Re: [PATCH 1/2 v2] kprobe: Do not use uaccess functions to access kernel memory that can fault

From: Alexei Starovoitov
Date: Fri Feb 22 2019 - 19:04:02 EST

Next message: Alexandre Belloni: "[PATCH] clk: at91: programmable: remove unneeded register read"
Previous message: valdis . kletnieks: "Re: [bpf] 568f196756: BUG:assuming_atomic_context_at_kernel/seccomp.c"
In reply to: Andy Lutomirski: "Re: [PATCH 1/2 v2] kprobe: Do not use uaccess functions to access kernel memory that can fault"
Next in thread: Nadav Amit: "Re: [PATCH 1/2 v2] kprobe: Do not use uaccess functions to access kernel memory that can fault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 22, 2019 at 03:59:30PM -0800, Andy Lutomirski wrote:
> >
> > A relatively simple approach might be to teach BPF not to run kprobe
> > programs and such in contexts where current->mm isn't the active mm?
> > Maybe using nmi_uaccess_okay(), or something like that? It looks like
> > perf_callchain_user() also already uses that. Except that a lot of
> > this code is x86-specific...
>
> This sounds like exactly the right solution. If you're running from
> some unknown context (like NMI or tracing), then you should check
> nmi_uaccess_okay(). I think we should just promote that to be a
> non-arch-specific function (that returns true by default) and check it
> the relevant bpf_probe_xyz() functions.
>
> Alexei, does that seem reasonable?

yep. I think that should work.

Next message: Alexandre Belloni: "[PATCH] clk: at91: programmable: remove unneeded register read"
Previous message: valdis . kletnieks: "Re: [bpf] 568f196756: BUG:assuming_atomic_context_at_kernel/seccomp.c"
In reply to: Andy Lutomirski: "Re: [PATCH 1/2 v2] kprobe: Do not use uaccess functions to access kernel memory that can fault"
Next in thread: Nadav Amit: "Re: [PATCH 1/2 v2] kprobe: Do not use uaccess functions to access kernel memory that can fault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]