Re: [PATCH bpf v3 2/2] bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat

From: Yonghong Song
Date: Wed May 18 2022 - 16:57:48 EST

Next message: Stephen Boyd: "Re: [PATCH v2 1/3] clk: ingenic: Allow specifying common clock flags"
Previous message: Stephen Boyd: "Re: [PATCH v3 3/3] drm/msm/dp: delete vdda regulator related functions from eDP/DP controller"
In reply to: Eugene Syromiatnikov: "Re: [PATCH bpf v3 2/2] bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/18/22 1:03 PM, Eugene Syromiatnikov wrote:

On Wed, May 18, 2022 at 09:55:05AM -0700, Yonghong Song wrote:

On 5/18/22 5:22 AM, Eugene Syromiatnikov wrote:

Since bpf_kprobe_multi_link_attach doesn't support 32-bit kernels
for whatever reason, having it enabled for compat processes on 64-bit
kernels makes even less sense due to discrepances in the type sizes
that it does not handle.

If I understand correctly, the reason is due to
in libbpf we have
struct bpf_link_create_opts {
size_t sz; /* size of this struct for forward/backward compatibility
*/
__u32 flags;
union bpf_iter_link_info *iter_info;
__u32 iter_info_len;
__u32 target_btf_id;
union {
struct {
__u64 bpf_cookie;
} perf_event;
struct {
__u32 flags;
__u32 cnt;
const char **syms;
const unsigned long *addrs;
const __u64 *cookies;
} kprobe_multi;
};
size_t :0;
};

Note that we have `const unsigned long *addrs;`

If we have 32-bit user space application and 64bit kernel,
and we will have userspace 32-bit pointers and kernel as
64bit pointers and current kernel doesn't handle 32-bit
user pointer properly.

Consider this may involve libbpf uapi change, maybe
we should change "const unsigned long *addrs;" to
"const __u64 *addrs;" considering we haven't freeze
libbpf UAPI yet.

Otherwise, we stick to current code with this patch,
it will make it difficult to support 32-bit app with
64-bit kernel for kprobe_multi in the future due to
uapi issues.

WDYT?

As 32 bit arches are "unsupported" currently, the change would be more
a semantic one rather then practical; I don't mind having it here (basically,
the tools/* part of [1]), though (assuming it is still possible to get it
in 5.18).

[1] https://lore.kernel.org/lkml/6ef675aeeea442fa8fc168cd1cb4e4e474f65a3f.1652772731.git.esyr@xxxxxxxxxx/

I think for patch [1], we only need libbpf and selftest change, no
kernel change is needed since we
explicitly does not support 32bit kernel in the
beginning of function bpf_kprobe_multi_link_attach():

/* no support for 32bit archs yet */
if (sizeof(u64) != sizeof(void *))
return -EOPNOTSUPP;

and in kernel, address (pointer) size will be considered
long (64bit) which is exactly the libbpf change did that.

Fixes: 0dcac272540613d4 ("bpf: Add multi kprobe link")
Signed-off-by: Eugene Syromiatnikov <esyr@xxxxxxxxxx>
---
kernel/trace/bpf_trace.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 212faa4..2f83489 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -2412,7 +2412,7 @@ int bpf_kprobe_multi_link_attach(const union bpf_attr *attr, struct bpf_prog *pr
int err;
/* no support for 32bit archs yet */
- if (sizeof(u64) != sizeof(void *))
+ if (sizeof(u64) != sizeof(void *) || in_compat_syscall())
return -EOPNOTSUPP;
if (prog->expected_attach_type != BPF_TRACE_KPROBE_MULTI)

Next message: Stephen Boyd: "Re: [PATCH v2 1/3] clk: ingenic: Allow specifying common clock flags"
Previous message: Stephen Boyd: "Re: [PATCH v3 3/3] drm/msm/dp: delete vdda regulator related functions from eDP/DP controller"
In reply to: Eugene Syromiatnikov: "Re: [PATCH bpf v3 2/2] bpf_trace: bail out from bpf_kprobe_multi_link_attach when in compat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]