From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DB106CD37B5 for ; Tue, 3 Sep 2024 22:39:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4295E8D01E9; Tue, 3 Sep 2024 18:39:13 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3D9CE8D01E4; Tue, 3 Sep 2024 18:39:13 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 27A238D01E9; Tue, 3 Sep 2024 18:39:13 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 0836E8D01E4 for ; Tue, 3 Sep 2024 18:39:13 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id A5164402A8 for ; Tue, 3 Sep 2024 22:39:12 +0000 (UTC) X-FDA: 82524894144.07.3411389 Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com [209.85.216.41]) by imf11.hostedemail.com (Postfix) with ESMTP id D12624000A for ; Tue, 3 Sep 2024 22:39:10 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=EZfjACcn; spf=pass (imf11.hostedemail.com: domain of andrii.nakryiko@gmail.com designates 209.85.216.41 as permitted sender) smtp.mailfrom=andrii.nakryiko@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1725403075; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=i2PtT26YRiaBYasNug4rMtQJAR6q3w0Bv3mtkz5A7vg=; b=pnCHkozOM8alqvye3cIs+FX9ffEbZmBDKjbiXjPH9j4fjVPQC9xyg3O/gDcn6OgD2jhEGP qzSnfa+UFNZbJCPv8e0WjeCh4LLxENH5D+uv4b6uqmtdxK9l/r1ew66n/SxAPkDis0S4tc 67gIeM30iTAIhGWFuRdWP2kngfwKmyg= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=EZfjACcn; spf=pass (imf11.hostedemail.com: domain of andrii.nakryiko@gmail.com designates 209.85.216.41 as permitted sender) smtp.mailfrom=andrii.nakryiko@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1725403075; a=rsa-sha256; cv=none; b=t0aDzkmjZZFdU9ouB7wjXEtG0q11PEwTLeLcPE+zeyHHYBeY2OK17MM9Mo7xbit3BR7FtJ W2BTek/UtlZVhydJ4Bu6uD/AhVBpmRy+BmKVrTWxa17z3Lb4PLoZRBU3hobko78q3+c/wl ZM17IRpWUSZ+hE+Qy0gUilxCfGCp0+4= Received: by mail-pj1-f41.google.com with SMTP id 98e67ed59e1d1-2d892997913so2478874a91.3 for ; Tue, 03 Sep 2024 15:39:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1725403149; x=1726007949; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=i2PtT26YRiaBYasNug4rMtQJAR6q3w0Bv3mtkz5A7vg=; b=EZfjACcnBrM1MZuSLvhjHUg6YrJpTxclVDmA4gh6RnPDFPP1S0kdRGcYhdiaNiFJ0c IgRngUc5kDMHgZIX6K/cwnXygSMTPTe85GBCN+IbaGHEWB9b6H2sFDbgpIvauFO/kH0e 87A29l9W9dlFOYfChSVDDkpGNhHMKfQpYDYQjnG0eZlnmku3KAv5jNsTtHUxjcOf4cLP +CUVbofPHV8/KkJO2YKyJwu0R5ZWvHFBPbXNv9R/PnspzF0WGcBTI4HK7/t4nQ1JKb3C cjhC5uZRafLUInOdapOKPMcjhVRKvzUPsPMxCWt9aJex5uj4y0H6EzrNRwHjRAHwRpaJ k9yw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725403149; x=1726007949; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=i2PtT26YRiaBYasNug4rMtQJAR6q3w0Bv3mtkz5A7vg=; b=BhBqic9vB20R6x9CvqQ5wFHK5GhSo8Nq/9OKjJLlIfHYE2rytkpM4Sk6vS8/zAxbFc VPk1KlSaY6kxzFdQ3o2axYT13kWvSYIxIxQFezv+09jDtjY0oQh05HqRoklG/sGOiCK3 B1KJm2XQ+5WJyQYC1OORUbsHkxUXDDGwSJqmy6xKNSqrUe6mW8ElFDg5l7J+HtJSSym2 2l0nbTVp7bohkOvQl/ffdMVpggvVnJ6yqAqmnUgAOLx0xD37yY+Hc+sKskBw11ajpmY3 6o6CMwZcrX4aSEfn8gFF/JTCSGbQnCxMGN0A5mP9H/Ig9G+dhNieGMue5xAR/p84WKgg 8CkA== X-Forwarded-Encrypted: i=1; AJvYcCV74/oTGAeGHgDekWFtLKb9S+8d158Z5+9gAkwPkp4Py4N3dAWDyqWxztXlcTSiOaCqqAvhayrSog==@kvack.org X-Gm-Message-State: AOJu0YzTjhlkjYF87vVvqkab20RM9wd0T835VxoiBND1VJQz3IDhSAMO SfHT/9uPDvcyZLwLp6rZYVtu1+1JfDohrnL1kL7Bidsk/e56ipv5L+zbz6cGE5SsOpHJpTfliPD T3gJm+VSx90UMQ3iTfBl9GSfxjtU= X-Google-Smtp-Source: AGHT+IHqfBfyIi1sY/xSA1xbdpPbbWvmy5eqvGxffWVsRA5cwcYDa75eASwd10hegsqh0goLCXgFxIVazxTlOxZ30R8= X-Received: by 2002:a17:90a:bd91:b0:2cc:ef14:89e3 