Received: by 10.223.164.202 with SMTP id h10csp978066wrb;
        Tue, 7 Nov 2017 18:57:01 -0800 (PST)
X-Google-Smtp-Source: ABhQp+SIMl3h2z3DZFVJ+6tNqAW0RClRiDZ9E6lJahnk33pJE+zPz6RhDGDSbyHUaWgd6vwiaYLn
X-Received: by 10.101.81.6 with SMTP id f6mr839785pgq.64.1510109820929;
        Tue, 07 Nov 2017 18:57:00 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1510109820; cv=none;
        d=google.com; s=arc-20160816;
        b=MlPXv8CNR3tB+tbD36gtx9YMXCS4nP7o+eJPFZu1UP8PgvjemsKMBOtGmHPzqv7JjN
         85wtUyoACf8B51iCS7L0sRhkVUREP59PUWj5mcuq03bDfudd35k+kB48RIyGry1/BKAE
         PJRwLqXMdqGkWjsmG8LXLj95eT/8zrbPngS32gLb6RzvOljg5GUHXrCUKl6ujQTJC+hT
         C0HbV1UYFPVyFi+AnszNI46Do8O+3djaiiErcvU2uRSl3+9eWtqBxZx0jdn51hGVLdvB
         2MH/3uHVLMQU2w1kgx15w1zmv18abgEY1UDuCtrXOb4q3IU1dddlybtTRB3dEsmBqoTc
         0+KA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=pGSojEip6JqE5bw1MJA8rcE/JRbIRgsf7CYDRkgjiwY=;
        b=WQZIl2MZhAfx1su1Tkssy9NnhyJTjJ5ADcDpQH3nW6W951J+yvIV1eBW0qixD/0pLU
         OaLNl70IP06ydn92z5ffhnuK+mewMiuVVxmhU6PrWMOVFZHqZTMfF4scoQymSwKJd2wh
         AJI9zMqkSYgHMMK949f/xiivgNGw3h6c+7/89pjgqpJS3AsKwuJbVVPXj4QKbIRP05+X
         Or/tVdj2y+BjDXAriTwVw8krkfqD/dHMbvQmQbAe7bNdzC+uOAnEAlyyqFFKg1199otv
         Jhq9Jf4ioPG9xwgIn/ZkGDO8iGlLXTj4W4E/oGbF3jsDRllAmNbqakan1Xyp0hQY55yo
         oO8Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=JGPoEONa;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u27si2665661pfd.358.2017.11.07.18.56.46;
        Tue, 07 Nov 2017 18:57:00 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=JGPoEONa;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S934545AbdKGVsi (ORCPT <rfc822;schlichte.alexander@gmail.com>
        + 90 others); Tue, 7 Nov 2017 16:48:38 -0500
Received: from mail-vk0-f65.google.com ([209.85.213.65]:55512 "EHLO
        mail-vk0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1755349AbdKGVsg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 7 Nov 2017 16:48:36 -0500
Received: by mail-vk0-f65.google.com with SMTP id b7so455460vkh.12;
        Tue, 07 Nov 2017 13:48:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=pGSojEip6JqE5bw1MJA8rcE/JRbIRgsf7CYDRkgjiwY=;
        b=JGPoEONadUDB4TKScmG/ddQ+OHLU1qjNIMovgpA8gLVnfczOygRfxLJ5cvSSRgeTwZ
         533epOFhxepO0MmXy4ibELOueRGYbDCk11vFBydMAwDOONQWvikVO3rmfIcf3xoIp3F3
         EuRnr4dUGCWZ32VzPwfr+LusTKLwFR6LzS0pNoSWNCKUT3HGPdAh/Jt03k9Mr/Wepbtg
         JUMveWBaP1iDcLfk0VWEOnytXt3YOqC9YinlqIzr4P3o2z7MLObXG2CXX1V3BV63dt0H
         SsmRH1E1aCHWKb/HnsvCMkjWphZUmN4fsCDvjbfbDvdP0bx/1/VPTnOyrJaePhB2pBI6
         rR/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=pGSojEip6JqE5bw1MJA8rcE/JRbIRgsf7CYDRkgjiwY=;
        b=VLeozsykNtljY+0ENcH2AVbz3nrjv0LXmTAaF3d6Nfr43HlnKWxhLHyClGHzHjfL9z
         IXymdUhx1lgeFB+K7KIH0i1RmUuNZmTmDglzyehcUdCfAsvuBTDLDYzv0FbgP/gtai9V
         30+g26anZiAJk8U/5J35WUita9JugJUFp481Mdhqc8+tA1zaw3ODLh7sN+0q7LPy0qr8
         F+zCNoTaDNP1nRXcHatzKUVztzZAcSEIhU9Jd1uUkWHXKclIKPi4D4k30PNTwIxweUa9
         +jSshOBDB8fuhtPB44mb/fC4cGf/9Ua6S2ecmcOoOUoROBPwoc8ggLj4f6s7Xo9v84tP
         8V+A==
X-Gm-Message-State: AJaThX4ErDV3GJT9BTRuIqMvLCKxgR7GZs6rqL4yPq8ych1AdQdPwITo
        HN7TkreT1t+tL1nsuJ64/6PHJRKRFH1oMAwBziY=
X-Received: by 10.31.135.17 with SMTP id j17mr162098vkd.34.1510091315922; Tue,
 07 Nov 2017 13:48:35 -0800 (PST)
MIME-Version: 1.0
Received: by 10.103.210.14 with HTTP; Tue, 7 Nov 2017 13:47:55 -0800 (PST)
In-Reply-To: <fc6e7617-ee4e-b799-7565-bdfc4f7e0159@fb.com>
References: <20171103065833.8076-1-sandipan@linux.vnet.ibm.com>
 <94a4761f-1b51-8b70-fb7f-3cea91c69717@fb.com> <1509815348.8zu63uatdo.naveen@linux.ibm.com>
 <4acdc081-341d-ee91-a591-b1d331a8c8d5@fb.com> <1509982000.092la4257a.naveen@linux.ibm.com>
 <df92faa5-ca2b-a623-e074-e14b7345f8e5@fb.com> <1510042830.62prnydrlw.naveen@linux.ibm.com>
 <CAH3MdRX-XehVX5A1O7+vxR+UuG46z7mRSMOer4hsxFYdKjWKUg@mail.gmail.com> <fc6e7617-ee4e-b799-7565-bdfc4f7e0159@fb.com>
From:   Y Song <ys114321@gmail.com>
