From patchwork Tue Jan 28 22:43:50 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Rome X-Patchwork-Id: 13953323 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mout.perfora.net (mout.perfora.net [74.208.4.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C872219CC28 for ; Tue, 28 Jan 2025 22:44:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.208.4.196 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738104256; cv=none; b=R84Ufclc111jQd4i6bKS1sX5hAWbVb/MWZenxm4PwNcKxVIjfTtwRIQkJUim/WmvAqsg1ZhUYTir2XHAVhjXO6J9jhYVy1dnhhGn55kIOBXCXYNrmEKgwsHeUal0O0xs9KdhYouhL+M1LYWqzcVBcN3lnjWkYukalIiKBCPom3s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738104256; c=relaxed/simple; bh=syk4TdWsVE1D54ZUzruiXiqzzC9iCHOq3m/a75ITobc=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=rfJTRFY0e/GDqo26TQHuAasuZaXJHLUUk7wl66s0EZc31iQuOeTsfZZZ+col+SsAi5z0wrHBJF2rJItVN1NA8MsMaNS8IdsXCk+h9Tx45ZLk2RGe/Y0TG42/zI8XJ/G9fmy/2gQRPc39jxnTK46Ef9t3IX1tAGS4u66yUJQqHnM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=jordanrome.com; spf=pass smtp.mailfrom=jordanrome.com; dkim=pass (2048-bit key) header.d=jordanrome.com header.i=linux@jordanrome.com header.b=mveKIqSA; arc=none smtp.client-ip=74.208.4.196 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=jordanrome.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=jordanrome.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=jordanrome.com header.i=linux@jordanrome.com header.b="mveKIqSA" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jordanrome.com; s=s1-ionos; t=1738104249; x=1738709049; i=linux@jordanrome.com; bh=QRGkvncHhT4bF8p4emcNzTedGy4hijyVy88NPlXMXDw=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID: MIME-Version:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=mveKIqSAeXGSCvj82ClEFiCXgtX/+9Ofg8MPt5WQYjrE90Emhh1llJY7Qja+YzMi GldWW/Kwt7v47bUgKXYgDL+TMdFJdfWHwlGKqJd3clf9zKVDVKBpNgEQ1/ICUiOVE MY6Q6kzdgAFjS7YiYoBNSY/G3NQkBgvT/FzJtDoYoMNx1F1Np1Bhq3q7oUGz8JGm3 N+UDHheumeE8Nzkr7SJzJUA5cOoFfMzmFCK7xbKhZmnAZy94c8ZR1nM3x3nRLumea 7D6l1tc2JlG3nTVugNBaP7+syuYkrt8edAbxa29FLz9DucWxzRubPrL7UtOIbXLDM S3mQ9YXzF4W7N1V4HQ== X-UI-Sender-Class: 55c96926-9e95-11ee-ae09-1f7a4046a0f6 Received: from localhost ([69.171.251.9]) by mrelay.perfora.net (mreueus002 [74.208.5.2]) with ESMTPSA (Nemesis) id 0M2349-1tJRcR2j8t-014KM1; Tue, 28 Jan 2025 23:44:08 +0100 From: Jordan Rome To: bpf@vger.kernel.org Cc: linux-mm@kvack.org, Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Kernel Team , Andrew Morton , Shakeel Butt , Alexander Potapenko Subject: [bpf-next v6 1/3] mm: add copy_remote_vm_str Date: Tue, 28 Jan 2025 14:43:50 -0800 Message-ID: <20250128224352.3808460-1-linux@jordanrome.com> X-Mailer: git-send-email 2.43.5 Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Provags-ID: V03:K1:ubzDyLLWS+xG74qCEuoWDefp+b9Z5apMh2VD+lUkxRhjhueh/zZ iPJyTViXfuRr3rNVDDyu/kllF8hZ3jXLWQiFYVJ2MVqtciXl0/T+07EiNt8EryJgJj+C9V8 +DIvoQb1C/5Ma0kW7R4lhpNWvJxJZOZv2/cYMTGWUxO17gDfjdvYVtStEEmWw/kHV0A6MIE wrplXUr8SvxVodW+/DT5w== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:l5Al3IdDLUg=;+WvLmoKlwkVs0B6hB0P5cYDkcIg O4AzhMBo0WZWeFVL+hmkBYMIyMBjyxyltQ3pQ4ZQ7qnMEJ9LG0mowLNWJTva2WDKmlrX6ISFi BYUv+ZZQTSLu26SspQsqkS3G0kFmGbDRY0eGTxayZsUQ2gF7E0JR+VjradxsLbObeHRZKKYnv UY5IMC24vpj/RAGx5n+vW4vbnJ2iskIo7KUJWFR7z/5e1zyMBjk3MdTL2tDNzumuiAjrhEtMk nPrhVpiUJofEbaVMs1aDe9SOcIj0o+udzFlo4rjK8swiuBOUP3ZTYZbpQFhD+WYpqQrrxmU77 kn+CRZ8y3x6vIpNIMFetxDvxazxRp9cXOO34dg8mbydJPMluylpt/jyumEHRxYxW4OfeNpJF+ Xyk/lG3jdIxqKRVRPgNUGvukHDG0fHoVlyHeg12ro6UNB1FknsRkmyOlE7xQWEwtpkBnKLOvB gYA53T2J0SQQQeai9WzHoAP3zVd+49MSdQWyP57nLNgQIuo+ncENTDLdsNptTv/T3vsZkecA2 XkR+NBHQVPZgSQ2Xl6PW4YHQIvcxomtX56TF+xX1HzDgA8ex3Io71kgkqq1gB4EY3Ea7IjB70 EWbCc+W2NHIeH6V5yeQSL6Kp2UcOlFM8hf24ylSltc1SnGaSU203BnAroCjhD/5j4sax5Vht3 FwKgswMFJhcX+pV5bVZoMKFJzfCWsyi2Mj5zsb0hcl91aa/i9mJZFKoVYOQoMiGCz2i/GXZdH CzfhkHvlR71O1tGsdt3uRCzRUVjien9W2B08N+IODp9yJvUPAKkd0KAQGFmjIChASGyPwltOZ tGRTjHbM2gvwwCj6bPdEbUMV300f4JbolsHMWh/4BtzH/hXHajI7mRlBS6jFV/mWu2n44wYUX g6wbhkRTGLCtOzpolgKw8cKs+AVHyULF94raEOs63ytLXQvhCkirLTDb6aIHNRMKsEKtCl5Cp ywS16hHPSKwp3kPTWg84oDOKawldrfwTBoTiwRWFlSNFsczOquEKC+Z+scgrXnvmPW3rC7hgR uLeZBYvlH57a6Veysw/oj45aBoiWeO2SJsqx17Iynavx46OZxKmFcTcu20/wJx8adAo6ubKKq 2q9ZkCl4LXedBkNcYK2FOxH1xifEV2C5QAIrYBRSH7jYCLeq4L4KqSlyTbFD+KACH5Zq+6PeU Iq87eMNbzEK/SXGbXZmz5Iq6aPHQXTNFCikfI//u6RvYLDEc1a8/1/4QKRqJ0nR9ewYeMtL+H eDe+0/ANEFTF1zYa3rIPGmXOygb33YNyPA== X-Patchwork-Delegate: bpf@iogearbox.net Similar to `access_process_vm` but specific to strings. Also chunks reads by page and utilizes `strscpy` for handling null termination. Signed-off-by: Jordan Rome --- include/linux/mm.h | 3 ++ mm/memory.c | 119 +++++++++++++++++++++++++++++++++++++++++++++ mm/nommu.c | 74 ++++++++++++++++++++++++++++ 3 files changed, 196 insertions(+) -- 2.43.5 diff --git a/include/linux/mm.h b/include/linux/mm.h index f02925447e59..f3a05b3eb2f2 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2485,6 +2485,9 @@ extern int access_process_vm(struct task_struct *tsk, unsigned long addr, extern int access_remote_vm(struct mm_struct *mm, unsigned long addr, void *buf, int len, unsigned int gup_flags); +extern int copy_remote_vm_str(struct task_struct *tsk, unsigned long addr, + void *buf, int len, unsigned int gup_flags); + long get_user_pages_remote(struct mm_struct *mm, unsigned long start, unsigned long nr_pages, unsigned int gup_flags, struct page **pages, diff --git a/mm/memory.c b/mm/memory.c index 398c031be9ba..7f6e74a99984 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -6714,6 +6714,125 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, } EXPORT_SYMBOL_GPL(access_process_vm); +/* + * Copy a string from another process's address space as given in mm. + * If there is any error return -EFAULT. + */ +static int __copy_remote_vm_str(struct mm_struct *mm, unsigned long addr, + void *buf, int len, unsigned int gup_flags) +{ + void *old_buf = buf; + int err = 0; + ((char *)buf)[0] = '\0'; + + if (mmap_read_lock_killable(mm)) + return -EFAULT; + + /* Untag the address before looking up the VMA */ + addr = untagged_addr_remote(mm, addr); + + /* Avoid triggering the temporary warning in __get_user_pages */ + if (!vma_lookup(mm, addr)) { + err = -EFAULT; + goto out; + } + + while (len) { + int bytes, offset, retval; + void *maddr; + struct page *page; + struct vm_area_struct *vma = NULL; + + page = get_user_page_vma_remote(mm, addr, gup_flags, &vma); + + if (IS_ERR(page)) { + /* + * Treat as a total failure for now until we decide how + * to handle the CONFIG_HAVE_IOREMAP_PROT case and + * stack expansion. + */ + ((char *)buf)[0] = '\0'; + err = -EFAULT; + goto out; + } + + bytes = len; + offset = addr & (PAGE_SIZE - 1); + if (bytes > PAGE_SIZE - offset) + bytes = PAGE_SIZE - offset; + + maddr = kmap_local_page(page); + retval = strscpy(buf, maddr + offset, bytes); + + if (retval < 0) { + buf += (bytes - 1); + /* + * Because strscpy always NUL terminates we need to + * copy the last byte in the page if we are going to + * load more pages + */ + if (bytes != len) { + addr += (bytes - 1); + copy_from_user_page(vma, page, addr, buf, + maddr + (PAGE_SIZE - 1), 1); + + buf += 1; + addr += 1; + } + len -= bytes; + } + + unmap_and_put_page(page, maddr); + + if (retval >= 0) { + /* Found the end of the string */ + buf += retval; + goto out; + } + } + +out: + mmap_read_unlock(mm); + if (err) + return err; + + return buf - old_buf; +} + +/** + * copy_remote_vm_str - copy a string from another process's address space. + * @tsk: the task of the target address space + * @addr: start address to read from + * @buf: destination buffer + * @len: number of bytes to copy + * @gup_flags: flags modifying lookup behaviour + * + * The caller must hold a reference on @mm. + * + * Return: number of bytes copied from @addr (source) to @buf (destination); + * not