with SMTP id 98e67ed59e1d1-2d8904ee82emr11225806a91.15.1725403149223; Tue, 03 Sep 2024 15:39:09 -0700 (PDT) MIME-Version: 1.0 References: <20240829174232.3133883-1-andrii@kernel.org> In-Reply-To: <20240829174232.3133883-1-andrii@kernel.org> From: Andrii Nakryiko Date: Tue, 3 Sep 2024 15:38:57 -0700 Message-ID: Subject: Re: [PATCH v7 bpf-next 00/10] Harden and extend ELF build ID parsing logic To: willy@infradead.org, linux-mm@kvack.org, akpm@linux-foundation.org Cc: bpf@vger.kernel.org, adobriyan@gmail.com, shakeel.butt@linux.dev, hannes@cmpxchg.org, ak@linux.intel.com, osandov@osandov.com, song@kernel.org, jannh@google.com, linux-fsdevel@vger.kernel.org, Andrii Nakryiko Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: q93oguieoq3yehntsqkddgews4p4jzap X-Rspam-User: X-Rspamd-Queue-Id: D12624000A X-Rspamd-Server: rspam02 X-HE-Tag: 1725403150-225795 X-HE-Meta: U2FsdGVkX1/kNFAf67AcDfRc1m1OW6qN6smR4VJZeHgwkSrCl5UncL4a5KtrGN4EJXfvYZBAwTSz3MKWaLp6MwGnYPSe64r1j1RIPYVRJDKvoq+knkgE12dH//XN71SPYNuI0K5KhLDmTvJSz2DIr45AHiIvBU1KfvSIrq2w7R2+oILUhF/nFqK29uBxSYrMVpgjWPvoHMnx76pnh/Qoo8Ntq0pc6NDmZzvdQQucynppy0JqucqijCWtrHcGJGNM/W+/0N/xKu69Jj00hxdq0sqKR9F0ncsAd4p7Rf2aP68uzGx9byD6vY2brkS4+P7SAqWVNRUYP+o/8naq2pYwlfYZm+muEExxjqkdNQmpzgLoXaB8e3m7phqzS9gUNdOlSVy3sG/yoHDq3f90xBGUpcypYqSa+f4H3aYoKb20UkplMDRz9XK+w63ChLY3CEFACkzMjA9WhGopPt9jNZTJnKnOzFDbQ7M43vB8nwl/29PYU29XVHk7k38S0ECDekQNvpFRHEAj+sR8VUz+7gtf0KMPPxw7BPtYTb7/rBhdZX5rS1imvn7uxBV8kzgOv3Nd9gveo1EvfuMlTBUW7CyAj/rhmGNL039N5bs2AyZa0wzW0//TMiAv4cGWNFSvontNmZTTWMTuk8ek9wP1Lens1M7qtLLCtyyCc7RpgUPcUjpmaq5+xTDCWKMEcr3Hg3MZMRaQ8zumn6NTxW7nP1jNk+iDpWn8eUKwLS4RfQaKqtEJGqmQOqlaLazAM1FWqbHae0QDHqXbx9nb73bD2Q6JXCxtFPtuLaKBQDAqKiO5KU9UZVd2csH++cODuCj1KW4/T2ptaZwT7DR6BoyQyFOvE3nkUgFf04gSl+Yk+WHhlXb8FDCrhRL89L8XB8NveKhgu5RmYwrIgGXPQ/EpwlUAHhVTquwAYoMZuakA9g15MrbsFECjRVuIJ3zvSy4EK7jrrl2rZn3OefKT02YREjf k/3JXr7O o5/6LhKSsecUVq6t9n5VDABDaNUFhe1dl53S96uFqmZnHCmX0GOIi+dLOLbfpqL3pMj0dMWAsVwI7o7zNTYrNZ04S74B8UOQLphfZQAm6Hly0n/vC0GndKsD0yK+pnu5FKh34QKDMHYgjb/zAbMMXgF9s9dOd7CyQ9n3L8svunyNJ56BZcHxghtSL3AmbXBVkebNYz9kqZ4jlhc+InbbBsETqqIdD4NnYZmOfhYOEuvhduSlIE3n0VpJHT0pwJO+2Tu6wUZzXaaJvbzQmHH+zboVAwYTxXeKSRtlqe7ku/BZtgCrNzg9uFsLNqmAfjDvKrv8xV7KtnIHhp+ZKXpnGH1NlFJORe2BytAgadKXfH2n18KFhlPIT/+5LtA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Aug 29, 2024 at 10:42=E2=80=AFAM Andrii Nakryiko wrote: > > The goal of this patch set is to extend existing ELF build ID parsing log= ic, > currently mostly used by BPF subsystem, with support for working in sleep= able > mode in which memory faults are allowed and can be relied upon to fetch > relevant parts of ELF file to find and fetch .note.gnu.build-id informati= on. > > This is useful and important for BPF subsystem itself, but also for > PROCMAP_QUERY ioctl(), built atop of /proc//maps functionality (see = [0]), > which makes use of the same build_id_parse() functionality. PROCMAP_QUERY= is > always called from sleepable user process context, so it doesn't have to > suffer from current restrictions of build_id_parse() which are due to the= NMI > context assumption. > > Along the way, we harden the logic to avoid TOCTOU, overflow, out-of-boun= ds > access problems. This is the very first patch, which can be backported t= o > older releases, if necessary. > > We also lift existing limitations of only working as long as ELF program > headers and build ID note section is contained strictly within the very f= irst > page of