Re: [RFC PATCH bpf-next v2 1/4] tracing/kprobe: bpf: Check error injectable event is on function entry

On Tue, Dec 26, 2017 at 04:46:59PM +0900, Masami Hiramatsu wrote: > Check whether error injectable event is on function entry or not. > Currently it checks the event is ftrace-based kprobes or not, > but that is wrong. It should check if the event is on the entry > of target function. Since error

kasan for bpf

Hi All, the recent bugs make people question the safety of bpf and not a surprise that some folks propose to set kernel.unprivileged_bpf_disabled = 1 by default. I think it will be wrong long term decision, since it will steer bpf into "root only" mentality. The verifier checks will become

kasan for bpf

Hi All, the recent bugs make people question the safety of bpf and not a surprise that some folks propose to set kernel.unprivileged_bpf_disabled = 1 by default. I think it will be wrong long term decision, since it will steer bpf into "root only" mentality. The verifier checks will become

Re: [PATCH] bpf: selftest for late caller stack size increase

On Fri, Dec 22, 2017 at 07:12:35PM +0100, Jann Horn wrote: > This checks that it is not possible to bypass the total stack size check in > update_stack_depth() by calling a function that uses a large amount of > stack memory *before* using a large amount of stack memory in the caller. > >

Re: [PATCH] bpf: selftest for late caller stack size increase

On Fri, Dec 22, 2017 at 07:12:35PM +0100, Jann Horn wrote: > This checks that it is not possible to bypass the total stack size check in > update_stack_depth() by calling a function that uses a large amount of > stack memory *before* using a large amount of stack memory in the caller. > >

Re: correctness of BPF stack size checking logic for multi-function programs?

On Fri, Dec 22, 2017 at 02:14:45AM +0100, Jann Horn wrote: > Hi! > > I saw the recently-added support for multiple functions in a single > program in BPF. I've stumbled over something that looks like it might > be a bug; I haven't verified it yet, but I thought I should give you a > heads-up

Re: correctness of BPF stack size checking logic for multi-function programs?

On Fri, Dec 22, 2017 at 02:14:45AM +0100, Jann Horn wrote: > Hi! > > I saw the recently-added support for multiple functions in a single > program in BPF. I've stumbled over something that looks like it might > be a bug; I haven't verified it yet, but I thought I should give you a > heads-up

tracepoint_probe_register and bpf. Was: [PATCH tip 0/3] Improvements of scheduler related Tracepoints

On Mon, Dec 18, 2017 at 10:11:57AM +0100, Peter Zijlstra wrote: > On Fri, Dec 15, 2017 at 09:09:51AM -0800, Alexei Starovoitov wrote: > > > yeah. Currently bpf progs are called at the end of > > perf_trace_##call() > > { > > .. regular tracepoint copy craft &

tracepoint_probe_register and bpf. Was: [PATCH tip 0/3] Improvements of scheduler related Tracepoints

On Mon, Dec 18, 2017 at 10:11:57AM +0100, Peter Zijlstra wrote: > On Fri, Dec 15, 2017 at 09:09:51AM -0800, Alexei Starovoitov wrote: > > > yeah. Currently bpf progs are called at the end of > > perf_trace_##call() > > { > > .. regular tracepoint copy craft &

Re: [PATCH v10 1/5] add infrastructure for tagging functions as error injectable

On 12/20/17 3:00 AM, Masami Hiramatsu wrote: On Fri, 15 Dec 2017 14:12:52 -0500 Josef Bacik wrote: From: Josef Bacik Using BPF we can override kprob'ed functions and return arbitrary values. Obviously this can be a bit unsafe, so make this feature

Re: [PATCH v10 1/5] add infrastructure for tagging functions as error injectable

On 12/20/17 3:00 AM, Masami Hiramatsu wrote: On Fri, 15 Dec 2017 14:12:52 -0500 Josef Bacik wrote: From: Josef Bacik Using BPF we can override kprob'ed functions and return arbitrary values. Obviously this can be a bit unsafe, so make this feature opt-in for functions. Simply tag a

Re: [PATCH v10 1/5] add infrastructure for tagging functions as error injectable

On 12/19/17 11:13 PM, Masami Hiramatsu wrote: On Tue, 19 Dec 2017 18:14:17 -0800 Alexei Starovoitov <a...@fb.com> wrote: On 12/18/17 10:29 PM, Masami Hiramatsu wrote: +#if defined(__KERNEL__) && !defined(__ASSEMBLY__) +#ifdef CONFIG_BPF_KPROBE_OVERRIDE BTW, CONFIG_BPF_K

Re: [PATCH v10 1/5] add infrastructure for tagging functions as error injectable

On 12/19/17 11:13 PM, Masami Hiramatsu wrote: On Tue, 19 Dec 2017 18:14:17 -0800 Alexei Starovoitov wrote: On 12/18/17 10:29 PM, Masami Hiramatsu wrote: +#if defined(__KERNEL__) && !defined(__ASSEMBLY__) +#ifdef CONFIG_BPF_KPROBE_OVERRIDE BTW, CONFIG_BPF_KPROBE_OVERRIDE is also co