including the trailing NUL. Always guaranteed to leave NUL-terminated + * buffer. On any error, return -EFAULT. + */ +int copy_remote_vm_str(struct task_struct *tsk, unsigned long addr, + void *buf, int len, unsigned int gup_flags) +{ + struct mm_struct *mm; + int ret; + + mm = get_task_mm(tsk); + if (!mm) { + ((char *)buf)[0] = '\0'; + return -EFAULT; + } + + ret = __copy_remote_vm_str(mm, addr, buf, len, gup_flags); + + mmput(mm); + + return ret; +} +EXPORT_SYMBOL_GPL(copy_remote_vm_str); + /* * Print the name of a VMA. */ diff --git a/mm/nommu.c b/mm/nommu.c index 9cb6e99215e2..4d83d0813eb8 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -1701,6 +1701,80 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, in } EXPORT_SYMBOL_GPL(access_process_vm); +/* + * Copy a string from another process's address space as given in mm. + * If there is any error return -EFAULT. + */ +static int __copy_remote_vm_str(struct mm_struct *mm, unsigned long addr, + void *buf, int len) +{ + uint64_t tmp; + struct vm_area_struct *vma; + + int ret = -EFAULT; + + ((char *)buf)[0] = '\0'; + + if (mmap_read_lock_killable(mm)) + return ret; + + /* the access must start within one of the target process's mappings */ + vma = find_vma(mm, addr); + if (!vma) + goto out; + + if (check_add_overflow(addr, len, &tmp)) + goto out; + /* don't overrun this mapping */ + if (tmp >= vma->vm_end) + len = vma->vm_end - addr; + + /* only read mappings where it is permitted */ + if (vma->vm_flags & VM_MAYREAD) { + ret = strscpy(buf, (char *)addr, len); + if (ret < 0) + ret = len - 1; + } + +out: + mmap_read_unlock(mm); + return ret; +} + +/** + * copy_remote_vm_str - copy a string from another process's address space. + * @tsk: the task of the target address space + * @addr: start address to read from + * @buf: destination buffer + * @len: number of bytes to copy + * @gup_flags: flags modifying lookup behaviour (unused) + * + * The caller must hold a reference on @mm. + * + * Return: number of bytes copied from @addr (source) to @buf (destination); + * not including the trailing NUL. Always guaranteed to leave NUL-terminated + * buffer. On any error, return -EFAULT. + */ +int copy_remote_vm_str(struct task_struct *tsk, unsigned long addr, + void *buf, int len, unsigned int gup_flags) +{ + struct mm_struct *mm; + int ret; + + mm = get_task_mm(tsk); + if (!mm) { + ((char *)buf)[0] = '\0'; + return -EFAULT; + } + + ret = __copy_remote_vm_str(mm, addr, buf, len); + + mmput(mm); + + return ret; +} +EXPORT_SYMBOL_GPL(copy_remote_vm_str); + /** * nommu_shrink_inode_mappings - Shrink the shared mappings on an inode * @inode: The inode to check From patchwork Tue Jan 28 22:43:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Rome X-Patchwork-Id: 13953324 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mout.perfora.net (mout.perfora.net [74.208.4.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3E8171DFE3D for ; Tue, 28 Jan 2025 22:44:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.208.4.196 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738104258; cv=none; b=P7yz+FhUiZUUFaeAWrnUQLtgI2vBotVkFVFzGKrcouHMZqVUwVHqnRIRL+sDnxAIIq4RHNMxwG/KbtSeTEWRgr529FSEY4EoXhmut669TTSOxKxTK2fKSBOe2G63qJyd661xtoZ+KlldprhNqclJS0Zb6iYJULJef6U9oBTSsFw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738104258; c=relaxed/simple; bh=yfxROexsgY7ktRVyxOd10OXp2cS+inHpzuy9B75v+d4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bysH4EFJc6l4GJNR7KezBrSHHr/yhBILvwjJtXTHIM9zlRY2s5LH27YvRcdn6iHrFJwKCOq7sPu/pcVPoggOl+WAM28bmTSmTZlVuIN0sT7aRLbsdltr5njBGSIKSdNosY1s5R0GpW8zMivj9Wi+P3Lz0e9sCnjgs4K/buLwBJ4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=jordanrome.com; spf=pass smtp.mailfrom=jordanrome.com; dkim=pass (2048-bit key) header.d=jordanrome.com header.i=linux@jordanrome.com header.b=AGuQb1aq; arc=none smtp.client-ip=74.208.4.196 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=jordanrome.