Re: [PATCH RFC] bpf: Add support for reading user pointers

From: Joel Fernandes
Date: Mon May 06 2019 - 12:15:28 EST

On Mon, May 06, 2019 at 11:47:51PM +0900, Masami Hiramatsu wrote:
> Hi Joel,
> On Thu, 2 May 2019 16:49:58 -0400
> "Joel Fernandes (Google)" <joel@xxxxxxxxxxxxxxxxx> wrote:
> > The eBPF based opensnoop tool fails to read the file path string passed
> > to the do_sys_open function. This is because it is a pointer to
> > userspace address and causes an -EFAULT when read with
> > probe_kernel_read. This is not an issue when running the tool on x86 but
> > is an issue on arm64. This patch adds a new bpf function call based
> > which calls the recently proposed probe_user_read function [1].
> > Using this function call from opensnoop fixes the issue on arm64.
> >
> > [1]
> Anyway, this series is still out-of-tree. We have to push this or similar
> update into kernel at first. I can resend v7 on the latest -tip tree including
> this patch if you update the description.

Sounds good. I also have to split it up and add a deprecation for the old
API. I will get this done today and then you can include them in your series,
thanks! Once I send them, could you CC bpf maintainers on the patches too in
the future? thanks.

- Joel