Re: [PATCH v10 1/5] add infrastructure for tagging functions as error injectable

On 12/18/17 10:29 PM, Masami Hiramatsu wrote: +#if defined(__KERNEL__) && !defined(__ASSEMBLY__) +#ifdef CONFIG_BPF_KPROBE_OVERRIDE BTW, CONFIG_BPF_KPROBE_OVERRIDE is also confusable name. Since this feature override a function to just return with some return value (as far as I understand, or

Re: [PATCH v10 1/5] add infrastructure for tagging functions as error injectable

On 12/18/17 10:29 PM, Masami Hiramatsu wrote: +#if defined(__KERNEL__) && !defined(__ASSEMBLY__) +#ifdef CONFIG_BPF_KPROBE_OVERRIDE BTW, CONFIG_BPF_KPROBE_OVERRIDE is also confusable name. Since this feature override a function to just return with some return value (as far as I understand, or

Re: [PATCH] bpf: fix BPF_KPROBE_OVERRIDE dependencies

On Tue, Dec 19, 2017 at 11:12:04AM +0100, Arnd Bergmann wrote: > CONFIG_BPF_KPROBE_OVERRIDE causes a link failure when CONFIG_KPROBE_EVENTS > is disabled: > > kernel/trace/bpf_trace.o: In function `bpf_override_return': > (.text+0x172): undefined reference to `bpf_kprobe_override' > > This adds

Re: [PATCH] bpf: fix BPF_KPROBE_OVERRIDE dependencies

On Tue, Dec 19, 2017 at 11:12:04AM +0100, Arnd Bergmann wrote: > CONFIG_BPF_KPROBE_OVERRIDE causes a link failure when CONFIG_KPROBE_EVENTS > is disabled: > > kernel/trace/bpf_trace.o: In function `bpf_override_return': > (.text+0x172): undefined reference to `bpf_kprobe_override' > > This adds

Re: [PATCH -tip v3 0/6] net: tcp: sctp: dccp: Replace jprobe usage with trace events

On Tue, Dec 19, 2017 at 05:56:55PM +0900, Masami Hiramatsu wrote: > include/trace/events/sctp.h | 98 ++ > include/trace/events/tcp.h | 80 +++ > net/Kconfig | 17 -- > net/dccp/Kconfig| 17 -- > net/dccp/Makefile |2 >

Re: [PATCH -tip v3 0/6] net: tcp: sctp: dccp: Replace jprobe usage with trace events

On Tue, Dec 19, 2017 at 05:56:55PM +0900, Masami Hiramatsu wrote: > include/trace/events/sctp.h | 98 ++ > include/trace/events/tcp.h | 80 +++ > net/Kconfig | 17 -- > net/dccp/Kconfig| 17 -- > net/dccp/Makefile |2 >

Re: [PATCH v10 3/5] bpf: add a bpf_override_function helper

On 12/15/17 11:12 AM, Josef Bacik wrote: +#ifdef CONFIG_BPF_KPROBE_OVERRIDE +BPF_CALL_2(bpf_override_return, struct pt_regs *, regs, unsigned long, rc) +{ + __this_cpu_write(bpf_kprobe_override, 1); + regs_set_return_value(regs, rc); +

Re: [PATCH v10 3/5] bpf: add a bpf_override_function helper

On 12/15/17 11:12 AM, Josef Bacik wrote: +#ifdef CONFIG_BPF_KPROBE_OVERRIDE +BPF_CALL_2(bpf_override_return, struct pt_regs *, regs, unsigned long, rc) +{ + __this_cpu_write(bpf_kprobe_override, 1); + regs_set_return_value(regs, rc); +

Re: [PATCH tip 0/3] Improvements of scheduler related Tracepoints

On 12/14/17 11:39 PM, Peter Zijlstra wrote: On Thu, Dec 14, 2017 at 07:16:00PM -0800, Alexei Starovoitov wrote: On 12/14/17 12:49 PM, Peter Zijlstra wrote: On Thu, Dec 14, 2017 at 12:20:41PM -0800, Teng Qin wrote: This set of commits attempts to improve three scheduler related Tracepoints

Re: [PATCH tip 0/3] Improvements of scheduler related Tracepoints

On 12/14/17 11:39 PM, Peter Zijlstra wrote: On Thu, Dec 14, 2017 at 07:16:00PM -0800, Alexei Starovoitov wrote: On 12/14/17 12:49 PM, Peter Zijlstra wrote: On Thu, Dec 14, 2017 at 12:20:41PM -0800, Teng Qin wrote: This set of commits attempts to improve three scheduler related Tracepoints

Re: [PATCH tip 0/3] Improvements of scheduler related Tracepoints

On 12/14/17 12:49 PM, Peter Zijlstra wrote: On Thu, Dec 14, 2017 at 12:20:41PM -0800, Teng Qin wrote: This set of commits attempts to improve three scheduler related Tracepoints: sched_switch, sched_process_fork, sched_process_exit. Firstly, these commit add additional flag values, namely

Re: [PATCH tip 0/3] Improvements of scheduler related Tracepoints

On 12/14/17 12:49 PM, Peter Zijlstra wrote: On Thu, Dec 14, 2017 at 12:20:41PM -0800, Teng Qin wrote: This set of commits attempts to improve three scheduler related Tracepoints: sched_switch, sched_process_fork, sched_process_exit. Firstly, these commit add additional flag values, namely