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=jordanrome.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=jordanrome.com header.i=linux@jordanrome.com header.b="AGuQb1aq" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jordanrome.com; s=s1-ionos; t=1738104252; x=1738709052; i=linux@jordanrome.com; bh=QaM92VVJ8sVRDEhsj6U41D+q2njMPqo34UDqJs8UQDM=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID:In-Reply-To: References:MIME-Version:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=AGuQb1aqIhkM+t4+H+aKV9x5h0pPsY81c0aAaxeguJlpZOirIYLpZfGQ46W7MO0+ z1sb28CiiDEFcQWUygQmz51ckV3HC/D8iCml46wSBYfMUftUAf0+IE6nfTrWJsUeP lcMWh1UOJNhztcQmiTMpHHA/OS4KqZDTyprfEvqbfO/RukoP/ENVZJ1plolEt1II/ F+tIZAkNbwjmq0W9t8gMcgvEjNlTRT1vpocQmKZMwZPxXKboicW074XcGaowS5ccn rNFR21spsnBOSN47SVqQRihYZ5X1cljtGzAEFBtYdEDLWZvApOr3GbfmKW8RjurKQ 3hytXralyJcjqUJG+Q== X-UI-Sender-Class: 55c96926-9e95-11ee-ae09-1f7a4046a0f6 Received: from localhost ([69.171.251.5]) by mrelay.perfora.net (mreueus003 [74.208.5.2]) with ESMTPSA (Nemesis) id 0MLvf0-1tXNSq09jI-004vGQ; Tue, 28 Jan 2025 23:44:12 +0100 From: Jordan Rome To: bpf@vger.kernel.org Cc: linux-mm@kvack.org, Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Kernel Team , Andrew Morton , Shakeel Butt , Alexander Potapenko Subject: [bpf-next v6 2/3] bpf: Add bpf_copy_from_user_task_str kfunc Date: Tue, 28 Jan 2025 14:43:51 -0800 Message-ID: <20250128224352.3808460-2-linux@jordanrome.com> X-Mailer: git-send-email 2.43.5 In-Reply-To: <20250128224352.3808460-1-linux@jordanrome.com> References: <20250128224352.3808460-1-linux@jordanrome.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Provags-ID: V03:K1:4xRNZXuuNESdqb2Tos29jq2ltKwzIJIj/MAmdqpTx6w0jR8Lksm UjLxdEFq7BpU5ZSVRgbHpG4UDMg1WATsegYcoM0SZ1bE5JYeiQzO/oy7tGbTSloEh1Yq/Ug yUCQxc98CuwpQohOGSqe1alLhLnZ4D1qhH+b6wTS8OIrm4fPeww5udt4QDV4F2hOu9fSFyL DGnrJOZ8BP5xI3IepRMdQ== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:29i+6/+81s8=;DL5HqVC7ikGGjloURnjlmdkEFAI BKIy8ftc/phvEFeIiW5aSLRhpQ6rxdAtIp9L9+MgKxlUwkxVsxiW+TZ/dCqHrWgPXV6SC9Lni 8MLkTuacgufXQVRdAZT0KS34H9ayvE+fZ2jIfBWATok4spHxOowu1qGQ7Qn7CqR7v7foJC9WI AohZzFhugQXBxzs4m6ljkmYzQn1vPaleKzTWOXQuB5Hzeai201PkldD94zOobP5HCgdS609Ij cDNK2QeldpoGaNLZPxd/FHMtSjh4MjDVb2mN6CK67zOjVWKaBCWgM3WjBrVOEvRHNgSNFCcDd 6vIh9idm4xSyfK+Z4qTHnai0hlxYdwNXnNl3NyAlZ2+HdyUpXAYwabaZeUrBkdhmn166hVxZb 0RxY4sHRFUTrEKlJCN1j5hsvIFlC49FJtwCpTMgSuIZqhZYXPv1sJHLq15ibYGw4rG/WbAu0l 6NS4WQkP6kY/G63H/7VTyRwQayvymlFRrNvuETtgHSGsMN7ujV2w4JpSJgh21vM8ulnKelUTv PC6Em+4XlxCvOr2PECM/ZuvV67zPrYDtCtH7mYFCC0QiE6dMy84EWBAWv1chIxkxyfbJjtUa9 TMQrrg0Y20RENFBn5PI7WhilYFJdBcd8fxTKpMwDeWL0mVyzSxh2od0ZZkRgwjEnL44cWJ8l/ 49vBsC9pW5Y8AIzGkw5BZlpI5xojp3U7Hv8lPJWNGRRpjp7ibWA+rr9H6CMk8LLSDCGchuojF vfHCsAczueUsiZsDLsgdxGkrjumy/rMlWgaF+dhFEBzXTR+XFxrXTQiN3XK/1IXaKmH6TGvkX BwoHPMP4LQh3mOGzVb9SYeznAcsgknOy7UBm7Z+OL7p0mhnESjhvnEK3QSYX3s7ky5RhY5Fv4 M5W+pQUnOn96k6jiDKpQaVJwr9ONy164M1nOGMqJc/vyxJb1FcLd6FUWGm/41G6Mjdr3FzeS/ ZwgM0Yn1g1tJN3fUTeofAc51TmPf8KzQXeXTRQ2I6+NvyB87/YIHQ8zthdsYFMMowOSERYZOH CV/LGNwpfEMn48n752B0GwBjm1clkYmYN6rq3sbVWV4rV+yvPWpqLOU2GIeZkOtQEaDKLLNru UitHtuV2if+v2+GUu9drc25hHsevvR+W7yz2AZqTnrGwfUCEjuZ60aet57WrgabXIgji3Gj0X Ny/rOJ6Q7dPaPvmOoZ5CS+/bIoZWYd66ln12ZKZaNFF1AtKdN5epQFE7dcq7FNhanFAWcq7OW hg4J5qvWBZPsgv9f5lLvBeMESwO7CZvpyw== X-Patchwork-Delegate: bpf@iogearbox.net This new kfunc will be able to copy a string from another process's/task's address space. This is similar to `bpf_copy_from_user_str` but accepts a `struct task_struct*` argument. Acked-by: Andrii Nakryiko Signed-off-by: Jordan Rome --- kernel/bpf/helpers.c | 48 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) -- 2.43.5 diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index f27ce162427a..a33f72a4c31f 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -3082,6 +3082,53 @@ __bpf_kfunc void bpf_local_irq_restore(unsigned long *flags__irq_flag) local_irq_restore(*flags__irq_flag); } +/** + * bpf_copy_from_user_task_str() - Copy a string from an task's address space + * @dst: Destination address, in kernel space. This buffer must be + * at least @dst__sz bytes long. + * @dst__sz: Maximum number of bytes to copy, includes the trailing NUL. + * @unsafe_ptr__ign: Source address in the task's address space. + * @tsk: The task whose address space will be used + * @flags: The only supported flag is BPF_F_PAD_ZEROS + * + * Copies a NUL terminated string from a task's address space to @dst__sz + * buffer. If user string is too long this will still ensure zero termination + * in the @dst__sz buffer unless buffer size is 0. + * + * If BPF_F_PAD_ZEROS flag is set, memset the tail of @dst__sz to 0 on success + * and memset all of @dst__sz on failure. + * + * Return: The number of copied bytes on success including the NUL terminator. + * A negative error code on failure. + */ +__bpf_kfunc int bpf_copy_from_user_task_str(void *dst, + u32 dst__sz, + const void __user *unsafe_ptr__ign, + struct task_struct *tsk, + u64 flags) +{ + int ret; + + if (unlikely(flags & ~BPF_F_PAD_ZEROS)) + return -EINVAL; + + if (unlikely(!dst__sz)) + return 0; + + ret = copy_remote_vm_str(tsk, (unsigned long)unsafe_ptr__ign, dst, dst__sz, 0); + + if (ret < 0) { + if (flags & BPF_F_PAD_ZEROS) + memset(dst, 0, dst__sz); + return ret; + } + + if (flags & BPF_F_PAD_ZEROS) + memset(dst + ret, 0, dst__sz - ret); + + return ret + 1; +} + __bpf_kfunc_end_defs(); BTF_KFUNCS_START(generic_btf_ids) @@ -3174,6 +3221,7 @@ BTF_ID_FLAGS(func, bpf_iter_bits_new, KF_ITER_NEW) BTF_ID_FLAGS(func, bpf_iter_bits_next, KF_ITER_NEXT | KF_RET_NULL) BTF_ID_FLAGS(func, bpf_iter_bits_destroy, KF_ITER_DESTROY) BTF_ID_FLAGS(func, bpf_copy_from_user_str, KF_SLEEPABLE) +BTF_ID_FLAGS(func, bpf_copy_from_user_task_str, KF_SLEEPABLE) BTF_ID_FLAGS(func, bpf_get_kmem_cache) BTF_ID_FLAGS(func, bpf_iter_kmem_cache_new, KF_ITER_NEW | KF_SLEEPABLE) BTF_ID_FLAGS(func, bpf_iter_kmem_cache_next, KF_ITER_NEXT | KF_RET_NULL | KF_SLEEPABLE) From patchwork Tue Jan 28 22:43:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jordan Rome X-Patchwork-Id: 13953325 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DF0591C3BF7 for ; Tue, 28 Jan 2025 22:44:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.208.4.194 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738104267; cv=none; b=kChGoQisIBzp05uNz5EhxK520pV/k8Ial82AKyCIUHP72P7aGxZkY8iQeE0fx0lyv8+T3Q4PqU5NcgUUiLSSXH/by25gVhjqe/xEaSSNsCG2JCr07hMj1QRbC9qfJiH33UN+xDg/y+CvwK+yNnOtmfV8BF+TE9Y/d/BGaflTOdg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738104267; c=relaxed/simple; bh=sC2j8xRGHe7nr+QNZ5ZANfcvHGfTRLLs3oKofC73OZw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=e9xY68OB7NqtsXOfuRtgax3isuDizCY0ZJOFEmY8abX9tpu4F2dg2dE9pCS4FRDf2QKPhXk3E4wOl9vzljtaoT5LC036BXdF2vqCqYC+dICeMZO1DPjGD87a4R1VN80BBpJH5VHYj1Q8OO1qHpFKzJIUHiaWtJfazf2dq4Hm7gg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=jordanrome.com; spf=pass smtp.mailfrom=jordanrome.com; dkim=pass (2048-bit key) header.d=jordanrome.com header.i=linux@jordanrome.com header.b=2tRjXSHe; arc=none smtp.client-ip=74.208.4.194 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=jordanrome.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=jordanrome.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=jordanrome.com header.i=linux@jordanrome.com header.b="2tRjXSHe" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jordanrome.com; s=s1-ionos; t=1738104255; x=1738709055; i=linux@jordanrome.com; bh=LhJJH5WuMX5aq6LX3M5eXAA/nYkW+PydFm8hbRxet3Y=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID:In-Reply-To: References:MIME-Version:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=2tRjXSHe/cXn1FoqIkguxSxTIWSxQYsaSCPdxkI42RSPpQt2UlWePk1il7Xa6VyB XrAVJVUJn0P2FMPF4YulA3dTrrUI98UlY8zh+SD632nPzq1z2p2KWl0qMZUoIHFkY K2/pOsaIYuf/2env6m/UV83If0p5lhzfGCpBgfbv1wxfHrlaOWX5xwrXCDdIQy2Bw