZ-1tIfAm04jz-008nC5; Tue, 07 Jan 2025 03:06:43 +0100 From: Jordan Rome To: bpf@vger.kernel.org Cc: linux-mm@kvack.org, Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Kernel Team , Andrew Morton , Shakeel Butt Subject: [bpf-next v2 1/2] bpf: Add bpf_copy_from_user_task_str kfunc Date: Mon, 6 Jan 2025 18:06:31 -0800 Message-ID: <20250107020632.170883-1-linux@jordanrome.com> X-Mailer: git-send-email 2.43.5 MIME-Version: 1.0 X-Provags-ID: V03:K1:swEFtqhmW2Kwgld9kRCHV/0VrQFU6PZ5hV+JiC+7/AR7So7t/EL C/GGahB7cSR1JDBXJ1k2Sly455EiX0+T86stg8IH1wt13fcvppXhcq4p6tpO/wZJJXe7MkF R0q7AODVholSw2csXtbuLreZYLgF4miBagbv28HnOespwAyVXT4VqctkPEedZZDqRavoAxS WrZFxxHGQnYM3yAeOZDPg== UI-OutboundReport: notjunk:1;M01:P0:kxeY5GWJl9s=;kufRiJjbDrVCBGrzqFJbJ54XPzm TNtUTP/O7NGa3bD2XaPmYSMP+hXXdSkF2CcJkns5JFJSwUDcrVYZddEgruubIPZVsACzQuOTu k3v8+FfactRsAcbfBpDwGNMFvhPCsAijVbDrIOJvatCjT1FtCsgr6ylAQ1L1vogATPXs/VAzc icQibjBSP7IgysT5XyotChxt0gaKlpzY/CIPU9kWyeJ+iJQSmDrQgnrfUz3Ekbx1xFyVpCcHG 505gukSs2CHfVRfInyCEaEplCf6YDml3ED/PlShQTJ14MJlFfsAdDbKdrtviUhOQ3rt4RZq4/ 4LwjqjE/+Cdp95ySFEEbV+3AKyvCVaRiXo2ljLj5usVJwWGNZv8Sov5Tbq6eWR0eHuX9panF+ B5AvjmpYhGuIehVZV2uEG41k+58o6Tw5wHKybMBvBMg9eVPe3H2/ZWXK0ZbGt9Ckg4G1/Orr+ SfEzfiP77jfXEoYKeNz0xjvCGLi67NpXa4+603LGOsc9CJT3WeEi1O17+NG//djGNXppA8Lzk 0utU1hd7WgzYBIJ+kGTSsfIfWLzbR/lgEI8codxtA15JKm7nn5CsMstN7yKq4YGfXUCGyTTDG n5N7MhKJAUXb4/R2AYcb4yOZdOXGWm3g5mXjLMos+f7TjDpXMFEb/fAEZBrVZDYDgyNq7Ufa3 QGYBnq6cFmj9/HpQSGxeD7Tb34GgcnkkVALQ5Go5mT0OBL0es8+i03VLOX6Kim8bhOblU3+YF l+RTDfKVvs2CrBX02DXm5XrkmwNo9TGKvOAsxNIT7C3+3AlmppAzR4GaTm5i+TQBbIYewh2AH O5zRMj2NqMQiw1g9K6bl8DnGtoHbwTtOSiuCmWkvZlp8ZpjFTLBzMwjarQDA5dDFCAB2T5N5v pqhR4OBajAWkM3tXaGARpzpDxdHxD6BSS8rhJyT5+8/uv0K57AkYwy0n3tlDnmGANKVnlZzf1 rvzgXKxrBPqrUuWOlr7u3gyPrDoXrFgZNUkJkM/kS9ohZBeC9WuLoWH1TTj8ebQS1cDzTKGWi /mKogtCrGvZ3D5QKSxzl0Cgz+5proFkpp1tJw2Y X-Rspamd-Queue-Id: 412A340010 X-Stat-Signature: m3es15dgcgtiyawiw4n7utw8jmq7e8gy X-Rspam-User: X-Rspamd-Server: rspam11 X-HE-Tag: 1736215606-951966 X-HE-Meta: U2FsdGVkX186t5k5Zc3FmKD5kPqe+biOn8whEJRq8aA+TsEjS/Jcm+IAjbkqxZ8t5f5+APx6zV9sx2XHz8ldFFeyRYxA7cF2tZUeUeWuZo2ABkr6b//8eSYa9uVX+WtYf5TEfULu0g32BBtND4dgcFN18vkbVz19u7o4bxVn8xk0TdnEtF9jdyKR+XkLPJLlrdVTHhAlOVu6IsSnhZ/CLQ4qbaJMhwPX06zMECHZ7jUE84pkv6GgUwcieoDBffT9FxkxjCzW26c9ygLhZvHVoJv06RgXNHzYu21mJlMDelGZaSSSUgvacWgmj4nfjIzkcDPRl1lxiNWRAdCupE3kwxEtEN9MDSW94l28cGOIIcLiLvTIpG14Hy2CEJWMP81Pr6AhfKbfQdpsRjqB2Kh3jK9vCYfktWuWynoJjcC8H/qE3UuO9nxghVgV2s3QvbZ76HnOzdXbhUbX5t3WZ/89DRwq7uzctOJHKxomIorHhBFrcmXHTBMrQ9dh9lR4h24JMltsegopu76THm5KYLpHN8tgvOKoHqiaylix/4GY/6QS21iyFBbw3rJCHvp4MjhV8hPVNk9zahmuGA45PI32aC3eIDNmThcx/cnE1EalPJ8F1vSPiIdGyG/6c1ASqpoDFr+xm1QPz3a4rnpv2rcKSEPy4pmFr+BQGnBjUI3254VqMJW1hiJ65wcltTak6AhJ3FJ1gm0Cbd0z2C3b/ihdR95KgQDntbzWI7UMfToN9QIiaaR7soKKq99VE8CYwKAH6QfE47dmC2Ncw4GsllPOo1n8REn97xoENk6XrzShZQfzbqmnV+xC09AfM6w7f4XqB6Rj0XHGgdU2xi0q4ETmVVoH5zkV0wxF/sXLqxJzm7ugJw+5uPWgroT41Y8Br9bgYx+lWISWJpMuthgT+/Jpo5Mccmhvg8YOThymROlqOhtoh0CE0k6oV8eXHFpQCIgQX8lrACJaG5mppQk8x76 wkR3iHBA DUl161fln5bM1lgEY+TdjRJp8cqRmFTmc2HPgtEkDLMYbwEGYtV5tR63xsMcVMSrRnRsY0FBrQZ9Rz7fTPrb74Z+QaliODkZHY9h8qwcRjE1sri5wig8YMp5Dfu4wIYXP7gEpEE7JDHO7zSgj/ZukoNx89H4Th8g0Sj8tzvUgrFl43I2PsqNFDKp/A8NaUxVXd08oKtZxKRQXZZlEAZ6nvxkAkI6atL2VFKpGvQlX597TG0HWl1q2UWjV7wQPafRXnvEnpckd1q1Za0R7g5OqvjDtNbJcLDy6sN+FX+g3yOwuJU7o3MYJoS1H7dGLPVdgaX5QuXg4sv8ZNzX03jKqxqio6A== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: This new kfunc will be able to copy a string from another process's/task's address space. This is similar to `bpf_copy_from_user_str` but accepts a `struct task_struct*` argument. This required adding an additional function in memory.c, namely `copy_str_from_process_vm`, which works similar to `access_process_vm` but utilizes the `strncpy_from_user` helper and only supports reading/copying and not writing. Signed-off-by: Jordan Rome --- include/linux/mm.h | 3 ++ kernel/bpf/helpers.c | 46 ++++++++++++++++++++ mm/memory.c | 101 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 150 insertions(+) -- 2.43.5 diff --git a/include/linux/mm.h b/include/linux/mm.h index c39c4945946c..52b304b20630 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2484,6 +2484,9 @@ extern int access_process_vm(struct task_struct *tsk, unsigned long addr, extern int access_remote_vm(struct mm_struct *mm, unsigned long addr, void *buf, int len, unsigned int gup_flags); +extern int copy_str_from_process_vm(struct task_struct *tsk, unsigned long addr, + void *buf, int len, unsigned int gup_flags); + long get_user_pages_remote(struct mm_struct *mm, unsigned long start, unsigned long nr_pages, unsigned int gup_flags, struct page **pages, diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index cd5f9884d85b..45d41b7a9906 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -3072,6 +3072,51 @@ __bpf_kfunc void bpf_local_irq_restore(unsigned long *flags__irq_flag) local_irq_restore(*flags__irq_flag); } +/** + * bpf_copy_from_user_task_str() - Copy a string from an task's address space + * @dst: Destination address, in kernel space. This buffer must be + * at least @dst__sz bytes long. + * @dst__sz: Maximum number of bytes to copy, includes the trailing NUL. + * @unsafe_ptr__ign: Source address in the task's address space. + * @tsk: The task whose address space will be used + * @flags: The only supported flag is BPF_F_PAD_ZEROS + * + * Copies a NULL-terminated string from a task's address space to BPF space. + * If user string is too long this will still ensure zero termination in the + * dst buffer unless buffer size is 0. + * + * If BPF_F_PAD_ZEROS flag is set, memset the tail of @dst to 0 on success and + * memset all of @dst on failure. + */ +__bpf_kfunc int bpf_copy_from_user_task_str(void *dst, u32 dst__sz, const void __user *unsafe_ptr__ign, struct task_struct *tsk, u64 flags) +{ + int count = dst__sz - 1; + int ret = 0; + + if (unlikely(flags & ~BPF_F_PAD_ZEROS)) + return -EINVAL; + + if (unlikely(!dst__sz)) + return 0; + + ret = copy_str_from_process_vm(tsk, (unsigned long)unsafe_ptr__ign, dst, count, 0); + + if (ret <= 0) { + if (flags & BPF_F_PAD_ZEROS) + memset((char *)dst, 0, dst__sz); + return ret; + } + + if (ret < count) { + if (flags & BPF_F_PAD_ZEROS) + memset((char *)dst + ret, 0, dst__sz - ret); + } else { + ((char *)dst)[count] = '\0'; + } + + return ret + 1; +} + __bpf_kfunc_end_defs(); BTF_KFUNCS_START(generic_btf_ids) @@ -3164,6 +3209,7 @@ BTF_ID_FLAGS(func, bpf_iter_bits_new, KF_ITER_NEW) BTF_ID_FLAGS(func, bpf_iter_bits_next, KF_ITER_NEXT | KF_RET_NULL) BTF_ID_FLAGS(func, bpf_iter_bits_destroy, KF_ITER_DESTROY) BTF_ID_FLAGS(func, bpf_copy_from_user_str, KF_SLEEPABLE) +BTF_ID_FLAGS(func, bpf_copy_from_user_task_str, KF_SLEEPABLE) BTF_ID_FLAGS(func, bpf_get_kmem_cache) BTF_ID_FLAGS(func, bpf_iter_kmem_cache_new, KF_ITER_NEW | KF_SLEEPABLE) BTF_ID_FLAGS(func, bpf_iter_kmem_cache_next, KF_ITER_NEXT | KF_RET_NULL | KF_SLEEPABLE) diff --git a/mm/memory.c b/mm/memory.c index 75c2dfd04f72..514490bd7d6d 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -6673,6 +6673,75 @@ static int __access_remote_vm(struct mm_struct *mm, unsigned long addr, return buf - old_buf; } +/* + * Copy a string from another process's address space as given in mm. + * Don't return partial results. If there is any error return -EFAULT. + */ +static int __copy_str_from_remote_vm(struct mm_struct *mm, unsigned long addr, + void *buf, int len, unsigned int gup_flags) +{ + void *old_buf = buf; + int err = 0; + + if (mmap_read_lock_killable(mm)) + return -EFAULT; + + /* Untag the address before looking up the VMA */ + addr = untagged_addr_remote(mm, addr); + + /* Avoid triggering the temporary warning in __get_user_pages */ + if (!vma_lookup(mm, addr)) { + mmap_read_unlock(mm); + return -EFAULT; + } + + while (len) { + int bytes, offset, retval; + void *maddr; + struct vm_area_struct *vma = NULL; + struct page *page = get_user_page_vma_remote(mm, addr, + gup_flags, &vma); + + if (IS_ERR(page)) { + /* + * Treat as a total failure for now until we decide how + * to handle the CONFIG_HAVE_IOREMAP_PROT case and + * stack expansion. + */ + err = -EFAULT; + break; + } + + bytes = len; + offset = addr & (PAGE_SIZE - 1); + if (bytes > PAGE_SIZE - offset) + bytes = PAGE_SIZE - offset; + + maddr = kmap_local_page(page); + retval = strncpy_from_user(buf, (const char __user *)addr, bytes); + unmap_and_put_page(page, maddr); + + if (retval < 0) { + err = retval; + break; + } + + len -= retval; + buf += retval; + addr += retval; + + /* Found the end of the string */ + if (retval < bytes) + break; + } + mmap_read_unlock(mm); + + if (err) + return err; + + return buf - old_buf; +} + /** * access_remote_vm - access another process' address space * @mm: the mm_struct of the target address space @@ -6714,6 +6783,38 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, } EXPORT_SYMBOL_GPL(access_process_vm); +/** + * copy_str_from_process_vm - copy a string from another process's address space. + * @tsk: the task of the target address space + * @addr: start address to access + * @buf: source or destination buffer + * @len: number of bytes to transfer + * @gup_flags: flags modifying lookup behaviour + * + * The caller must hold a reference on @mm. + * + * Return: number of bytes copied from source to destination. If the string + * is shorter than @len then return the length of the string. + * On any error, return -EFAULT. + */ +int copy_str_from_process_vm(struct task_struct *tsk, unsigned long addr, + void *buf, int len, unsigned int gup_flags) +{ + struct mm_struct *mm; + int ret; + + mm = get_task_mm(tsk); + if (!mm) + return -EFAULT; + + ret = __copy_str_from_remote_vm(mm, addr, buf, len, gup_flags); + + mmput(mm); + + return ret; +} +EXPORT_SYMBOL_GPL(copy_str_from_process_vm); + /* * Print the name of a VMA. */