Received: by 10.223.164.221 with SMTP id h29csp733668wrb;
        Sat, 4 Nov 2017 02:35:59 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+SkqlpanWpGLMuAMOfxlT9knMc+3tymQXlZAAlIpZitLHJDBHnE0QHl1j0PaHdVPTHCChWw
X-Received: by 10.98.31.73 with SMTP id f70mr10288233pff.183.1509788159682;
        Sat, 04 Nov 2017 02:35:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1509788159; cv=none;
        d=google.com; s=arc-20160816;
        b=kUEkhBAvIB+p8M+IwN6eUypu4yGQGIHIvtYOL0yetW9ZOXKfgwPPuNWX/HIfD/Ip40
         XXeiR/ALeIJLXuCmfRmOc/XOdnRVeuUx6zXN3EMrE2j5VY8Oaje92Sk46sNKRda34JR5
         YvYDx9PHVpPE/kEeGT/kWOznyEP0nEy1X///xcKTpeEWTFgPSfhqpWf+h006nOE3OPd4
         YJnwPHvI3sYAEMtO1fcpl/wakIW9x3ssMXY5TSOA26075dEBGL8xWzDXwsSFXudRM9Yk
         6X/YGgZuSCutFU3lPkDbEv2x7fFaTbxd/XdsXdTDsE3Y+2zy3lsiv8rfSk52rxifkVKQ
         l4tA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:spamdiagnosticmetadata
         :spamdiagnosticoutput:content-transfer-encoding:in-reply-to
         :mime-version:user-agent:date:message-id:from:cc:references:to
         :subject:dkim-signature:dkim-signature:arc-authentication-results;
        bh=d6u+wvGF+aZ7h6nIz1ljiIv1dLIkiqgRyHB94c71+yI=;
        b=Q8N6F393P3V80q4+nJTu/YX8RLWwmkgl4PE03GO7JORcFEtYEofwvkQaZNgCexbNse
         YdRg1KFlW9fATEqWuYD5TLoxRKLI/zHgxwOcuYz9iprr6lym1xyMV11Yl9b/pv6QMjnF
         V+0q8ptdNLePtmglO5ZHucL2VGN9cqr+ClxgIC1s1FNTgJGEpL0i74wNKHMfsxcTWDGJ
         0VoCarLsDlaMuwNdORuX3IsbqbhBVyudpcGk3CxE85vZMckhx0w60mZ4a76lPS+2s5Ab
         JJkPw44LHyd6nLw2R3+onOpxzvsqodLPKLXLLxBD27Di9ZLQa6rIj8limo36lhsRNqVg
         IJhQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@fb.com header.s=facebook header.b=Cj+hVOK5;
       dkim=fail header.i=@fb.onmicrosoft.com header.s=selector1-fb-com header.b=N2LPJr9p;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=fb.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p20si8163443pgc.351.2017.11.04.02.35.46;
        Sat, 04 Nov 2017 02:35:59 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@fb.com header.s=facebook header.b=Cj+hVOK5;
       dkim=fail header.i=@fb.onmicrosoft.com header.s=selector1-fb-com header.b=N2LPJr9p;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=fb.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1756581AbdKDJfI (ORCPT <rfc822;brice.berna@gmail.com>
        + 94 others); Sat, 4 Nov 2017 05:35:08 -0400
Received: from mx0b-00082601.pphosted.com ([67.231.153.30]:38652 "EHLO
        mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S1756478AbdKDJfE (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 4 Nov 2017 05:35:04 -0400
