Received: by 10.223.164.221 with SMTP id h29csp1494829wrb; Wed, 1 Nov 2017 18:09:14 -0700 (PDT) X-Google-Smtp-Source: ABhQp+QmYkuuaowZv9+ls6uMnTqGnWi5FYRMGABJMEW4G3QdnvXT43eusXQjmdB17bliCHwpxgPk X-Received: by 10.99.127.94 with SMTP id p30mr1725083pgn.66.1509584954293; Wed, 01 Nov 2017 18:09:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1509584954; cv=none; d=google.com; s=arc-20160816; b=a1jXMAxr+TaTuG/BszjmMFpyicRnCZS0u+l4ChY1/+VTL1epdqWqQ/lZeIjT0JZpqz dwNM472bUhZ1ty6Pa1/1p3JluidyEdSKNTwD3biK9WXll/8RzU9R9mCqw54/T2hAutOE 9i4PrKTiFUWNbC+EImsdK4apOLRoODYfwruEELsS1Upbob7nnPVi0JTmNT/FMfuiT56h k7ju+uMHLnbpaicgE3nnYHouLIu7Wt6IBTRf/MUIR8XT6arqXvHAMCIRtoc8cs8ITBun BIvt9kDsjGqU5n9KQ2Gj039ZzpAgj5kE4AfzqxsrKe99JBOJpALWvjqQSYpcA02VkYOl eLtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:in-reply-to :references:subject:cc:to:mime-version:user-agent:from:date :message-id:arc-authentication-results; bh=8yRQT77D4upYDxk40d1v7Lne/HM+IltNhH2GeXek5qs=; b=rZ2xQTqoSaxc5Eclm98D7Z22avybikLNrf0c9tYy+9BMc3xQCNQaJqr2Eli8u812wf Mri1XLG1C0B4VK3h/SqoKRu0dbfig15mSSejTyWfqFaOuX2g0oXTcLew/N/w8WuvvSmb P2h4iUet5H9MZj0HPQunfvmYjKflFeg+gSthK2Tk5ZWWxphimd2WPyti4BsYgeacu//U Qrd/+2kjANBkQl8loR6zFclUwUwGBfu4DuTGiGgROoITkHKT2YgUjNQctQQHwzVYhV3f m7QyaK8GtX+wzoWxPWuxSKM9OCvJr+/PY/ye9HXQCAyZ625sI18VOk5eZbnalu6P9eyE 4Cag== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t13si2260735pfg.95.2017.11.01.18.09.00; Wed, 01 Nov 2017 18:09:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934062AbdKBBIY (ORCPT + 99 others); Wed, 1 Nov 2017 21:08:24 -0400 Received: from www62.your-server.de ([213.133.104.62]:40531 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932409AbdKBBIX (ORCPT ); Wed, 1 Nov 2017 21:08:23 -0400 Received: from [194.230.159.142] (helo=localhost.localdomain) by www62.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-SHA:256) (Exim 4.85_2) (envelope-from ) id 1eA3zP-0000LJ-DU; Thu, 02 Nov 2017 02:08:11 +0100 Message-ID: <59FA6FFA.1080503@iogearbox.net> Date: Thu, 02 Nov 2017 02:08:10 +0100 From: Daniel Borkmann User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Josef Bacik , rostedt@goodmis.org, mingo@redhat.com, davem@davemloft.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, ast@kernel.org, kernel-team@fb.com CC: Josef Bacik Subject: Re: [PATCH 1/2] bpf: add a bpf_override_function helper References: <1509555643-2899-1-git-send-email-josef@toxicpanda.com> <1509555643-2899-2-git-send-email-josef@toxicpanda.com> In-Reply-To: <1509555643-2899-2-git-send-email-josef@toxicpanda.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.99.2/24008/Wed Nov 1 21:07:58 2017) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/01/2017 06:00 PM, Josef Bacik wrote: > From: Josef Bacik > > Error injection is sloppy and very ad-hoc. BPF could fill this niche > perfectly with it's kprobe functionality. We could make sure errors are > only triggered in specific call chains that we care about with very > specific situations. Accomplish this with the bpf_override_funciton > helper. This will modify the probe'd callers return value to the > specified value and set the PC to an override function that simply > returns, bypassing the originally probed function. This gives us a nice > clean way to implement systematic error injection for all of our code > paths. > > Signed-off-by: Josef Bacik Looks useful (seccomp/BPF has something similar but on syscall level). I think given we change kernel behavior, it would be good if we emit similar warning like in case of bpf_get_probe_write_proto(), such that from staring at the log (e.g. in case of subsequent crash), it could help identifying that cause to trigger the bug could have been due to bpf_override_function(). From 1582884987565115132@xxx Wed Nov 01 17:19:18 +0000 2017 X-GM-THRID: 1582884059549901177 X-Gmail-Labels: Inbox,Category Forums