diff mbox series

[bpf,1/2] bpf: Add override check to kprobe multi link attach

Message ID 20230907200652.926951-1-jolsa@kernel.org (mailing list archive)
State Accepted
Commit 41bc46c12a8053a1b3279a379bd6b5e87b045b85
Delegated to: BPF
Headers show
Series [bpf,1/2] bpf: Add override check to kprobe multi link attach | expand

Checks

Context Check Description
netdev/series_format success Single patches do not need cover letters
netdev/tree_selection success Clearly marked for bpf, async
netdev/fixes_present success Fixes tag present in non-next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 1346 this patch: 1346
netdev/cc_maintainers fail 1 blamed authors not CCed: mhiramat@kernel.org; 7 maintainers not CCed: rostedt@goodmis.org martin.lau@linux.dev kpsingh@kernel.org yonghong.song@linux.dev mhiramat@kernel.org linux-trace-kernel@vger.kernel.org song@kernel.org
netdev/build_clang success Errors and warnings before: 1353 this patch: 1353
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn success Errors and warnings before: 1369 this patch: 1369
netdev/checkpatch warning WARNING: line length of 84 exceeds 80 columns
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0
bpf/vmtest-bpf-VM_Test-0 success Logs for ShellCheck
bpf/vmtest-bpf-VM_Test-5 success Logs for set-matrix
bpf/vmtest-bpf-VM_Test-1 success Logs for build for aarch64 with gcc
bpf/vmtest-bpf-VM_Test-3 success Logs for build for x86_64 with gcc
bpf/vmtest-bpf-VM_Test-4 success Logs for build for x86_64 with llvm-16
bpf/vmtest-bpf-VM_Test-2 success Logs for build for s390x with gcc
bpf/vmtest-bpf-VM_Test-6 success Logs for test_maps on aarch64 with gcc
bpf/vmtest-bpf-VM_Test-18 success Logs for test_progs_no_alu32_parallel on aarch64 with gcc
bpf/vmtest-bpf-VM_Test-8 fail Logs for test_maps on x86_64 with gcc
bpf/vmtest-bpf-VM_Test-23 success Logs for test_progs_parallel on x86_64 with llvm-16
bpf/vmtest-bpf-VM_Test-19 success Logs for test_progs_no_alu32_parallel on x86_64 with gcc
bpf/vmtest-bpf-VM_Test-21 success Logs for test_progs_parallel on aarch64 with gcc
bpf/vmtest-bpf-VM_Test-25 success Logs for test_verifier on s390x with gcc
bpf/vmtest-bpf-VM_Test-28 success Logs for veristat
bpf/vmtest-bpf-VM_Test-24 success Logs for test_verifier on aarch64 with gcc
bpf/vmtest-bpf-VM_Test-26 success Logs for test_verifier on x86_64 with gcc
bpf/vmtest-bpf-VM_Test-22 success Logs for test_progs_parallel on x86_64 with gcc
bpf/vmtest-bpf-VM_Test-16 fail Logs for test_progs_no_alu32 on x86_64 with gcc
bpf/vmtest-bpf-VM_Test-9 success Logs for test_maps on x86_64 with llvm-16
bpf/vmtest-bpf-VM_Test-10 fail Logs for test_progs on aarch64 with gcc
bpf/vmtest-bpf-VM_Test-14 fail Logs for test_progs_no_alu32 on aarch64 with gcc
bpf/vmtest-bpf-VM_Test-13 fail Logs for test_progs on x86_64 with llvm-16
bpf/vmtest-bpf-VM_Test-27 success Logs for test_verifier on x86_64 with llvm-16
bpf/vmtest-bpf-VM_Test-12 fail Logs for test_progs on x86_64 with gcc
bpf/vmtest-bpf-VM_Test-17 fail Logs for test_progs_no_alu32 on x86_64 with llvm-16
bpf/vmtest-bpf-VM_Test-20 success Logs for test_progs_no_alu32_parallel on x86_64 with llvm-16
bpf/vmtest-bpf-VM_Test-15 fail Logs for test_progs_no_alu32 on s390x with gcc
bpf/vmtest-bpf-VM_Test-11 fail Logs for test_progs on s390x with gcc
bpf/vmtest-bpf-PR fail PR summary
bpf/vmtest-bpf-VM_Test-7 success Logs for test_maps on s390x with gcc

Commit Message

Jiri Olsa Sept. 7, 2023, 8:06 p.m. UTC 
Currently the multi_kprobe link attach does not check error
injection list for programs with bpf_override_return helper
and allows them to attach anywhere. Adding the missing check.