Date:   Tue, 7 Nov 2017 13:47:55 -0800
Message-ID: <CAH3MdRVm+6FroZ5MAENtqiMCDY5kR_74JY-fY9-Nr5Sw96pCHg@mail.gmail.com>
Subject: Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members
To:     Alexei Starovoitov <ast@fb.com>
Cc:     "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>,
        netdev <netdev@vger.kernel.org>,
        Sandipan Das <sandipan@linux.vnet.ibm.com>,
        Brendan Gregg <brendan.d.gregg@gmail.com>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Martin KaFai Lau <kafai@fb.com>,
        Kees Cook <keescook@chromium.org>, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Nov 7, 2017 at 1:39 PM, Alexei Starovoitov <ast@fb.com> wrote:
> On 11/8/17 6:14 AM, Y Song wrote:
>>
>> On Tue, Nov 7, 2017 at 12:37 AM, Naveen N. Rao
>> <naveen.n.rao@linux.vnet.ibm.com> wrote:
>>>
>>> Alexei Starovoitov wrote:
>>>>
>>>>
>>>> On 11/7/17 12:55 AM, Naveen N. Rao wrote:
>>>>>>
>>>>>>
>>>>>> I thought such struct shouldn't change layout.
>>>>>> If it is we need to fix include/linux/compiler-clang.h to do that
>>>>>> anon struct as well.
>>>>>
>>>>>
>>>>>
>>>>> We considered that, but it looked to be very dependent on the version
>>>>> of
>>>>> gcc used to build the kernel. But, this may be a simpler approach for
>>>>> the shorter term.
>>>>>
>>>>
>>>> why it would depend on version of gcc?
>>>
>>>
>>>
>>> From what I can see, randomized_struct_fields_start is defined only for
>>> gcc
>>>>
>>>> = 4.6. For older versions, it does not get mapped to an anonymous
>>>
>>> structure. We may not care for older gcc versions, but..
>>>
>>> The other issue was that __randomize_layout maps to __designated_init
>>> when
>>> randstruct plugin is not enabled, which is in turn an attribute on gcc >=
>>> v5.1, but not otherwise.
>>>
>>>> We just need this, no?
>>>>
>>>> diff --git a/include/linux/compiler-clang.h
>>>> b/include/linux/compiler-clang.h
>>>> index de179993e039..4e29ab6187cb 100644
>>>> --- a/include/linux/compiler-clang.h
>>>> +++ b/include/linux/compiler-clang.h
>>>> @@ -15,3 +15,6 @@
>>>>    * with any version that can compile the kernel
>>>>    */
>>>>   #define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix),
>>>> __COUNTER__)
>>>> +
>>>> +#define randomized_struct_fields_start struct {
>>>> +#define randomized_struct_fields_end   };
>>>>
>>>> since offsets are mandated by C standard.
>>>
>>>
>>>
>>> Yes, this is what we're testing with and is probably sufficient for our
>>> purposes.
>>
>>
>> Just tested this with bcc. bcc actually complains. the rewriter
>> is not able to rewrite prev->pid where prev is "struct task_struct *prev".
>> I will change bcc rewriter to see whether the field value is correct or
>> not.
>>
>> Not sure my understanding is correct or not, but I am afraid that
>> the above approach for clang compiler change may not work.
>> If clang calculates the field offset based on header file, the offset
>> may not be the same as kernel one....
>
>
> why is that?
> When randomization is off both gcc and clang must generate the same
> offsets, since it's C standard.

The patch changed compiler-clang.h, so gcc still do randomization.

>
> bcc rewriter issue is odd. I suspect it was broken from day one.
> Meaning that bcc didn't support poking into anonymous union and structs.

This seems right.

>
>> I verified that the drawf info with randomized structure config does not
>> match randomized structure member offset. Specifically, I tried
>> linux/proc_ns.h struct proc_ns_operations,
>> dwarf says:
>>   field name: offset 0
>>   field real_ns_name: offset 8
>> But if you print out the real offset at runtime, you get 40 and 16
>> respectively.
>
>
> thanks for confirming. It means that gcc randomization plugin is broken
> and has to be fixed with regard to adjusting debug info while
> randomizing the fields.
>

From 1583464824093017999@xxx Wed Nov 08 02:55:33 +0000 2017
X-GM-THRID: 1583027203607239623
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread