Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1503880yba;
        Sun, 5 May 2019 07:47:22 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyr8sMz/d3dM91Oku+8ZAXa38/huTJgrbKcPQZvQ/QnnMLhWmdK+chLs7eKoeGDk3Py6prJ
X-Received: by 2002:a17:902:8f84:: with SMTP id z4mr24371987plo.124.1557067642784;
        Sun, 05 May 2019 07:47:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1557067642; cv=none;
        d=google.com; s=arc-20160816;
        b=cm0m2Vl5SuzW8QiHzZPqBhe5CAwhVL5RDFuPGrMcIMwhmFMYLZ6hfuWecSCuyj5820
         k01UWJYOkQOWglNFqBotTIsNplKFyscpxVBcbUyUyODaIQf7Ji7KXHm8xKbhNC5kpDwr
         nBLAKujVOJFEo+utFDJOQcB+WxswbpgY8P8/X4TtN06gbTh1mp3F1x2v7eNJLHlxjhtf
         OJryEdB7F6/n5ls16td3KKyEOeIHWDgwtHozh0/Eubuhv0wCkNDFCxMLCqnMnbhnGfqz
         Ec64LyVGCiZxL1v2A2X8/3IlXS0s75yCKu9rjxOE5+Iq2Rvo9B9syuLOnq3prePxCW8i
         APQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=M3ZFijt2PUJGnHgqn+mOMyUqtfAURAVumiWevzKdFQA=;
        b=z4c1xMoZvVC1hGj1urbS0+rVdvCbdcFez4+xvsdGUj/0WWE1pKri7KDYspSJqnnhiL
         BHBrYzUAOyT2H87Pi4icYgIIFelohUT1T0EJHqoHWY9qE/HA7SmPaXXs2dM6uLgHSSO8
         su5NlhFGkPLcp2AAY9MvUMoy5AYFIyNtbvo9XB0Fs10E/lJ9Gx6j4+kS9D+LCIX7PVnF
         QurEPuSHeqxvOxewJJ8RdEEDgHvfEPxmxC9QDzAE0ALgpK6vKYrSCN49H3httTr9upHr
         Vbg46wv/bcNQgFH1qYKUF8I+UJwTnExVVubsuuh2C/pL6xn81Q6o4ScrYu5m2HTa4NCu
         R4VQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id bi2si3944650plb.25.2019.05.05.07.47.07;
        Sun, 05 May 2019 07:47:22 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727722AbfEEOqQ (ORCPT <rfc822;mohamedabbas.us@gmail.com>
        + 99 others); Sun, 5 May 2019 10:46:16 -0400
Received: from foss.arm.com ([217.140.101.70]:59214 "EHLO foss.arm.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727325AbfEEOqP (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 5 May 2019 10:46:15 -0400
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])
        by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1B972374;
        Sun,  5 May 2019 07:46:15 -0700 (PDT)
Received: from e107158-lin.cambridge.arm.com (e107158-lin.cambridge.arm.com [10.1.194.71])
        by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id AF2D63F575;
        Sun,  5 May 2019 07:46:11 -0700 (PDT)
Date:   Sun, 5 May 2019 15:46:08 +0100
From:   Qais Yousef <qais.yousef@arm.com>
To:     Joel Fernandes <joel@joelfernandes.org>
Cc:     linux-kernel@vger.kernel.org,
        Michal Gregorczyk <michalgr@live.com>,
        Adrian Ratiu <adrian.ratiu@collabora.com>,
        Mohammad Husain <russoue@gmail.com>,
        Srinivas Ramana <sramana@codeaurora.org>,
        duyuchao <yuchao.du@unisoc.com>,
        Manjo Raja Rao <linux@manojrajarao.com>,
        Karim Yaghmour <karim.yaghmour@opersys.com>,
        Tamir Carmeli <carmeli.tamir@gmail.com>,
        Yonghong Song <yhs@fb.com>,
        Alexei Starovoitov <ast@kernel.org>,
        Brendan Gregg <brendan.d.gregg@gmail.com>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Peter Ziljstra <peterz@infradead.org>,
        Steven Rostedt <rostedt@goodmis.org>,
        Kees Cook <keescook@chromium.org>, kernel-team@android.com,
        Daniel Borkmann <daniel@iogearbox.net>,
        Ingo Molnar <mingo@redhat.com>, netdev@vger.kernel.org
Subject: Re: [PATCH RFC] bpf: Add support for reading user pointers
Message-ID: <20190505144608.u3vsxyz5huveuskx@e107158-lin.cambridge.arm.com>
References: <20190502204958.7868-1-joel@joelfernandes.org>