Re: linux-next: build failure after merge of the bpf-next tree

On Wed, Dec 13, 2017 at 12:32:45PM +1100, Stephen Rothwell wrote: > Hi all, > > After merging the bpf-next tree, today's linux-next build (arm > multi_v7_defconfig) failed like this: > > kernel/events/core.o: In function `perf_ioctl': > core.c:(.text+0x98c4): undefined reference to

Re: linux-next: build failure after merge of the bpf-next tree

On Wed, Dec 13, 2017 at 12:32:45PM +1100, Stephen Rothwell wrote: > Hi all, > > After merging the bpf-next tree, today's linux-next build (arm > multi_v7_defconfig) failed like this: > > kernel/events/core.o: In function `perf_ioctl': > core.c:(.text+0x98c4): undefined reference to

Re: [PATCH v9 0/5] Add the ability to do BPF directed error injection

On 12/11/17 8:36 AM, Josef Bacik wrote: This is the same as v8, just rebased onto the bpf tree. v8->v9: - rebased onto the bpf tree. v7->v8: - removed the _ASM_KPROBE_ERROR_INJECT since it was not needed. v6->v7: - moved the opt-in macro to bpf.h out of kprobes.h. v5->v6: - add

Re: [PATCH v9 0/5] Add the ability to do BPF directed error injection

On 12/11/17 8:36 AM, Josef Bacik wrote: This is the same as v8, just rebased onto the bpf tree. v8->v9: - rebased onto the bpf tree. v7->v8: - removed the _ASM_KPROBE_ERROR_INJECT since it was not needed. v6->v7: - moved the opt-in macro to bpf.h out of kprobes.h. v5->v6: - add

Re: [PATCH net-next] libbpf: add function to setup XDP

On Sat, Dec 09, 2017 at 09:34:46AM -0700, David Ahern wrote: > On 12/9/17 7:43 AM, Eric Leblond wrote: > > + /* started nested attribute for XDP */ > > + nla = (struct nlattr *)(((char *)) > > + + NLMSG_ALIGN(req.nh.nlmsg_len)); > > + nla->nla_type = NLA_F_NESTED |

Re: [PATCH net-next] libbpf: add function to setup XDP

On Sat, Dec 09, 2017 at 09:34:46AM -0700, David Ahern wrote: > On 12/9/17 7:43 AM, Eric Leblond wrote: > > + /* started nested attribute for XDP */ > > + nla = (struct nlattr *)(((char *)) > > + + NLMSG_ALIGN(req.nh.nlmsg_len)); > > + nla->nla_type = NLA_F_NESTED |

Re: [PATCH v3 1/6] perf: prepare perf_event.h for new types perf_kprobe and perf_uprobe

On 12/4/17 10:24 AM, Song Liu wrote: On Dec 3, 2017, at 9:03 AM, Alexei Starovoitov <alexei.starovoi...@gmail.com> wrote: On Thu, Nov 30, 2017 at 03:50:18PM -0800, Song Liu wrote: Two new perf types, perf_kprobe and perf_uprobe, will be added to allow creating [k,u

Re: [PATCH v3 1/6] perf: prepare perf_event.h for new types perf_kprobe and perf_uprobe

On 12/4/17 10:24 AM, Song Liu wrote: On Dec 3, 2017, at 9:03 AM, Alexei Starovoitov wrote: On Thu, Nov 30, 2017 at 03:50:18PM -0800, Song Liu wrote: Two new perf types, perf_kprobe and perf_uprobe, will be added to allow creating [k,u]probe with perf_event_open. These [k,u]probe

Re: [PATCH 1/5] bpf: correct broken uapi for BPF_PROG_TYPE_PERF_EVENT program type

;mi...@redhat.com> > Cc: Alexander Shishkin <alexander.shish...@linux.intel.com> > Cc: Jiri Olsa <jo...@redhat.com> > Cc: Namhyung Kim <namhy...@kernel.org> > Cc: Arnd Bergmann <a...@arndb.de> > Cc: Alexei Starovoitov <a...@kernel.org> >

Re: [PATCH 1/5] bpf: correct broken uapi for BPF_PROG_TYPE_PERF_EVENT program type

Brueckner > Reviewed-and-tested-by: Thomas Richter > Cc: Arnaldo Carvalho de Melo > Cc: Peter Zijlstra > Cc: Ingo Molnar > Cc: Alexander Shishkin > Cc: Jiri Olsa > Cc: Namhyung Kim > Cc: Arnd Bergmann > Cc: Alexei Starovoitov > Cc: Daniel B

Re: [PATCH v3 1/6] perf: prepare perf_event.h for new types perf_kprobe and perf_uprobe

is NULL), or [k,u]probe offset. > > Signed-off-by: Song Liu <songliubrav...@fb.com> > Reviewed-by: Yonghong Song <y...@fb.com> > Reviewed-by: Josef Bacik <jba...@fb.com> > Acked-by: Alexei Starovoitov <a...@kernel.org> > --- > include/uapi/linux/perf_event.h |

