Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp14063867rwb; Sun, 27 Nov 2022 16:58:49 -0800 (PST) X-Google-Smtp-Source: AA0mqf6Nkosh9iAoY61IKjIkMpoHaw+hiBVCJHSuRgineLcSPBLiFi/afV6jpeViOq7oDey3/+ko X-Received: by 2002:a17:902:cf03:b0:186:5d7e:7ca8 with SMTP id i3-20020a170902cf0300b001865d7e7ca8mr28985526plg.74.1669597129561; Sun, 27 Nov 2022 16:58:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669597129; cv=none; d=google.com; s=arc-20160816; b=u/zIMD5H3LYZdh7XG/XnRVLinNYnbjESjGeZHtsi57C0HeUGP7hS8vuOWGFiuQx3Ij Quuc9otXtQV7Y98YpC+oF3oxUeuAqgmDaY9HHfG+yeMAL+h+c3pyLOcNDprBmZTJeW4m YFK6vCunKdVdthvXdBgz0tMgGaTrg78CmzlPKc2IX5/Kz1QbXjFQzjbFhdD0E2gnIaGV 3nr2XWsqbjca4NrfGeFe9qMIt6zNxgz8T+VqmPK4dS+NnLnQf3I+38/P9B1XPPp+QUde xtI62eY0TX6f+zJLzjxtWICMOEnjpkUyqQqYutUB6xUkQjKqbb9bBZEtlFlzdihIKz1b AVfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=hjTA2wZ8+39jBSZBfYANTa96CxSOfsTr8erR7n1nNp4=; b=wZje0OJka23YPOdmAatchQOd2NXnzcq/gGZ2A3kc7aGqmeh9/r8APMte/u0+v7bSdK ScW2zgUcY9jGbSA+zuN8wfsiwZKXLY/0ZawpV5cg20579rkRdzqSjbntwxuyZmbk2d4d HSKJv4/rqGT1AMYfAemSfDV6a+t6WwitGY1sT+zkwkZEUTncg3Sjcz9kNEyvRQ0u2wmK 0j+LAi/nBaEuIUPesAlJUfIDFWWN7UELpF0Ri2KrbZD7WpPnSKnIpgZ02As7Ef68b0ED 8pQNH+8Hi5bAQMBiqAk5NYWBDbUXsDAdFg/UYxmztwZP0OU72fTGoeWkyeCtlMTyEsv2 1u7Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=nzWcZh1k; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u5-20020a170903124500b00186a3bc939esi12181566plh.211.2022.11.27.16.58.38; Sun, 27 Nov 2022 16:58:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=nzWcZh1k; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229616AbiK1AiL (ORCPT + 85 others); Sun, 27 Nov 2022 19:38:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55328 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229551AbiK1AiI (ORCPT ); Sun, 27 Nov 2022 19:38:08 -0500 Received: from mail-pf1-x435.google.com (mail-pf1-x435.google.com [IPv6:2607:f8b0:4864:20::435]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D6BCA2BCB; Sun, 27 Nov 2022 16:38:05 -0800 (PST) Received: by mail-pf1-x435.google.com with SMTP id b29so8942650pfp.13; Sun, 27 Nov 2022 16:38:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=hjTA2wZ8+39jBSZBfYANTa96CxSOfsTr8erR7n1nNp4=; b=nzWcZh1kcH0EoZVPIm+hKTpKZZn/EYWKsmQU/wTSTlFk+2NpfDelj0TwVxTqsKQ7+w 44KPtTn+/kpRuquHTs13v3KPvn6vIIF/6QNq+fRB1y/3+LzRK/1WSRpWi9nd2bVMw52+ hhxmNTLrJoLq9maNiwR12aJQy5+TQlFmTsD2yF/QalTNv7RMqVrZCQwYFiOFdSdNGdIs 6Wlga3nB37RISTVG5OdxJrVit4LNLI8pKEyMqXYmok0P0sJl0OmOYGdnonPIruBPZGWz nOTai8MuZKqAnxaFRR+kONRFwDpsItK++5zFXIThFGOhl3fhipvL93ppklSSFFiA794f etVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=hjTA2wZ8+39jBSZBfYANTa96CxSOfsTr8erR7n1nNp4=; b=HEKc7BuN4C0ue7AwYCF54Kc+q8r7rZOPBXueNMdmybs4rnl61uC/LgOkCT6d67MN8Y 8UMbKlSh2N88B/WTFD/WvONI+S4fWya7X99Igbd1l9sXvCDmpGqVMPLBDuvNiQdTYHgY 3c/JLLJY/T4y2PRcFU9tl48oQB3kWi3VnqUfyJU2xC1bu3pYNDucD4NKfnu35ipeUiPf dnLnx+3PuP5yY9S0NQzS2qfLgdlPmsXMZIO9WDDwMYGA6rvHxjJEX0JL8B5uT2Yvi2wg Vu71HeY/6MwwZ72bqg4tACH3kGS0N37kQ7QqODjYjIbaj0j7Pemenk/Uvl/DvyWAtG7b J0Cw== X-Gm-Message-State: ANoB5pkDRV33UlWoxNr++CspAmeTQq4+nYDnxfumI9ib+3xCe1mjRv0L yHl4PnyxMRQF26h0tddlLUM= X-Received: by 2002:aa7:954e:0:b0:574:36b6:f91b with SMTP id w14-20020aa7954e000000b0057436b6f91bmr25749446pfq.55.1669595885147; Sun, 27 Nov 2022 16:38:05 -0800 (PST) Received: from MacBook-Pro-5.local ([2600:1010:b0bc:b0ff:414:a8c4:5bb8:5c66]) by smtp.gmail.com with ESMTPSA id x6-20020a170902a38600b0018968d1c6f3sm5416488pla.59.2022.11.27.16.38.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 27 Nov 2022 16:38:04 -0800 (PST) Date: Sun, 27 Nov 2022 16:38:00 -0800 From: Alexei Starovoitov To: Hao Sun Cc: bpf@vger.kernel.org, ast@kernel.org, daniel@iogearbox.net, john.fastabend@gmail.com, andrii@kernel.org, martin.lau@linux.dev, song@kernel.org, yhs@fb.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, davem@davemloft.net, linux-kernel@vger.kernel.org Subject: Re: [PATCH bpf-next v3 0/3] bpf: Add LDX/STX/ST sanitize in jited BPF progs Message-ID: <20221128003800.h2bmqcv5dfqmfbcf@MacBook-Pro-5.local> References: <20221125122912.54709-1-sunhao.th@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20221125122912.54709-1-sunhao.th@gmail.com> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Nov 25, 2022 at 08:29:09PM +0800, Hao Sun wrote: > The verifier sometimes makes mistakes[1][2] that may be exploited to > achieve arbitrary read/write. Currently, syzbot is continuously testing > bpf, and can find memory issues in bpf syscalls, but it can hardly find > mischecking/bugs in the verifier. We need runtime checks like KASAN in > BPF programs for this. This patch series implements address sanitize > in jited BPF progs for testing purpose, so that tools like syzbot can > find interesting bugs in the verifier automatically by, if possible, > generating and executing BPF programs that bypass the verifier but have > memory issues, then triggering this sanitizing. The above paragraph makes it sound that it's currently impossible to use kasan with BPF. Which is confusing and incorrect statement. kasan adds all the necessary instrumentation to BPF interpreter already and syzbot can perform bug discovery. syzbot runner should just disable JIT and run all progs via interpreter. Adding all this logic to run JITed progs in kasan kernel is just unnecessary complexity.