Received: from pps.filterd (m0001303.ppops.net [127.0.0.1])
        by m0001303.ppops.net (8.16.0.21/8.16.0.21) with SMTP id vA49VfgX022064;
        Sat, 4 Nov 2017 02:34:51 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=subject : to : references
 : cc : from : message-id : date : mime-version : in-reply-to :
 content-type : content-transfer-encoding; s=facebook;
 bh=d6u+wvGF+aZ7h6nIz1ljiIv1dLIkiqgRyHB94c71+yI=;
 b=Cj+hVOK5g8rXRA1XLtHYLmeg/2tyPSBTM8gfae0j9fkReop8CQr3kH+V4Dwt9Ct1TIMs
 9+DwPRCYDhSOjqERILwRVSzHN9F503D2a/lMgLuFZkefENiR1OSpaBDk7CzaG/y0q2Xi
 IEx85IXq9cZjixQR99lSH4nIm6N1jPLXRjQ= 
Received: from maileast.thefacebook.com ([199.201.65.23])
        by m0001303.ppops.net with ESMTP id 2e197eg8c0-1
        (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT);
        Sat, 04 Nov 2017 02:34:51 -0700
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (192.168.183.28)
 by o365-in.thefacebook.com (192.168.177.28) with Microsoft SMTP Server (TLS)
 id 14.3.361.1; Sat, 4 Nov 2017 05:34:49 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com;
 s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=d6u+wvGF+aZ7h6nIz1ljiIv1dLIkiqgRyHB94c71+yI=;
 b=N2LPJr9p0b2HWCsrhUvw6JmzKKfpWspDgNFL2v/GzXDUX1l3TcanhObs+aDk9r8WDvYog9XiY1s6TUXtFfMoO7Z0tOOhkP7tRdn2/blfUuXXaomFgloKvStQJ2T6L1GzJxWnMe6Ug7GS5ZFOSti5WDn8KfZNXArgAatvhMVzSKM=
Received: from [IPv6:2620:10d:c0e1:1110::1004] (2620:10d:c094:180::1:10a5) by
 BL2PR15MB0961.namprd15.prod.outlook.com (2603:10b6:201:15::23) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Sat, 4
 Nov 2017 09:34:42 +0000
Subject: Re: [RFC PATCH] bpf: Add helpers to read useful task_struct members
To:     Sandipan Das <sandipan@linux.vnet.ibm.com>,
        <netdev@vger.kernel.org>
References: <20171103065833.8076-1-sandipan@linux.vnet.ibm.com>
CC:     <linux-kernel@vger.kernel.org>, <daniel@iogearbox.net>,
        <naveen.n.rao@linux.vnet.ibm.com>, Martin KaFai Lau <kafai@fb.com>
From:   Alexei Starovoitov <ast@fb.com>
Message-ID: <94a4761f-1b51-8b70-fb7f-3cea91c69717@fb.com>
Date:   Sat, 4 Nov 2017 18:34:27 +0900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0)
 Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <20171103065833.8076-1-sandipan@linux.vnet.ibm.com>
Content-Type: text/plain; charset="windows-1252"; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: [2620:10d:c094:180::1:10a5]
X-ClientProxiedBy: HK2PR02CA0180.apcprd02.prod.outlook.com
 (2603:1096:201:21::16) To BL2PR15MB0961.namprd15.prod.outlook.com