 <20190503121234.6don256zuvfjtdg6@e107158-lin.cambridge.arm.com>
 <20190503134935.GA253329@google.com>
 <20190505110423.u7g3f2viovvgzbtn@e107158-lin.cambridge.arm.com>
 <20190505132949.GB3076@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20190505132949.GB3076@localhost>
User-Agent: NeoMutt/20171215
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 05/05/19 13:29, Joel Fernandes wrote:
> On Sun, May 05, 2019 at 12:04:24PM +0100, Qais Yousef wrote:
> > On 05/03/19 09:49, Joel Fernandes wrote:
> > > On Fri, May 03, 2019 at 01:12:34PM +0100, Qais Yousef wrote:
> > > > Hi Joel
> > > > 
> > > > On 05/02/19 16:49, Joel Fernandes (Google) wrote:
> > > > > The eBPF based opensnoop tool fails to read the file path string passed
> > > > > to the do_sys_open function. This is because it is a pointer to
> > > > > userspace address and causes an -EFAULT when read with
> > > > > probe_kernel_read. This is not an issue when running the tool on x86 but
> > > > > is an issue on arm64. This patch adds a new bpf function call based
> > > > 
> > > > I just did an experiment and if I use Android 4.9 kernel I indeed fail to see
> > > > PATH info when running opensnoop. But if I run on 5.1-rc7 opensnoop behaves
> > > > correctly on arm64.
> > > > 
> > > > My guess either a limitation that was fixed on later kernel versions or Android
> > > > kernel has some strict option/modifications that make this fail?
> > > 
> > > Thanks a lot for checking, yes I was testing 4.9 kernel with this patch (pixel 3).
> > > 
> > > I am not sure what has changed since then, but I still think it is a good
> > > idea to make the code more robust against such future issues anyway. In
> > > particular, we learnt with extensive discussions that user/kernel pointers
> > > are not necessarily distinguishable purely based on their address.
> > 
> > Yes I wasn't arguing against that. But the commit message is misleading or
> > needs more explanation at least. I tried 4.9.y stable and arm64 worked on that
> > too. Why do you think it's an arm64 problem?
> 
> Well it is broken on at least on at least one arm64 device and the patch I
> sent fixes it. We know that the bpf is using wrong kernel API so why not fix
> it? Are you saying we should not fix it like in this patch? Or do you have
> another fix in mind?

Again I have no issue with the new API. But the claim that it's a fix for
a broken arm64 is a big stretch. AFAICT you don't understand the root cause of
why copy_to_user_inatomic() fails in your case. Given that Android 4.9 has
its own patches on top of 4.9 stable, it might be something that was introduced
in one of these patches that breaks opensnoop, and by making it use the new API
you might be simply working around the problem. All I can see is that vanilla
4.9 stable works on arm64.

So I am happy about introducing the new API but not happy with the commit
message or the explanation given in it. Unless you can investigate the root
cause and relate how this fixes it (and not workaround a problem you're
specifically having) I think it's better to introduce this patch as a generic
new API that is more robust to handle reading __user data in BPF and drop
reference to opensnoop failures. They raise more questions and the real
intention of this patch anyway is to provide the new correct way for BPF
programs to read __user data regardless opensnoop fails or not AFAIU.

Cheers

--
Qais Yousef