Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp3405832pxm; Mon, 28 Feb 2022 19:44:23 -0800 (PST) X-Google-Smtp-Source: ABdhPJxEJP0CLO3BVo7Xqf+hsQ8VtmfxCWyB7z+H7aDTlTRrF8SidZPs010ovfY+v+OxsDBeX2j8 X-Received: by 2002:a17:902:a511:b0:14d:a378:b5b0 with SMTP id s17-20020a170902a51100b0014da378b5b0mr23729665plq.9.1646106262574; Mon, 28 Feb 2022 19:44:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646106262; cv=none; d=google.com; s=arc-20160816; b=P+TZ9wMBWfGIJUg2srGsvyR8gl0/A7apf7ysSxFXlqzLqhJ3t2pJ+mEESnUX6miAgX oMlYACkpKhrL3JXiRTcPIryH/M5WbtKc63pvs2isrImsWNY0cR6SLtjAFk2WNqyTrPGK cURQLnUiUY1GoOkLCtYu8LPd1+Y0jhrSs3uKQvNW3cUmFbEWKT/WMvysIZExhqf+cS5F pzuxb3UbPAWJyS47oUXPb1JDsjiSkEuNtKfY/g6WZv0U8P5I/v/HLcGdJyLWb0zJCcd7 AT0XGbvIVClFsj8m97jee79zbCcAj3bCE3JXrI7FXdntuhaPtdCIGp8Xm4hZR7FMoIFi wKWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=D9x16hpYQdFpeB624xXKo/5BvFgV4Od1VIdDfB4dqJQ=; b=DDCSgZvwLpEY0Ww5kPOiQ0vq/xpwulZ2Q/+3yhqMX0AVKUjCwb8jjMXE771PupSnme bvUPvFjLSDh92AHa0n/zfOAWhk/hX2liKyPrkeLnm52H9Lgk7z7iVPd9NeoJ2ll56BCR tunHZ7jXaRWW9yzvqArUvEOu7xXGoZpkv/kimlzheADNiDbwWJ86GnSbM9KDsaQOmF/k fboW1zxDPmgQTjjErU1qGzWoESl6ff5s5eBCegRRPrBA2AQtTpLGZDOcqIpX+2/Vnh8z 1yaeNua5GitlEsu3yWY2+JdTDLUFANY4b9dEdnYpHwQEn3zniaHwFemHLKvBQd0Ej7oC 1D2g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=ly9WvSk6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o13-20020a170903300d00b0014d26fc5fc3si10233157pla.376.2022.02.28.19.44.04; Mon, 28 Feb 2022 19:44:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=ly9WvSk6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231543AbiCADRv (ORCPT + 99 others); Mon, 28 Feb 2022 22:17:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39260 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229763AbiCADRt (ORCPT ); Mon, 28 Feb 2022 22:17:49 -0500 Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com [IPv6:2607:f8b0:4864:20::102f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D603950E05 for ; Mon, 28 Feb 2022 19:17:09 -0800 (PST) Received: by mail-pj1-x102f.google.com with SMTP id bx9-20020a17090af48900b001bc64ee7d3cso1015355pjb.4 for ; Mon, 28 Feb 2022 19:17:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=D9x16hpYQdFpeB624xXKo/5BvFgV4Od1VIdDfB4dqJQ=; b=ly9WvSk6zUpjZVEFos11qbu1AHRjIws7KxqN6MNQ24+lQp4PAD94zNW9mUHv0byc9Z h2rOcqDlSnHTmBxtDIUgoesRu+anF0AmmCArmrOZIPizxDYoz58hdvnKpC0xGzO9CSlE U47YviJOVqkJ/pZyezz5dr6rNIkTdtWBo3+MU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=D9x16hpYQdFpeB624xXKo/5BvFgV4Od1VIdDfB4dqJQ=; b=1PMS76+AwgqziKA0B3QIJ87HWgLDxS4bt5NntEk5lmwPDKs0CcrUZyHeJNYzduaa0m y8WDLhxsmTMDJjgWDG6TAQPLh8srR9kDvO25nW7+BxjuO0HjWoMNNkxi85rGp/ZzOu8W Wc9dMyc1hW3QqSM/7V1KNLHkL7tJJltvjSxBsbqdZ0T7KaFXEjFl0gBpYTPe5nbdw9gb pHtNDIJ1SKR/FfNEEzaq//H6IXmRpuDYcblrh3psD14Z5gmlsRkugCG72MKCTTuXZBRL DNWwk+FoNBhb6MPLaNQZObgW5nsermq4XoIOzH+tc4rKPXwIrXhPFQ9HHMP5ml0Lmnpe lAfw== X-Gm-Message-State: AOAM530eKs1aw7RFdPkpKAVbDCmwI5eAAG4w05M+fSoH5GKB8E5t/gPz GUbAv+A7yNHzURnfynjp9k9wAA== X-Received: by 2002:a17:90a:6001:b0:1bb:83e8:1694 with SMTP id y1-20020a17090a600100b001bb83e81694mr19893304pji.127.1646104629348; Mon, 28 Feb 2022 19:17:09 -0800 (PST) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id u25-20020a62ed19000000b004f140515d56sm14527808pfh.46.2022.02.28.19.17.