Re: [PATCH v3 1/6] perf: prepare perf_event.h for new types perf_kprobe and perf_uprobe

is NULL), or [k,u]probe offset. > > Signed-off-by: Song Liu > Reviewed-by: Yonghong Song > Reviewed-by: Josef Bacik > Acked-by: Alexei Starovoitov > --- > include/uapi/linux/perf_event.h | 6 ++ > 1 file changed, 6 insertions(+) > > diff --git a/include/uapi/linux/pe

Re: [PATCH] compiler, clang: handle randomizable anonymous structs

On Thu, Nov 09, 2017 at 12:16:45PM +0530, Sandipan Das wrote: > The GCC randomize layout plugin can randomize the member > offsets of sensitive kernel data structures. To use this > feature, certain annotations and members are added to the > structures which affect the member offsets even if this

Re: [PATCH] compiler, clang: handle randomizable anonymous structs

On Thu, Nov 09, 2017 at 12:16:45PM +0530, Sandipan Das wrote: > The GCC randomize layout plugin can randomize the member > offsets of sensitive kernel data structures. To use this > feature, certain annotations and members are added to the > structures which affect the member offsets even if this

Re: [PATCH/RFC] Re: 'perf test BPF' failing, libbpf regression wrt "basic API for BPF obj name"

On 12/1/17 9:51 AM, Arnaldo Carvalho de Melo wrote: But this is not just testcase expectations, the usecase is someone wanting to use a newer tool, with perhaps some new features of interest that don't depend on changes in the kernel, in an older kernel on a system where updating it is not

Re: [PATCH/RFC] Re: 'perf test BPF' failing, libbpf regression wrt "basic API for BPF obj name"

On 12/1/17 9:51 AM, Arnaldo Carvalho de Melo wrote: But this is not just testcase expectations, the usecase is someone wanting to use a newer tool, with perhaps some new features of interest that don't depend on changes in the kernel, in an older kernel on a system where updating it is not

Re: [PATCH/RFC] Re: 'perf test BPF' failing, libbpf regression wrt "basic API for BPF obj name"

On 11/30/17 11:00 AM, Arnaldo Carvalho de Melo wrote: Instead of sinking all future bpf_attr's backward compatibility requirements to sys_bpf, I would push it up to its own BPF_* command helper which has a better sense of its bpf_attr, i.e. push it up to bpf_create_map_node() and

Re: [PATCH/RFC] Re: 'perf test BPF' failing, libbpf regression wrt "basic API for BPF obj name"

On 11/30/17 11:00 AM, Arnaldo Carvalho de Melo wrote: Instead of sinking all future bpf_attr's backward compatibility requirements to sys_bpf, I would push it up to its own BPF_* command helper which has a better sense of its bpf_attr, i.e. push it up to bpf_create_map_node() and

Re: [PATCH 1/6] perf: Add new type PERF_TYPE_PROBE

On 11/24/17 12:28 AM, Peter Zijlstra wrote: On Thu, Nov 23, 2017 at 10:31:29PM -0800, Alexei Starovoitov wrote: unfortunately 32-bit is more screwed than it seems: $ cat align.c #include struct S { unsigned long long a; } s; struct U { unsigned long long a; } u; int main

Re: [PATCH 1/6] perf: Add new type PERF_TYPE_PROBE

On 11/24/17 12:28 AM, Peter Zijlstra wrote: On Thu, Nov 23, 2017 at 10:31:29PM -0800, Alexei Starovoitov wrote: unfortunately 32-bit is more screwed than it seems: $ cat align.c #include struct S { unsigned long long a; } s; struct U { unsigned long long a; } u; int main

Re: [PATCH 1/6] perf: Add new type PERF_TYPE_PROBE

On 11/23/17 2:02 AM, Peter Zijlstra wrote: On Wed, Nov 15, 2017 at 09:23:33AM -0800, Song Liu wrote: Note: We use type __u64 for pointer probe_desc instead of __aligned_u64. The reason here is to avoid changing the size of struct perf_event_attr, and breaking new-kernel-old-utility scenario.

Re: [PATCH 1/6] perf: Add new type PERF_TYPE_PROBE

On 11/23/17 2:02 AM, Peter Zijlstra wrote: On Wed, Nov 15, 2017 at 09:23:33AM -0800, Song Liu wrote: Note: We use type __u64 for pointer probe_desc instead of __aligned_u64. The reason here is to avoid changing the size of struct perf_event_attr, and breaking new-kernel-old-utility scenario.