dvAf0Xa/oKS+kIzT1lmkNDQC53fG7zwnxYXwrqUXx3vg/BfKckYkFMW5lOpDZ2CXQ fLYuQo36nBiuCBVjtg6TnW++NQ+Y4+Ta0T75PJ6RvjTK735wi94lMGTd8XfNULd7C G9iL4WKeoB1j/zRYzw== X-UI-Sender-Class: 55c96926-9e95-11ee-ae09-1f7a4046a0f6 Received: from localhost ([69.171.251.3]) by mrelay.perfora.net (mreueus004 [74.208.5.2]) with ESMTPSA (Nemesis) id 1MwxJ1-1tF1lc0Dhz-00tyiV; Tue, 28 Jan 2025 23:44:15 +0100 From: Jordan Rome To: bpf@vger.kernel.org Cc: linux-mm@kvack.org, Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Kernel Team , Andrew Morton , Shakeel Butt , Alexander Potapenko Subject: [bpf-next v6 3/3] selftests/bpf: Add tests for bpf_copy_from_user_task_str Date: Tue, 28 Jan 2025 14:43:52 -0800 Message-ID: <20250128224352.3808460-3-linux@jordanrome.com> X-Mailer: git-send-email 2.43.5 In-Reply-To: <20250128224352.3808460-1-linux@jordanrome.com> References: <20250128224352.3808460-1-linux@jordanrome.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Provags-ID: V03:K1:dUpyW8ZQI4xCv3r6SWnn1cP0igwa1BlRWYz1XV0OhYgqhhyXbq4 2/ZOwp/r0QLRCb8dTC27YKV12g8V4tHfTxApeitjEOKpVG6/rm9vvlDbR0Ga56y+9MIjDDQ VMjo+x/UdzAZNmt+tXryeel4uAAgiq1Hss6vh5hV8WvyVGETCg5dv/GJimVPvqHNUQwk/Lb jPobii2DRd1EQ4SpTbloA== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:BBG0znHmojc=;jyOkfJqp77N3aFhAWLMgPFmcmEo jOor2fIc/IMLOQUabPQvbCE9fM/ZQp1lsMoEzplfjJkMGjv/On3Xz9SoR1KqyZ4so2NiuY1ng uiAMuRDXhYtE/2QVPj1pbWYVnxDKSOk3YFc7CKBN3YaapwLquS2kh8x7yqJaNDynsLyEy6XSt YnAyEB41gx2wK5wDLpvO4rKRURbTP59yZVWzdrgYJYL3N8Ka1vTImqwHYX7qfnFtraiAP/lA5 3K6+wSzv/SnJP1UO1cE52OPo154CORBEqEr+yqbDs0rlWj6Gh3Bzc+ItkSwc+iefN/sz1l1UH SPH2sNR+fcK6MSFs+T7SCPiUPuqAP2xefPwroNi3T3p1lUbfousbjvadE4tT2ZCSM+lEmhl4x micd13WC/cvOJWoAbJmR5jpdLMLW61clY4jcBt8X5z9nMXTNpDeo6Dogf7v1QP0ljYxtKw0sC H+X57bGhuW7nYKerb3UK1Koe8EEYarOXHHCVebRMKFCeS+tort/uvabwNBmtR/fILKEpcGmfp k9geUhZdkUJM7bPMQYXPSXjkMoTR04A1wRoPptKE8dHx9tA8XhzJzABwp44ioCCVMG6KnYzry N0P2ZnNHd8X9erUAm6W2+GojwYXSHhT341Sq/TLusIyjFbK2o0Q3I+DPlPSEZyqbPSgXle15t JVo2gZLXtod5WV9h/iV5e5TD7Ir7RfWFM/ouuXNwdZcpEPIUbT25AY/XoPRHdC4MZr5IxQdGv oXiGb2zQVhLqcMaFmZJqFYaCkbozJ/spRp/kC42VzId8uIbBsVY3wXxuT4iYwZmN3zldsinRG eZ4IgpxKszf9v6QnVNq/77R4PFs0cD9XcfOocuLB27UYpZu9lwcSCV95/8QmEIXDa8QsPXjeB VAx9awSCslCsxUrUSs3jtP/nYzlBxPMvAWBAi61K3uJVrrVDde1VC/BkTqCt2g0z/Mx3dy4Gx PsauebZ2ziTSjcvKm32kGQG6Wc9Il6I1YW+OSxlAvDvGhkgTHmz/83wCK9GmBrMwZmyHP7sXT X4uhjwjjxk3UuXwCDv0mE+gWKIJ1Rn5M/2xlG+bbIoD4/RrzSFQ06U4ZKwEiVmsNBLBt9kGkw OiB0E3WePbhUv6iCp8ZkA/b3aCY4aWaKTL5dBr0AAu5kF/MjqGKQ== X-Patchwork-Delegate: bpf@iogearbox.net This adds tests for both the happy path and the error path (with and without the BPF_F_PAD_ZEROS flag). Signed-off-by: Jordan Rome --- .../selftests/bpf/prog_tests/bpf_iter.c | 68 +++++++++++ .../selftests/bpf/prog_tests/read_vsyscall.c | 1 + .../selftests/bpf/progs/bpf_iter_tasks.c | 110 ++++++++++++++++++ .../selftests/bpf/progs/read_vsyscall.c | 11 +- 4 files changed, 188 insertions(+), 2 deletions(-) -- 2.43.5 diff --git a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c index 6f1bfacd7375..add4a18c33bd 100644 --- a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c +++ b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c @@ -323,19 +323,87 @@ static void test_task_pidfd(void) static void test_task_sleepable(void) { struct bpf_iter_tasks *skel; + int pid, status, err, data_pipe[2], finish_pipe[2], c; + char *test_data = NULL; + char *test_data_long = NULL; + char *data[2]; + + if (!ASSERT_OK(pipe(data_pipe), "data_pipe") || + !ASSERT_OK(pipe(finish_pipe), "finish_pipe")) + return; skel = bpf_iter_tasks__open_and_load(); if (!ASSERT_OK_PTR(skel, "bpf_iter_tasks__open_and_load")) return; + pid = fork(); + if (!ASSERT_GE(pid, 0, "fork")) + return; + + if (pid == 0) { + /* child */ + close(data_pipe[0]); + close(finish_pipe[1]); + + test_data = malloc(sizeof(char) * 10); + strncpy(test_data, "test_data", 10); + test_data[9] = '\0'; + + test_data_long = malloc(sizeof(char) * 