Cc: stable@vger.kernel.org
Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
---
 kernel/trace/bpf_trace.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

Comments

Alan Maguire Sept. 8, 2023, 1:48 p.m. UTC | #1 
On 07/09/2023 21:06, Jiri Olsa wrote:
> Currently the multi_kprobe link attach does not check error
> injection list for programs with bpf_override_return helper
> and allows them to attach anywhere. Adding the missing check.
> 
> Cc: stable@vger.kernel.org
> Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
> Signed-off-by: Jiri Olsa <jolsa@kernel.org>

For the series,

Reviewed-by: Alan Maguire <alan.maguire@oracle.com>

...with one small question below...

> ---
>  kernel/trace/bpf_trace.c | 16 ++++++++++++++++
>  1 file changed, 16 insertions(+)
> 
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index a7264b2c17ad..c1c1af63ced2 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -2853,6 +2853,17 @@ static int get_modules_for_addrs(struct module ***mods, unsigned long *addrs, u3
>  	return arr.mods_cnt;
>  }
>  
> +static int addrs_check_error_injection_list(unsigned long *addrs, u32 cnt)
> +{
> +	u32 i;
> +
> +	for (i = 0; i < cnt; i++) {
> +		if (!within_error_injection_list(addrs[i]))
> +			return -EINVAL;

do we need a check like trace_kprobe_on_func_entry() to verify that
it's a combination of function entry+kprobe override, or is that
handled elsewhere/not needed? perf_event_attach_bpf_prog() does

/*
 * Kprobe override only works if they are on the function entry,
 * and only if they are on the opt-in list.
 */
 	if (prog->kprobe_override &&
 	    (!trace_kprobe_on_func_entry(event->tp_event) ||
 	     !trace_kprobe_error_injectable(event->tp_event)))
 		return -EINVAL;


if this is needed, it might be good to augment the selftest to
cover the case of specifying non-entry+kprobe override. thanks!

Alan


> +	return 0;
> +}
> +
>  int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
>  {
>  	struct bpf_kprobe_multi_link *link = NULL;
> @@ -2930,6 +2941,11 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
>  			goto error;
>  	}
>  
> +	if (prog->kprobe_override && addrs_check_error_injection_list(addrs, cnt)) {
> +		err = -EINVAL;
> +		goto error;
> +	}
> +
>  	link = kzalloc(sizeof(*link), GFP_KERNEL);
>  	if (!link) {
>  		err = -ENOMEM;
Andrii Nakryiko Sept. 8, 2023, 11:50 p.m. UTC | #2 
On Fri, Sep 8, 2023 at 6:49 AM Alan Maguire <alan.maguire@oracle.com> wrote:
>
> On 07/09/2023 21:06, Jiri Olsa wrote:
> > Currently the multi_kprobe link attach does not check error
> > injection list for programs with bpf_override_return helper
> > and allows them to attach anywhere. Adding the missing check.
> >
> > Cc: stable@vger.kernel.org
> > Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
> > Signed-off-by: Jiri Olsa <jolsa@kernel.org>
>
> For the series,
>
> Reviewed-by: Alan Maguire <alan.maguire@oracle.com>
>
> ...with one small question below...
>
> > ---
> >  kernel/trace/bpf_trace.c | 16 ++++++++++++++++
> >  1 file changed, 16 insertions(+)
> >
> > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> > index a7264b2c17ad..c1c1af63ced2 100644
> > --- a/kernel/trace/bpf_trace.c
> > +++ b/kernel/trace/bpf_trace.c
> > @@ -2853,6 +2853,17 @@ static int get_modules_for_addrs(struct module ***mods, unsigned long *addrs, u3
> >       return arr.mods_cnt;
> >  }
> >
> > +static int addrs_check_error_injection_list(unsigned long *addrs, u32 cnt)
> > +{
> > +     u32 i;
> > +
> > +     for (i = 0; i < cnt; i++) {
> > +             if (!within_error_injection_list(addrs[i]))
> > +                     return -EINVAL;
>
> do we need a check like trace_kprobe_on_func_entry() to verify that
> it's a combination of function entry+kprobe override, or is that
> handled elsewhere/not needed? perf_event_attach_bpf_prog() does

multi-kprobe programs are always attached at function entry, so I
believe it's not necessary?