Re: [PATCH v7 0/4] Add the ability to do BPF directed error injection

On Wed, Nov 22, 2017 at 04:23:29PM -0500, Josef Bacik wrote: > This is hopefully the final version, I've addressed the comment by Igno and > added his Acks. > > v6->v7: > - moved the opt-in macro to bpf.h out of kprobes.h. Thanks Josef! All patches look great to me. We'll probably take them all

Re: [PATCH v7 0/4] Add the ability to do BPF directed error injection

On Wed, Nov 22, 2017 at 04:23:29PM -0500, Josef Bacik wrote: > This is hopefully the final version, I've addressed the comment by Igno and > added his Acks. > > v6->v7: > - moved the opt-in macro to bpf.h out of kprobes.h. Thanks Josef! All patches look great to me. We'll probably take them all

Re: [PATCH 0/6] enable creating [k,u]probe with perf_event_open

On Wed, Nov 15, 2017 at 09:23:31AM -0800, Song Liu wrote: > Changes RFC v2 to PATCH v1: > Check type PERF_TYPE_PROBE in perf_event_set_filter(). > Rebase on to tip perf/core. > > Changes RFC v1 to RFC v2: > Fix build issue reported by kbuild test bot by adding ifdef of >

Re: [PATCH 0/6] enable creating [k,u]probe with perf_event_open

On Wed, Nov 15, 2017 at 09:23:31AM -0800, Song Liu wrote: > Changes RFC v2 to PATCH v1: > Check type PERF_TYPE_PROBE in perf_event_set_filter(). > Rebase on to tip perf/core. > > Changes RFC v1 to RFC v2: > Fix build issue reported by kbuild test bot by adding ifdef of >

Re: [ftrace-bpf 1/5] add BPF_PROG_TYPE_FTRACE to bpf

On Mon, Nov 13, 2017 at 12:06:17AM -0800, peng yu wrote: > > 1. anything bpf related has to go via net-next tree. > I found there is a net-next git repo: > https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git > I will use this repo for the further bpf-ftrace patch set. > > > 2. > >

Re: [ftrace-bpf 1/5] add BPF_PROG_TYPE_FTRACE to bpf

On Mon, Nov 13, 2017 at 12:06:17AM -0800, peng yu wrote: > > 1. anything bpf related has to go via net-next tree. > I found there is a net-next git repo: > https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git > I will use this repo for the further bpf-ftrace patch set. > > > 2. > >

Re: [ftrace-bpf 1/5] add BPF_PROG_TYPE_FTRACE to bpf

On Sun, Nov 12, 2017 at 07:28:24AM +, yupeng0...@gmail.com wrote: > Add a new type BPF_PROG_TYPE_FTRACE to bpf, let bpf can be attached to > ftrace. Ftrace pass the function parameters to bpf prog, bpf prog > return 1 or 0 to indicate whether ftrace can trace this function. The > major propose

Re: [ftrace-bpf 1/5] add BPF_PROG_TYPE_FTRACE to bpf

On Sun, Nov 12, 2017 at 07:28:24AM +, yupeng0...@gmail.com wrote: > Add a new type BPF_PROG_TYPE_FTRACE to bpf, let bpf can be attached to > ftrace. Ftrace pass the function parameters to bpf prog, bpf prog > return 1 or 0 to indicate whether ftrace can trace this function. The > major propose

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

On 11/11/17 4:14 PM, Ingo Molnar wrote: * Josef Bacik wrote: On Fri, Nov 10, 2017 at 10:34:59AM +0100, Ingo Molnar wrote: * Josef Bacik wrote: @@ -551,6 +578,10 @@ static const struct bpf_func_proto *kprobe_prog_func_proto(enum bpf_func_id

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

On 11/11/17 4:14 PM, Ingo Molnar wrote: * Josef Bacik wrote: On Fri, Nov 10, 2017 at 10:34:59AM +0100, Ingo Molnar wrote: * Josef Bacik wrote: @@ -551,6 +578,10 @@ static const struct bpf_func_proto *kprobe_prog_func_proto(enum bpf_func_id func return

Re: [PATCH] net/tcp: introduce TRACE_EVENT for TCP/IPv4 state transition

On Thu, Nov 09, 2017 at 02:01:38PM +0800, Yafang Shao wrote: > With this newly introduced TRACE_EVENT, it will be very easy to minotor > TCP/IPv4 state transition. > > A new TRACE_SYSTEM named tcp is added, in which we can trace other TCP > event as well. > > Two helpers are added, > static

Re: [PATCH] net/tcp: introduce TRACE_EVENT for TCP/IPv4 state transition

On Thu, Nov 09, 2017 at 02:01:38PM +0800, Yafang Shao wrote: > With this newly introduced TRACE_EVENT, it will be very easy to minotor > TCP/IPv4 state transition. > > A new TRACE_SYSTEM named tcp is added, in which we can trace other TCP > event as well. > > Two helpers are added, > static

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/8/17 6:47 AM, Y Song wrote: On Tue, Nov 7, 2017 at 1:39 PM, Alexei Starovoitov <a...@fb.com> wrote: On 11/8/17 6:14 AM, Y Song wrote: On Tue, Nov 7, 2017 at 12:37 AM, Naveen N. Rao <naveen.n@linux.vnet.ibm.com> wrote: Alexei Starovoitov wrote: On 11/7/17 12:55 AM, N

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/8/17 6:47 AM, Y Song wrote: On Tue, Nov 7, 2017 at 1:39 PM, Alexei Starovoitov wrote: On 11/8/17 6:14 AM, Y Song wrote: On Tue, Nov 7, 2017 at 12:37 AM, Naveen N. Rao wrote: Alexei Starovoitov wrote: On 11/7/17 12:55 AM, Naveen N. Rao wrote: I thought such struct shouldn't