 (2603:10b6:201:15::23)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 68c5a8a3-f3e1-4a2e-469f-08d5236748bf
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(2017052603249);SRVR:BL2PR15MB0961;
X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0961;3:H0PV8+6WPy3o2taP1Z1ohUs6VMjYG5USoF/mrbLn4iMl9F8VhtDkaRd7/vBZJGuhYLCnLGmqXZ2Rgb/Y8TfF3E5EGdOKnwdCe1LuXRwqN+99iHrFkN77K7IZFLma9TTpvcez46Vh0/KUOmv0sA1t8cOFfqe0KDY7U6LWOIqOHQu81AgGqO0NM2Pzoq77LYdKsTILCCVAuCs0TBK75kWgBIjWH5gkOksHblTf43282OcM/ICFwQ4N1B3tiYA7BO2J;25:PNRvQJe3zKWOrfzgoWOlI5CIPaCzLJuki+STdrnNbYdnudCjZmTLb9bsvN6m+B8tem3m75aSQuIWx5y3y2U7uX4GdO0VBLyBgD3aa8Ry5Z9cJRpFS+qY5L/WvSAN/NSDWFbxdbb+t2SsBTrlNO7GntbNs6zZGVXDfk/Kx4xDmHDtC5Qv1YvhgDRAQ9h5oXMesBWdcjLAuh95A15+bOp/P1W1sUjL8+jOLNalus4kdDIBgB8pU+AhounWZNMZUwSNqst7ypWtMJQKy7hBC9bUS/J0KZx3L/Zkm11CYh7lsc7owXqLjmpAfV7VImJyTMPKnYF/+oCSel/tx/Bn4Ix8ZA==;31:JTrap/ld1InsfVqdz8NQEGRjKGjvNh54l2HSqHP+YzMRlNaaviLurlmC+VXQviCWhbA6wYPfTMxAyj+No0RVknGQS8biX+VS6KGbSQ/8jMSKhTPjAkNTEY5tobTmUfpqy7M0yDAsiC9KsnSYH6YWyVZZLhNUaDtjRu54bOnAfBJfb3QVDeS2ZqJnWHVFa9fRkbwjxG1LcRJDpgp/4WRayb/fKaMmp/+c3Ve2Qx5LmyE=
X-MS-TrafficTypeDiagnostic: BL2PR15MB0961:
X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0961;20:FIFneEY4MVt96DnKQlCWQIIA0F8DA5lqJuqlXnYPx2gsLeWSZRK96q413rFsz4mTzg11bFh+GGKZE0CoSG6+ZZaOQWr8qJPeq5mKY8lXyCcvcTa0a0vRvRZ3kSLxpwRYg1MMVBWVonghNjNUT+MiQkmpzgMYI5jjdLdlDd7eQy886nf29aTeV/pik2xdI3djvAhnxxA5XtvjSdRFyupe4ca6juJPHjEEywj1GTypaVJX6UIUh3IfIHSMhDsyD2G2X7n7nus7Lybt3GQgd/A3lcpUDj+4kr4qwuPUMWD7IVRXGKtTihP82yAAFZ21gfkDOwJz4YdgarQ/gC/RBFHg6wwqmb1xPqNFl5KIzl2+fLmPg2WQUBqtPue452iLF1CEfkJEQVLVniW33GvcG2on2wVqIj2G4v4jJrEwz7Gge3saz9jq4+Kqw0v6I85V5sbfSKKJufcdAuvU5b2WMMHEoArUkAaJvTkwXAuvCEL/T+Ear+KYrOuEZEAUzrBgKWIA;4:DP32Y7mIqN3KkpGs3F7ImVDdQaAjd1O5Lw/1tEqg+R5x3ouCPEEjuLJ+OXG6tzCfXPee1+ndMICDMqme2VGQ5DURct9tdUAS2tXyScn+un+W+aK8XRiU7+iA+fRoTXjxKbXI26+Fg+nu3bjOTMoWILwIBENX4gQBiDOPgod8gp3B1V1JQfnJM7PVkWwRpUZsoYEZcdy4YjS7srGLphB0zzN5Gf/kNXRWLKwI12VNw0SsAyg2BR8CTnngdUpZhjSMhSmj3b8q6yEbvF+BD42h7VpgKfVmdjZB98arF95sN5TbsAwx3c41AcI05atC2mHI3xhLzC2q9gBzMuSijnUH9giR3tJMyuEtE6iVYSm/7Re96J5dvjjp70dIh3oJLZWxdrWVcXY54RfNl34X/HVdlEE1urld/Ee/Wj2eWyJqln8=
X-Exchange-Antispam-Report-Test: UriScan:(190756311086443)(192374486261705)(104084551191319)(17755550239193);
X-Microsoft-Antispam-PRVS: <BL2PR15MB0961FDC141FC5B86CFC5AD35D7520@BL2PR15MB0961.namprd15.prod.outlook.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(11241501159)(6040450)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231021)(93006095)(93001095)(100000703101)(100105400095)(6041248)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123555025)(20161123560025)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:BL2PR15MB0961;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:BL2PR15MB0961;