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Feb 2022 19:17:09 -0800 (PST) Date: Mon, 28 Feb 2022 19:17:08 -0800 From: Kees Cook To: Daniel Latypov Cc: Steven Rostedt , Eric Biederman , David Gow , Alexey Dobriyan , Magnus =?iso-8859-1?Q?Gro=DF?= , kunit-dev@googlegroups.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] binfmt_elf: Introduce KUnit test Message-ID: <202202281915.3479AB42@keescook> References: <20220224054332.1852813-1-keescook@chromium.org> <202202232208.B416701@keescook> <20220224091550.2b7e8784@gandalf.local.home> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Feb 28, 2022 at 05:48:27PM -0800, Daniel Latypov wrote: > On Thu, Feb 24, 2022 at 6:15 AM Steven Rostedt wrote: > > > > On Wed, 23 Feb 2022 22:13:25 -0800 > > Kees Cook wrote: > > > > > Steven, I want to do fancy live-patch kind or things to replace functions, > > > but it doesn't need to be particularly fancy because KUnit tests (usually) > > > run single-threaded, etc. It looks like kprobes could almost do it, but > > > I don't see a way to have it _avoid_ making a function call. > > > > > > // This is called just before the hijacked function is called > > static void notrace my_tramp(unsigned long ip, unsigned long parent_ip, > > struct ftrace_ops *ops, > > struct ftrace_regs *fregs) > > { > > int bit; > > > > bit = ftrace_test_recursion_trylock(ip, parent_ip); > > if (WARN_ON_ONCE(bit < 0)) > > return; > > > > /* > > * This uses the live kernel patching arch code to now return > > * to new_function() instead of the one that was called. > > * If you want to do a lookup, you can look at the "ip" > > * which will give you the function you are about to replace. > > * Note, it may not be equal to the function address, > > * but for that, you can have this: > > * ip = ftrace_location(function_ip); > > * which will give the ip that is passed here. > > */ > > klp_arch_set_pc(fregs, new_function); > > Ahah! > This was the missing bit. > > David and I both got so excited by this we prototyped experimental > APIs around this over the weekend. > He also prototyped a more intrusive alternative to using ftrace and > kernel livepatch since they don't work on all arches, like UML. Yay! That's excellent. I didn't have time to try this myself, so I'm delighted to see y'all got it working. Nice! > We're splitting up responsibility and will each submit RFCs to the > list in the coming days. > I'll send the ftrace one based on this. > He'll send his alternative one as well. > I think we'll end up having both approaches as they both have their usecases. > > It'll take some iteration to bikeshed stuff like names and make them > more consistent with each other. > I've posted my working copy on Gerrit for now, if people want to take > a look: https://kunit-review.googlesource.com/c/linux/+/5109 Great! I'll go comment on it there. -- Kees Cook