Re: [PATCH 0/2][v5] Add the ability to do BPF directed error injection

On 11/8/17 5:28 AM, Josef Bacik wrote: I'm sending this through Dave since it'll conflict with other BPF changes in his tree, but since it touches tracing as well Dave would like a review from somebody on the tracing side. v4->v5: - disallow kprobe_override programs from being put in the prog

Re: [PATCH 0/2][v5] Add the ability to do BPF directed error injection

On 11/8/17 5:28 AM, Josef Bacik wrote: I'm sending this through Dave since it'll conflict with other BPF changes in his tree, but since it touches tracing as well Dave would like a review from somebody on the tracing side. v4->v5: - disallow kprobe_override programs from being put in the prog

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/8/17 6:14 AM, Y Song wrote: On Tue, Nov 7, 2017 at 12:37 AM, Naveen N. Rao <naveen.n@linux.vnet.ibm.com> wrote: Alexei Starovoitov wrote: On 11/7/17 12:55 AM, Naveen N. Rao wrote: I thought such struct shouldn't change layout. If it is we need to fix include/linux/compiler-c

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/8/17 6:14 AM, Y Song wrote: On Tue, Nov 7, 2017 at 12:37 AM, Naveen N. Rao wrote: Alexei Starovoitov wrote: On 11/7/17 12:55 AM, Naveen N. Rao wrote: I thought such struct shouldn't change layout. If it is we need to fix include/linux/compiler-clang.h to do that anon struct as well

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/7/17 12:55 AM, Naveen N. Rao wrote: I thought such struct shouldn't change layout. If it is we need to fix include/linux/compiler-clang.h to do that anon struct as well. We considered that, but it looked to be very dependent on the version of gcc used to build the kernel. But, this may

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/7/17 12:55 AM, Naveen N. Rao wrote: I thought such struct shouldn't change layout. If it is we need to fix include/linux/compiler-clang.h to do that anon struct as well. We considered that, but it looked to be very dependent on the version of gcc used to build the kernel. But, this may

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/5/17 2:31 AM, Naveen N. Rao wrote: Hi Alexei, Alexei Starovoitov wrote: On 11/3/17 3:58 PM, Sandipan Das wrote: For added security, the layout of some structures can be randomized by enabling CONFIG_GCC_PLUGIN_RANDSTRUCT. One such structure is task_struct. To build BPF programs, we use

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/5/17 2:31 AM, Naveen N. Rao wrote: Hi Alexei, Alexei Starovoitov wrote: On 11/3/17 3:58 PM, Sandipan Das wrote: For added security, the layout of some structures can be randomized by enabling CONFIG_GCC_PLUGIN_RANDSTRUCT. One such structure is task_struct. To build BPF programs, we use

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/3/17 3:58 PM, Sandipan Das wrote: For added security, the layout of some structures can be randomized by enabling CONFIG_GCC_PLUGIN_RANDSTRUCT. One such structure is task_struct. To build BPF programs, we use Clang which does not support this feature. So, if we attempt to read a field of a

Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members

On 11/3/17 3:58 PM, Sandipan Das wrote: For added security, the layout of some structures can be randomized by enabling CONFIG_GCC_PLUGIN_RANDSTRUCT. One such structure is task_struct. To build BPF programs, we use Clang which does not support this feature. So, if we attempt to read a field of a

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

On Fri, Nov 03, 2017 at 05:52:22PM +0100, Daniel Borkmann wrote: > On 11/03/2017 03:31 PM, Josef Bacik wrote: > > On Fri, Nov 03, 2017 at 12:12:13AM +0100, Daniel Borkmann wrote: > > > Hi Josef, > > > > > > one more issue I just noticed, see comment below: > > > > > > On 11/02/2017 03:37 PM,

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

On Fri, Nov 03, 2017 at 05:52:22PM +0100, Daniel Borkmann wrote: > On 11/03/2017 03:31 PM, Josef Bacik wrote: > > On Fri, Nov 03, 2017 at 12:12:13AM +0100, Daniel Borkmann wrote: > > > Hi Josef, > > > > > > one more issue I just noticed, see comment below: > > > > > > On 11/02/2017 03:37 PM,

Re: [PATCH 1/2] [net-next] bpf: fix link error without CONFIG_NET

;bpf: move knowledge about post-translation offsets > > out of verifier") > > Signed-off-by: Arnd Bergmann <a...@arndb.de> > > Thanks Arnd! I was hoping to nuke this code before build bots catch up > to me, didn't work out :) yeah. Jakub's patches may not make it in time for net-next closing. so let's use this fix for now. Acked-by: Alexei Starovoitov <a...@kernel.org>

Re: [PATCH 1/2] [net-next] bpf: fix link error without CONFIG_NET

;bpf: move knowledge about post-translation offsets > > out of verifier") > > Signed-off-by: Arnd Bergmann > > Thanks Arnd! I was hoping to nuke this code before build bots catch up > to me, didn't work out :) yeah. Jakub's patches may not make it in time for net-next closing. so let's use this fix for now. Acked-by: Alexei Starovoitov

Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in bpf_check

On Thu, Nov 02, 2017 at 05:14:00PM +0100, Arnd Bergmann wrote: > On Thu, Nov 2, 2017 at 4:59 PM, Alexei Starovoitov > <alexei.starovoi...@gmail.com> wrote: > > On Thu, Nov 02, 2017 at 12:05:52PM +0100, Arnd Bergmann wrote: > >> diff --git a/kernel/bpf/verifier.c b/kerne

Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in bpf_check

On Thu, Nov 02, 2017 at 05:14:00PM +0100, Arnd Bergmann wrote: > On Thu, Nov 2, 2017 at 4:59 PM, Alexei Starovoitov > wrote: > > On Thu, Nov 02, 2017 at 12:05:52PM +0100, Arnd Bergmann wrote: > >> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c > >> in

Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in bpf_check

On Thu, Nov 02, 2017 at 12:05:52PM +0100, Arnd Bergmann wrote: > The bpf_verifer_ops array is generated dynamically and may be > empty depending on configuration, which then causes an out > of bounds access: > > kernel/bpf/verifier.c: In function 'bpf_check': > kernel/bpf/verifier.c:4320:29:

Re: [PATCH 2/2] [net-next] bpf: fix out-of-bounds access warning in bpf_check

On Thu, Nov 02, 2017 at 12:05:52PM +0100, Arnd Bergmann wrote: > The bpf_verifer_ops array is generated dynamically and may be > empty depending on configuration, which then causes an out > of bounds access: > > kernel/bpf/verifier.c: In function 'bpf_check': > kernel/bpf/verifier.c:4320:29:

Re: [PATCH v2 net-next 3/5] bpf, cgroup: implement eBPF-based device controller for cgroup v2

On 11/2/17 7:54 AM, Roman Gushchin wrote: +#define DEV_BPF_ACC_MKNOD (1ULL << 0) +#define DEV_BPF_ACC_READ (1ULL << 1) +#define DEV_BPF_ACC_WRITE (1ULL << 2) + +#define DEV_BPF_DEV_BLOCK (1ULL << 0) +#define DEV_BPF_DEV_CHAR (1ULL << 1) + all macros in bpf.h start

Re: [PATCH v2 net-next 3/5] bpf, cgroup: implement eBPF-based device controller for cgroup v2

On 11/2/17 7:54 AM, Roman Gushchin wrote: +#define DEV_BPF_ACC_MKNOD (1ULL << 0) +#define DEV_BPF_ACC_READ (1ULL << 1) +#define DEV_BPF_ACC_WRITE (1ULL << 2) + +#define DEV_BPF_DEV_BLOCK (1ULL << 0) +#define DEV_BPF_DEV_CHAR (1ULL << 1) + all macros in bpf.h start

Re: [PATCH net-next V2 3/3] tun: add eBPF based queue selection method

On Wed, Nov 01, 2017 at 03:59:48PM +0200, Michael S. Tsirkin wrote: > On Wed, Nov 01, 2017 at 09:02:03PM +0800, Jason Wang wrote: > > > > > > On 2017年11月01日 00:45, Michael S. Tsirkin wrote: > > > > +static void __tun_set_steering_ebpf(struct tun_struct *tun, > > > > +

Re: [PATCH net-next V2 3/3] tun: add eBPF based queue selection method

On Wed, Nov 01, 2017 at 03:59:48PM +0200, Michael S. Tsirkin wrote: > On Wed, Nov 01, 2017 at 09:02:03PM +0800, Jason Wang wrote: > > > > > > On 2017年11月01日 00:45, Michael S. Tsirkin wrote: > > > > +static void __tun_set_steering_ebpf(struct tun_struct *tun, > > > > +

Re: [PATCH 2/2] samples/bpf: add a test for bpf_override_return

ed-off-by: Josef Bacik <jba...@fb.com> Acked-by: Alexei Starovoitov <a...@kernel.org> +++ b/samples/bpf/test_override_return.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +rm -f testfile.img +dd if=/dev/zero of=testfile.img bs=1M seek=1000 count=1 +DEVICE=$(losetup --show -f testfile.img) +mkf

Re: [PATCH 2/2] samples/bpf: add a test for bpf_override_return

Acked-by: Alexei Starovoitov +++ b/samples/bpf/test_override_return.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +rm -f testfile.img +dd if=/dev/zero of=testfile.img bs=1M seek=1000 count=1 +DEVICE=$(losetup --show -f testfile.img) +mkfs.btrfs -f $DEVICE +mkdir tmpmnt +./tracex7 $DEVICE +if [ $? -eq 0

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

ematic error injection for all of our code paths. Signed-off-by: Josef Bacik <jba...@fb.com> Both bpf and tracing bits look great to me. Acked-by: Alexei Starovoitov <a...@kernel.org>

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

for all of our code paths. Signed-off-by: Josef Bacik Both bpf and tracing bits look great to me. Acked-by: Alexei Starovoitov

Re: linux-next: manual merge of the tip tree with the net-next tree

On Wed, Nov 01, 2017 at 09:55:24AM +0100, Peter Zijlstra wrote: > On Wed, Nov 01, 2017 at 09:27:43AM +0100, Ingo Molnar wrote: > > > > * Peter Zijlstra wrote: > > > > > On Wed, Nov 01, 2017 at 06:15:54PM +1100, Stephen Rothwell wrote: > > > > Hi all, > > > > > > > >

