Re: [PATCH net-next v5 1/2] bpf: Add bpf_probe_write_user BPF helper to be called in tracers
From: Alexei Starovoitov
Date: Sat Jul 23 2016 - 21:14:01 EST
On Sat, Jul 23, 2016 at 05:43:48PM -0700, Sargun Dhillon wrote:
> This allows user memory to be written to during the course of a kprobe.
> It shouldn't be used to implement any kind of security mechanism
> because of TOC-TOU attacks, but rather to debug, divert, and
> manipulate execution of semi-cooperative processes.
>
> Although it uses probe_kernel_write, we limit the address space
> the probe can write into by checking the space with access_ok.
> This is so the call doesn't sleep. In addition we ensure the threads's
> current fs / segment is USER_DS and the thread isn't exiting nor
> a kernel thread.
>
> Given this feature is experimental, and has the risk of crashing the
> system, we print a warning on first invocation, and the process name
> on subsequent invocations.
>
> It was tested with the tracex7 program on x86-64.
s/tracex7/test_probe_write_user form the next patch/
or just drop this sentence.
> +static const struct bpf_func_proto *bpf_get_probe_write_proto(void) {
> + pr_warn_ratelimited("bpf_probe_write_user: %s[%d] installing program with helper: it may corrupt user memory!",
> + current->comm, task_pid_nr(current));
I think checkpatch should have complained here.
current->comm line should start under "
No other nits for this patch :)
Once fixed, feel free to add my Acked-by: Alexei Starovoitov <ast@xxxxxxxxxx>