X-Forefront-PRVS: 048111149A
X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(6009001)(346002)(376002)(199003)(189002)(24454002)(8676002)(81166006)(81156014)(23746002)(478600001)(230700001)(64126003)(68736007)(8936002)(86362001)(65806001)(65956001)(2950100002)(6666003)(83506002)(47776003)(67846002)(5660300001)(65826007)(31696002)(50466002)(33646002)(189998001)(105586002)(31686004)(106356001)(4326008)(7736002)(53546010)(53936002)(101416001)(229853002)(316002)(36756003)(58126008)(2906002)(25786009)(1706002)(6246003)(6116002)(6486002)(76176999)(54356999)(50986999)(97736004)(305945005)(42262002);DIR:OUT;SFP:1102;SCL:1;SRVR:BL2PR15MB0961;H:[IPv6:2620:10d:c0e1:1110::1004];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en;
Received-SPF: None (protection.outlook.com: fb.com does not designate
 permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: =?Windows-1252?Q?1;BL2PR15MB0961;23:MkcrhNyRZAgosIqMg/DRUzu8/qwylEQRVgwfn?=
 =?Windows-1252?Q?eok5KKvZOxp/d5Z9Rplx9tP8mDzzTkcWivvdhBdZYbEV7pN/6CAa5alO?=
 =?Windows-1252?Q?B1Ah81pZ0c4KzIZCWhhqx3fejJlbTqci0QGpDF0t12S4ihKCtAO5y0YD?=
 =?Windows-1252?Q?8xh2sVkHoiPwACQROBVBOTTPuha4O93FI1XlonriZsbYYkszagAVg2e6?=
 =?Windows-1252?Q?Yo8+T/pJi0nIHmpJrLdPKimTjj9lewzIuByiD8XvqxRCyYNS8ud9vh9V?=
 =?Windows-1252?Q?Gez+3+Z3e7T8LW7XrGUy0EubiHAWOHFbwBlR1sxoSFGQPnfO+tyeIHrY?=
 =?Windows-1252?Q?j8UWuKerCQzmWjRJl/A/iYFJzm6T917HqhCm864omrzmqei5OKb3e8gQ?=
 =?Windows-1252?Q?Bp+hCrsIKsGbAjS1NtM1/vWqb0GaYzuxKaVKWwHCfcdFRqDqSNJGkBdZ?=
 =?Windows-1252?Q?tB3h12sUyfFLKvDC4mnxcs/ueQmmY2Np7JHbbhQmUxtss4NhOgKedooe?=
 =?Windows-1252?Q?eZzf7EL0M2z4Kba9shHnXxjpnMrYLjAKC9W0inODb5cyQkSwwO/SioCr?=
 =?Windows-1252?Q?W9Iywg2V5+pLeESm6Ip4yHm8VGruFdbz7l/FlyY2X52HdomFAAk/4f8n?=
 =?Windows-1252?Q?CMeA/vF5oC/u5/7wQybN990Ed/owulsmBmXMRMiD8yNHkeoHUV+nfpPh?=
 =?Windows-1252?Q?XgakvGJldIXZmbMuDo2Lysxx/cOGc9kc+6dNSSz1qQbuOhMFcDq1DYz3?=
 =?Windows-1252?Q?Sie7xyiCoLnrloFVKBreszJkPb515pvva5tIQBBb0EhUdUejzrh/jV8Q?=
 =?Windows-1252?Q?ifeUb58ZRCw9iMMfqbLMMvfWMVARjq0tRbUFKU8ueOEhmekMQ3tgPgcQ?=
 =?Windows-1252?Q?DgaiOckJj6gIwXgPr4VjZoMZL9VDijYjuweu9xoUbOO1b6ZDCWhTrlwU?=
 =?Windows-1252?Q?bVR64IECq2+pvNVVxJl9rIS+nb84CPOlJdRBAO36tlh1pmxreQYsmMsg?=
 =?Windows-1252?Q?D0cm2sPv4r4HcI0oIQu+5/El53HiGA0xZ24MQIK236M0lBzSQVzzxxy+?=
 =?Windows-1252?Q?mO36uPxUxoPaGCY3g2I+FnYyluLWmOIaLVQc4EKtxCThUbR4S8hXHSBp?=