Re: linux-next: manual merge of the tip tree with the net-next tree

On Wed, Nov 01, 2017 at 09:55:24AM +0100, Peter Zijlstra wrote: > On Wed, Nov 01, 2017 at 09:27:43AM +0100, Ingo Molnar wrote: > > > > * Peter Zijlstra wrote: > > > > > On Wed, Nov 01, 2017 at 06:15:54PM +1100, Stephen Rothwell wrote: > > > > Hi all, > > > > > > > > Today's linux-next merge of

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

On 10/31/17 8:45 AM, Josef Bacik wrote: From: Josef Bacik Error injection is sloppy and very ad-hoc. BPF could fill this niche perfectly with it's kprobe functionality. We could make sure errors are only triggered in specific call chains that we care about with very specific

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

On 10/31/17 8:45 AM, Josef Bacik wrote: From: Josef Bacik Error injection is sloppy and very ad-hoc. BPF could fill this niche perfectly with it's kprobe functionality. We could make sure errors are only triggered in specific call chains that we care about with very specific situations.

Re: [PATCH 0/2][v2] Add the ability to do BPF directed error injection

On 10/31/17 6:55 PM, David Miller wrote: From: Josef Bacik Date: Tue, 31 Oct 2017 11:45:55 -0400 v1->v2: - moved things around to make sure that bpf_override_return could really only be used for an ftrace kprobe. - killed the special return values from trace_call_bpf.

Re: [PATCH 0/2][v2] Add the ability to do BPF directed error injection

On 10/31/17 6:55 PM, David Miller wrote: From: Josef Bacik Date: Tue, 31 Oct 2017 11:45:55 -0400 v1->v2: - moved things around to make sure that bpf_override_return could really only be used for an ftrace kprobe. - killed the special return values from trace_call_bpf. - renamed pc_modified

Re: [PATCH 2/2] samples/bpf: add a test for bpf_override_return

On 10/30/17 2:19 PM, Josef Bacik wrote: + +rm -f testfile.img +dd if=/dev/zero of=testfile.img bs=1M seek=1000 count=1 +DEVICE=$(losetup --show -f testfile.img) +mkfs.btrfs -f $DEVICE +mkdir tmpmnt +./tracex7 $DEVICE +if [ $? -eq 0 ] +then + echo "SUCCESS!" +else + echo "FAILED!" +fi

Re: [PATCH 2/2] samples/bpf: add a test for bpf_override_return

On 10/30/17 2:19 PM, Josef Bacik wrote: + +rm -f testfile.img +dd if=/dev/zero of=testfile.img bs=1M seek=1000 count=1 +DEVICE=$(losetup --show -f testfile.img) +mkfs.btrfs -f $DEVICE +mkdir tmpmnt +./tracex7 $DEVICE +if [ $? -eq 0 ] +then + echo "SUCCESS!" +else + echo "FAILED!" +fi

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

On 10/30/17 2:19 PM, Josef Bacik wrote: From: Josef Bacik Error injection is sloppy and very ad-hoc. BPF could fill this niche perfectly with it's kprobe functionality. We could make sure errors are only triggered in specific call chains that we care about with very specific

Re: [PATCH 1/2] bpf: add a bpf_override_function helper

On 10/30/17 2:19 PM, Josef Bacik wrote: From: Josef Bacik Error injection is sloppy and very ad-hoc. BPF could fill this niche perfectly with it's kprobe functionality. We could make sure errors are only triggered in specific call chains that we care about with very specific situations.

Re: [PATCH] net: xfrm_user: use BUG_ON instead of if condition followed by BUG

On Tue, Oct 24, 2017 at 11:53:20AM +0800, Herbert Xu wrote: > On Mon, Oct 23, 2017 at 10:50:43PM -0500, Gustavo A. R. Silva wrote: > > > > Quoting Herbert Xu : > > > > >On Mon, Oct 23, 2017 at 01:18:57PM -0500, Gustavo A. R. Silva wrote: > > >>Use BUG_ON instead of

Re: [PATCH] net: xfrm_user: use BUG_ON instead of if condition followed by BUG

On Tue, Oct 24, 2017 at 11:53:20AM +0800, Herbert Xu wrote: > On Mon, Oct 23, 2017 at 10:50:43PM -0500, Gustavo A. R. Silva wrote: > > > > Quoting Herbert Xu : > > > > >On Mon, Oct 23, 2017 at 01:18:57PM -0500, Gustavo A. R. Silva wrote: > > >>Use BUG_ON instead of if condition followed by BUG.

Re: [PATCH 18/27] bpf: Restrict kernel image access functions when the kernel is locked down

On Fri, Oct 20, 2017 at 11:57:48PM +0800, j...@suse.com wrote: > On Fri, Oct 20, 2017 at 09:08:48AM +0100, David Howells wrote: > > Hi Joey, > > > > Should I just lock down sys_bpf() entirely for now? We can always free it > > up > > somewhat later. > > > > David > > OK~~ Please just remove

<    4   5   6   7   8   9   10   11   12   13   >