ELF file. > > We achieve all of the above without duplication of logic between sleepabl= e and > non-sleepable modes through freader abstraction that manages underlying f= olio > from page cache (on demand) and gives a simple to use direct memory acces= s > interface. With that, single page restrictions and adding sleepable mode > support is rather straightforward. > > We also extend existing set of BPF selftests with a few tests targeting b= uild > ID logic across sleepable and non-sleepabe contexts (we utilize sleepable= and > non-sleepable uprobes for that). > > [0] https://lore.kernel.org/linux-mm/20240627170900.1672542-4-andrii@k= ernel.org/ > > v6->v7: > - added filemap_invalidate_{lock,unlock}_shared() around read_cache_fol= io > and kept Eduard's Reviewed-by (Eduard); > v5->v6: > - use local phnum variable in get_build_id_32() (Jann); > - switch memcmp() instead of strcmp() in parse_build_id() (Jann); > v4->v5: > - pass proper file reference to read_cache_folio() (Shakeel); > - fix another potential overflow due to two u32 additions (Andi); > - add PageUptodate() check to patch #1 (Jann); > v3->v4: > - fix few more potential overflow and out-of-bounds access issues (Andi= ); > - use purely folio-based implementation for freader (Matthew); Ok, so I'm not sure what one needs to do to get Matthew's attention nowadays, but hopefully yet another ping might do the trick. Matthew, Can you please take another look and provide your ack or nack? I did the conversion to folio as you requested. It would be nice if you can give me a courtesy of acking my patch set, if there is nothing wrong with it, so it can finally go in. Thank you. > v2->v3: > - remove unneeded READ_ONCE()s and force phoff to u64 for 32-bit mode (= Andi); > - moved hardening fixes to the front for easier backporting (Jann); > - call freader_cleanup() from build_id_parse_buf() for consistency (Jir= i); > v1->v2: > - ensure MADV_PAGEOUT works reliably by paging data in first (Shakeel); > - to fix BPF CI build optionally define MADV_POPULATE_READ in selftest. > > Andrii Nakryiko (10): > lib/buildid: harden build ID parsing logic > lib/buildid: add single folio-based file reader abstraction > lib/buildid: take into account e_phoff when fetching program headers > lib/buildid: remove single-page limit for PHDR search > lib/buildid: rename build_id_parse() into build_id_parse_nofault() > lib/buildid: implement sleepable build_id_parse() API > lib/buildid: don't limit .note.gnu.build-id to the first page in ELF > bpf: decouple stack_map_get_build_id_offset() from > perf_callchain_entry > bpf: wire up sleepable bpf_get_stack() and bpf_get_task_stack() > helpers > selftests/bpf: add build ID tests > > include/linux/bpf.h | 2 + > include/linux/buildid.h | 4 +- > kernel/bpf/stackmap.c | 131 ++++-- > kernel/events/core.c | 2 +- > kernel/trace/bpf_trace.c | 5 +- > lib/buildid.c | 397 +++++++++++++----- > tools/testing/selftests/bpf/Makefile | 5 +- > .../selftests/bpf/prog_tests/build_id.c | 118 ++++++ > .../selftests/bpf/progs/test_build_id.c | 31 ++ > tools/testing/selftests/bpf/uprobe_multi.c | 41 ++ > tools/testing/selftests/bpf/uprobe_multi.ld | 11 + > 11 files changed, 605 insertions(+), 142 deletions(-) > create mode 100644 tools/testing/selftests/bpf/prog_tests/build_id.c > create mode 100644 tools/testing/selftests/bpf/progs/test_build_id.c > create mode 100644 tools/testing/selftests/bpf/uprobe_multi.ld > > -- > 2.43.5 >