 =?Windows-1252?Q?xIkO+E9C1qanun+TumeCrEq3tUhoSGUnXH5csOLJNzHKn/Mp9P9WmPOs?=
 =?Windows-1252?Q?a6WKvJ/j2sbLsg8Yw1T7AtYhJ6tC8lhslvqHnA5DONMfMNSYFjMWZlmD?=
 =?Windows-1252?Q?y2DW8bYS7+fHG6Knvbo92S6+KT09auKrVID/4iO40PRUFplh1a5vsOkH?=
 =?Windows-1252?Q?DmNChRrir2jD4tqb06QRzChcA=3D=3D?=
X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0961;6:C41lV/sUQP3nVZuVf0bqrB/apCUEsDYHPEV48LfGKbfeXkgSdTrDEASKR23D3zNWzTBKs214VkX2zCh438aryHQpS/4Tovwt0N+wB3GgNxeZFvsGmVYSqtXA36smFWMvWLzo7ZWfbKdHzsG//cU3KCU/dp2u+pmoi8zd/6ZXBxXx+Pxpa8M6wRoP7BICsD+w77WulS4fKuBdRFjkJfLfwE1E6fjTz2LjO+Hy+Rhn32YBO6ht7SNihVeDObLlOJ/OgPWDpfJ1qRK2pDM+He1RZPX8tuCWAGEzn/lMDCOWfyXqozSuAAgoxze2//NxuvCEV7vQpoZHwVX65Wm1Kj5u8oGZnSDUKA1uj1rX2PrpQbs=;5:S0hEeONmsDLISakU1/ledN4ZZP2V6dLY9bDhwksC77vybEtRKNeY+VWhg4qservYcNvwZ6QqvLVwUTrDrkG5M/76KF9sHsvtijHNtx6ihnGndX2X4RIAZ7Kr3pSH7oemipuxZDQEKnalDG02iUtx8n2Im0wowy5vHEn8VkY/DJc=;24:XDM7oWNiKaOQnUP792M3T/6Q8U94MsLFV+cU3vXbvFh3EnpoIHPTtJaWYFCPdGw2qzduVVxNvWDGLWbiUjePRYusKeAWjXVK9Ovj+8wp0TI=;7:ytSYkMiAVGSEUpVQdp9Z1LuUUHoEdc57Uu7alFkd0def2dYudGu04/xwmL+B/uXbXpMlQcTq4p66OHgb0BnLSfUYvxBa8iIy/OEsTppM/zCQPx44yEO4lKhmmjcl3fiZTaSYcktog5kcShjo78adlMPKBizD8doZ7qNNphCNzkcDHybFohQdydtcUHCz0+F3bocmOmPo8FSp0H20e156ilFKRpP1Kl1ukJWZYnhXORe0gl2zIG9P44KfJNe+U3YB
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1;BL2PR15MB0961;20:397WEtb53t6ljSRM8EuTBvYdKwcJcPsc5KR2MrIMVtDTjQUlMXOVHVLrp48ojKNc3cgrK5LM5rqPP3yI5A2qijVFmcEp0swOkhs7SGJmzAEMi7Dy5Rgm7ltFQeZlsoPpQeTGT6DWhwNOtuQJ33QJxituis7Pl5dfxbC1l617yAM=
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Nov 2017 09:34:42.5640 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 68c5a8a3-f3e1-4a2e-469f-08d5236748bf
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2PR15MB0961
X-OriginatorOrg: fb.com
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-11-04_05:,,
 signatures=0
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 11/3/17 3:58 PM, Sandipan Das wrote:
> For added security, the layout of some structures can be
> randomized by enabling CONFIG_GCC_PLUGIN_RANDSTRUCT. One
> such structure is task_struct. To build BPF programs, we
> use Clang which does not support this feature. So, if we
> attempt to read a field of a structure with a randomized
> layout within a BPF program, we do not get the expected
> value because of incorrect offsets. To observe this, it
> is not mandatory to have CONFIG_GCC_PLUGIN_RANDSTRUCT
> enabled because the structure annotations/members added
> for this purpose are enough to cause this. So, all kernel
> builds are affected.
>
> For example, considering samples/bpf/offwaketime_kern.c,
> if we try to print the values of pid and comm inside the
> task_struct passed to waker() by adding the following
> lines of code at the appropriate place
>
>   char fmt[] = "waker(): p->pid = %u, p->comm = %s\n";
>   bpf_trace_printk(fmt, sizeof(fmt), _(p->pid), _(p->comm));
>
> it is seen that upon rebuilding and running this sample
> followed by inspecting /sys/kernel/debug/tracing/trace,
> the output looks like the following
>
>                                _-----=> irqs-off
>                               / _----=> need-resched
>                              | / _---=> hardirq/softirq
>                              || / _--=> preempt-depth
>                              ||| /     delay
>             TASK-PID   CPU#  ||||    TIMESTAMP  FUNCTION
>                | |       |   ||||       |         |
>           <idle>-0     [007] d.s.  1883.443594: 0x00000001: waker(): p->pid = 0, p->comm =
>           <idle>-0     [018] d.s.  1883.453588: 0x00000001: waker(): p->pid = 0, p->comm =
>           <idle>-0     [007] d.s.  1883.463584: 0x00000001: waker(): p->pid = 0, p->comm =
>           <idle>-0     [009] d.s.  1883.483586: 0x00000001: waker(): p->pid = 0, p->comm =
>           <idle>-0     [005] d.s.  1883.493583: 0x00000001: waker(): p->pid = 0, p->comm =
>           <idle>-0     [009] d.s.  1883.503583: 0x00000001: waker(): p->pid = 0, p->comm =
>           <idle>-0     [018] d.s.  1883.513578: 0x00000001: waker(): p->pid = 0, p->comm =
>  systemd-journal-3140  [003] d...  1883.627660: 0x00000001: waker(): p->pid = 0, p->comm =
>  systemd-journal-3140  [003] d...  1883.627704: 0x00000001: waker(): p->pid = 0, p->comm =
>  systemd-journal-3140  [003] d...  1883.627723: 0x00000001: waker(): p->pid = 0, p->comm =
>
> To avoid this, we add new BPF helpers that read the
> correct values for some of the important task_struct
> members such as pid, tgid, comm and flags which are
> extensively used in BPF-based analysis tools such as
> bcc. Since these helpers are built with GCC, they use
> the correct offsets when referencing a member.
>
> Signed-off-by: Sandipan Das <sandipan@linux.vnet.ibm.com>
...
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index f90860d1f897..324508d27bd2 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -338,6 +338,16 @@ union bpf_attr {
>   *     @skb: pointer to skb
>   *     Return: classid if != 0
>   *
> + * u64 bpf_get_task_pid_tgid(struct task_struct *task)
> + *     Return: task->tgid << 32 | task->pid
> + *
> + * int bpf_get_task_comm(struct task_struct *task)
> + *     Stores task->comm into buf
> + *     Return: 0 on success or negative error
> + *
> + * u32 bpf_get_task_flags(struct task_struct *task)
> + *     Return: task->flags
> + *

I don't think it's a solution.
Tracing scripts read other fields too.
Making it work for these 3 fields is a drop in a bucket.
If randomization is used I think we have to accept
that existing bpf scripts won't be usable.
Long term solution is to support 'BPF Type Format' or BTF
(which is old C-Type Format) for kernel data structures,
so bcc scripts wouldn't need to use kernel headers and clang.
The proper offsets will be described in BTF.
We were planning to use it initially to describe map key/value,
but it applies for this case as well.
There will be a tool that will take dwarf from vmlinux and
compress it into BTF. Kernel will also be able to verify
that BTF is a valid BTF.
I'm assuming that gcc randomization plugin produces dwarf
with correct offsets, if not, it would have to be fixed.


From 1583027203607239623@xxx Fri Nov 03 06:59:46 +0000 2017
X-GM-THRID: 1583027203607239623
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread