Re: [PATCH bpf v3 2/2] bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat

From: Yonghong Song
Date: Wed May 18 2022 - 12:55:56 EST

Next message: Pasha Tatashin: "Re: [RFC 0/6] Bootloader based hibernation"
Previous message: Borislav Petkov: "Re: [PATCH -next] x86/events:Use struct_size() helper in kzalloc()"
In reply to: Eugene Syromiatnikov: "[PATCH bpf v3 2/2] bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat"
Next in thread: Eugene Syromiatnikov: "Re: [PATCH bpf v3 2/2] bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/18/22 5:22 AM, Eugene Syromiatnikov wrote:

Since bpf_kprobe_multi_link_attach doesn't support 32-bit kernels
for whatever reason, having it enabled for compat processes on 64-bit
kernels makes even less sense due to discrepances in the type sizes
that it does not handle.

If I understand correctly, the reason is due to
in libbpf we have
struct bpf_link_create_opts {
size_t sz; /* size of this struct for forward/backward compatibility */
__u32 flags;
union bpf_iter_link_info *iter_info;
__u32 iter_info_len;
__u32 target_btf_id;
union {
struct {
__u64 bpf_cookie;
} perf_event;
struct {
__u32 flags;
__u32 cnt;
const char **syms;
const unsigned long *addrs;
const __u64 *cookies;
} kprobe_multi;
};
size_t :0;
};

Note that we have `const unsigned long *addrs;`

If we have 32-bit user space application and 64bit kernel,
and we will have userspace 32-bit pointers and kernel as
64bit pointers and current kernel doesn't handle 32-bit
user pointer properly.

Consider this may involve libbpf uapi change, maybe
we should change "const unsigned long *addrs;" to
"const __u64 *addrs;" considering we haven't freeze
libbpf UAPI yet.

Otherwise, we stick to current code with this patch,
it will make it difficult to support 32-bit app with
64-bit kernel for kprobe_multi in the future due to
uapi issues.

WDYT?

Fixes: 0dcac272540613d4 ("bpf: Add multi kprobe link")
Signed-off-by: Eugene Syromiatnikov <esyr@xxxxxxxxxx>
---
kernel/trace/bpf_trace.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 212faa4..2f83489 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -2412,7 +2412,7 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
int err;
/* no support for 32bit archs yet */
- if (sizeof(u64) != sizeof(void *))
+ if (sizeof(u64) != sizeof(void *) || in_compat_syscall())
return -EOPNOTSUPP;
if (prog->expected_attach_type != BPF_TRACE_KPROBE_MULTI)

Next message: Pasha Tatashin: "Re: [RFC 0/6] Bootloader based hibernation"
Previous message: Borislav Petkov: "Re: [PATCH -next] x86/events:Use struct_size() helper in kzalloc()"
In reply to: Eugene Syromiatnikov: "[PATCH bpf v3 2/2] bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat"
Next in thread: Eugene Syromiatnikov: "Re: [PATCH bpf v3 2/2] bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]