>
> /*
>  * Kprobe override only works if they are on the function entry,
>  * and only if they are on the opt-in list.
>  */
>         if (prog->kprobe_override &&
>             (!trace_kprobe_on_func_entry(event->tp_event) ||
>              !trace_kprobe_error_injectable(event->tp_event)))
>                 return -EINVAL;
>
>
> if this is needed, it might be good to augment the selftest to
> cover the case of specifying non-entry+kprobe override. thanks!
>
> Alan
>
>
> > +     return 0;
> > +}
> > +
> >  int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
> >  {
> >       struct bpf_kprobe_multi_link *link = NULL;
> > @@ -2930,6 +2941,11 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
> >                       goto error;
> >       }
> >
> > +     if (prog->kprobe_override && addrs_check_error_injection_list(addrs, cnt)) {
> > +             err = -EINVAL;
> > +             goto error;
> > +     }
> > +
> >       link = kzalloc(sizeof(*link), GFP_KERNEL);
> >       if (!link) {
> >               err = -ENOMEM;
patchwork-bot+netdevbpf@kernel.org Sept. 9, 2023, midnight UTC | #3 
Hello:

This series was applied to bpf/bpf.git (master)
by Andrii Nakryiko <andrii@kernel.org>:

On Thu,  7 Sep 2023 22:06:51 +0200 you wrote:
> Currently the multi_kprobe link attach does not check error
> injection list for programs with bpf_override_return helper
> and allows them to attach anywhere. Adding the missing check.
> 
> Cc: stable@vger.kernel.org
> Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
> Signed-off-by: Jiri Olsa <jolsa@kernel.org>
> 
> [...]

Here is the summary with links:
  - [bpf,1/2] bpf: Add override check to kprobe multi link attach
    https://git.kernel.org/bpf/bpf/c/41bc46c12a80
  - [bpf,2/2] selftests/bpf: Add kprobe_multi override test
    https://git.kernel.org/bpf/bpf/c/7182e56411b9

You are awesome, thank you!
Jiri Olsa Sept. 9, 2023, 6:51 p.m. UTC | #4 
On Fri, Sep 08, 2023 at 04:50:54PM -0700, Andrii Nakryiko wrote:
> On Fri, Sep 8, 2023 at 6:49 AM Alan Maguire <alan.maguire@oracle.com> wrote:
> >
> > On 07/09/2023 21:06, Jiri Olsa wrote:
> > > Currently the multi_kprobe link attach does not check error
> > > injection list for programs with bpf_override_return helper
> > > and allows them to attach anywhere. Adding the missing check.
> > >
> > > Cc: stable@vger.kernel.org
> > > Fixes: 0dcac2725406 ("bpf: Add multi kprobe link")
> > > Signed-off-by: Jiri Olsa <jolsa@kernel.org>
> >
> > For the series,
> >
> > Reviewed-by: Alan Maguire <alan.maguire@oracle.com>
> >
> > ...with one small question below...
> >
> > > ---
> > >  kernel/trace/bpf_trace.c | 16 ++++++++++++++++
> > >  1 file changed, 16 insertions(+)
> > >
> > > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> > > index a7264b2c17ad..c1c1af63ced2 100644
> > > --- a/kernel/trace/bpf_trace.c
> > > +++ b/kernel/trace/bpf_trace.c
> > > @@ -2853,6 +2853,17 @@ static int get_modules_for_addrs(struct module ***mods, unsigned long *addrs, u3
> > >       return arr.mods_cnt;
> > >  }
> > >
> > > +static int addrs_check_error_injection_list(unsigned long *addrs, u32 cnt)
> > > +{
> > > +     u32 i;
> > > +
> > > +     for (i = 0; i < cnt; i++) {
> > > +             if (!within_error_injection_list(addrs[i]))
> > > +                     return -EINVAL;
> >
> > do we need a check like trace_kprobe_on_func_entry() to verify that
> > it's a combination of function entry+kprobe override, or is that
> > handled elsewhere/not needed? perf_event_attach_bpf_prog() does
> 
> multi-kprobe programs are always attached at function entry, so I
> believe it's not necessary?

yes, fprobe allows only function entry.. should have put it in comment

thanks,
jirka
diff mbox series

Patch

diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index a7264b2c17ad..c1c1af63ced2 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -2853,6 +2853,17 @@  static int get_modules_for_addrs(struct module ***mods, unsigned long *addrs, u3
 	return arr.mods_cnt;
 }
 
+static int addrs_check_error_injection_list(unsigned long *addrs, u32 cnt)
+{
+	u32 i;
+
+	for (i = 0; i < cnt; i++) {
+		if (!within_error_injection_list(addrs[i]))
+			return -EINVAL;
+	}
+	return 0;
+}
+
 int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
 {
 	struct bpf_kprobe_multi_link *link = NULL;
@@ -2930,6 +2941,11 @@  int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
 			goto error;
 	}
 
+	if (prog->kprobe_override && addrs_check_error_injection_list(addrs, cnt)) {
+		err = -EINVAL;
+		goto error;
+	}
+
 	link = kzalloc(sizeof(*link), GFP_KERNEL);
 	if (!link) {
 		err = -ENOMEM;