5000); + for (int i = 0; i < 5000; ++i) { + if (i % 2 == 0) + test_data_long[i] = 'b'; + else + test_data_long[i] = 'a'; + } + test_data_long[4999] = '\0'; + + data[0] = test_data; + data[1] = test_data_long; + + write(data_pipe[1], &data, sizeof(data)); + + /* keep child alive until after the test */ + err = read(finish_pipe[0], &c, 1); + if (err != 1) + exit(-1); + + close(data_pipe[1]); + close(finish_pipe[0]); + _exit(0); + } + + /* parent */ + close(data_pipe[1]); + close(finish_pipe[0]); + + err = read(data_pipe[0], &data, sizeof(data)); + ASSERT_EQ(err, sizeof(data), "read_check"); + + skel->bss->user_ptr = data[0]; + skel->bss->user_ptr_long = data[1]; + skel->bss->pid = pid; + do_dummy_read(skel->progs.dump_task_sleepable); ASSERT_GT(skel->bss->num_expected_failure_copy_from_user_task, 0, "num_expected_failure_copy_from_user_task"); ASSERT_GT(skel->bss->num_success_copy_from_user_task, 0, "num_success_copy_from_user_task"); + ASSERT_GT(skel->bss->num_expected_failure_copy_from_user_task_str, 0, + "num_expected_failure_copy_from_user_task_str"); + ASSERT_GT(skel->bss->num_success_copy_from_user_task_str, 0, + "num_success_copy_from_user_task_str"); bpf_iter_tasks__destroy(skel); + + write(finish_pipe[1], &c, 1); + err = waitpid(pid, &status, 0); + ASSERT_EQ(err, pid, "waitpid"); + ASSERT_EQ(status, 0, "zero_child_exit"); + + close(data_pipe[0]); + close(finish_pipe[1]); } static void test_task_stack(void) diff --git a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c index c7b9ba8b1d06..a8d1eaa67020 100644 --- a/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c +++ b/tools/testing/selftests/bpf/prog_tests/read_vsyscall.c @@ -24,6 +24,7 @@ struct read_ret_desc { { .name = "copy_from_user", .ret = -EFAULT }, { .name = "copy_from_user_task", .ret = -EFAULT }, { .name = "copy_from_user_str", .ret = -EFAULT }, + { .name = "copy_from_user_task_str", .ret = -EFAULT }, }; void test_read_vsyscall(void) diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c b/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c index bc10c4e4b4fa..966ee5a7b066 100644 --- a/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c +++ b/tools/testing/selftests/bpf/progs/bpf_iter_tasks.c @@ -9,6 +9,13 @@ char _license[] SEC("license") = "GPL"; uint32_t tid = 0; int num_unknown_tid = 0; int num_known_tid = 0; +void *user_ptr = 0; +void *user_ptr_long = 0; +uint32_t pid = 0; + +static char big_str1[5000]; +static char big_str2[5005]; +static char big_str3[4996]; SEC("iter/task") int dump_task(struct bpf_iter__task *ctx) @@ -35,7 +42,9 @@ int dump_task(struct bpf_iter__task *ctx) } int num_expected_failure_copy_from_user_task = 0; +int num_expected_failure_copy_from_user_task_str = 0; int num_success_copy_from_user_task = 0; +int num_success_copy_from_user_task_str = 0; SEC("iter.s/task") int dump_task_sleepable(struct bpf_iter__task *ctx) @@ -44,6 +53,9 @@ int dump_task_sleepable(struct bpf_iter__task *ctx) struct task_struct *task = ctx->task; static const char info[] = " === END ==="; struct pt_regs *regs; + char task_str1[10] = "aaaaaaaaaa"; + char task_str2[10], task_str3[10]; + char task_str4[20] = "aaaaaaaaaaaaaaaaaaaa"; void *ptr; uint32_t user_data = 0; int ret; @@ -78,8 +90,106 @@ int dump_task_sleepable(struct bpf_iter__task *ctx) BPF_SEQ_PRINTF(seq, "%s\n", info); return 0; } + ++num_success_copy_from_user_task; + /* Read an invalid pointer and ensure we get an error */ + ptr = NULL; + ret = bpf_copy_from_user_task_str((char *)task_str1, sizeof(task_str1), ptr, task, 0); + if (ret >= 0 || task_str1[9] != 'a' || task_str1[0] != '\0') { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + /* Read an invalid pointer and ensure we get error with pad zeros flag */ + ptr = NULL; + ret = bpf_copy_from_user_task_str((char *)task_str1, sizeof(task_str1), + ptr, task, BPF_F_PAD_ZEROS); + if (ret >= 0 || task_str1[9] != '\0' || task_str1[0] != '\0') { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + ++num_expected_failure_copy_from_user_task_str; + + /* Same length as the string */ + ret = bpf_copy_from_user_task_str((char *)task_str2, 10, user_ptr, task, 0); + /* only need to do the task pid check once */ + if (bpf_strncmp(task_str2, 10, "test_data\0") != 0 || ret != 10 || task->tgid != pid) { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + /* Shorter length than the string */ + ret = bpf_copy_from_user_task_str((char *)task_str3, 2, user_ptr, task, 0); + if (bpf_strncmp(task_str3, 2, "t\0") != 0 || ret != 2) { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + /* Longer length than the string */ + ret = bpf_copy_from_user_task_str((char *)task_str4, 20, user_ptr, task, 0); + if (bpf_strncmp(task_str4, 10, "test_data\0") != 0 || ret != 10 + || task_str4[sizeof(task_str4) - 1] != 'a') { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + /* Longer length than the string with pad zeros flag */ + ret = bpf_copy_from_user_task_str((char *)task_str4, 20, user_ptr, task, BPF_F_PAD_ZEROS); + if (bpf_strncmp(task_str4, 10, "test_data\0") != 0 || ret != 10 + || task_str4[sizeof(task_str4) - 1] != '\0') { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + /* Longer length than the string past a page boundary */ + ret = bpf_copy_from_user_task_str(big_str1, 5000, user_ptr, task, 0); + if (bpf_strncmp(big_str1, 10, "test_data\0") != 0 || ret != 10) { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + /* String that crosses a page boundary */ + ret = bpf_copy_from_user_task_str(big_str1, 5000, user_ptr_long, task, BPF_F_PAD_ZEROS); + if (bpf_strncmp(big_str1, 4, "baba") != 0 || ret != 5000 + || bpf_strncmp(big_str1 + 4996, 4, "bab\0") != 0) { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + for (int i = 0; i < 4999; ++i) { + if (i % 2 == 0) { + if (big_str1[i] != 'b') { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + } else { + if (big_str1[i] != 'a') { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + } + } + + /* Longer length than the string that crosses a page boundary */ + ret = bpf_copy_from_user_task_str(big_str2, 5005, user_ptr_long, task, BPF_F_PAD_ZEROS); + if (bpf_strncmp(big_str2, 4, "baba") != 0 || ret != 5000 + || bpf_strncmp(big_str2 + 4996, 5, "bab\0\0") != 0) { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + /* Shorter length than the string that crosses a page boundary */ + ret = bpf_copy_from_user_task_str(big_str3, 4996, user_ptr_long, task, 0); + if (bpf_strncmp(big_str3, 4, "baba") != 0 || ret != 4996 + || bpf_strncmp(big_str3 + 4992, 4, "bab\0") != 0) { + BPF_SEQ_PRINTF(seq, "%s\n", info); + return 0; + } + + ++num_success_copy_from_user_task_str; + if (ctx->meta->seq_num == 0) BPF_SEQ_PRINTF(seq, " tgid gid data\n"); diff --git a/tools/testing/selftests/bpf/progs/read_vsyscall.c b/tools/testing/selftests/bpf/progs/read_vsyscall.c index 39ebef430059..395591374d4f 100644 --- a/tools/testing/selftests/bpf/progs/read_vsyscall.c +++ b/tools/testing/selftests/bpf/progs/read_vsyscall.c @@ -8,14 +8,16 @@ int target_pid = 0; void *user_ptr = 0; -int read_ret[9]; +int read_ret[10]; char _license[] SEC("license") = "GPL"; /* - * This is the only kfunc, the others are helpers + * These are the kfuncs, the others are helpers */ int bpf_copy_from_user_str(void *dst, u32, const void *, u64) __weak __ksym; +int bpf_copy_from_user_task_str(void *dst, u32, const void *, + struct task_struct *, u64) __weak __ksym; SEC("fentry/" SYS_PREFIX "sys_nanosleep") int do_probe_read(void *ctx) @@ -47,6 +49,11 @@ int do_copy_from_user(void *ctx) read_ret[7] = bpf_copy_from_user_task(buf, sizeof(buf), user_ptr, bpf_get_current_task_btf(), 0); read_ret[8] = bpf_copy_from_user_str((char *)buf, sizeof(buf), user_ptr, 0); + read_ret[9] = bpf_copy_from_user_task_str((char *)buf, + sizeof(buf), + user_ptr, + bpf_get_current_task_btf(), + 0); return 0; }