linux/Documentation/core-api
Daniel Borkmann b2a5212fb6 bpf: Restrict bpf_trace_printk()'s %s usage and add %pks, %pus specifier
Usage of plain %s conversion specifier in bpf_trace_printk() suffers from the
very same issue as bpf_probe_read{,str}() helpers, that is, it is broken on
archs with overlapping address ranges.

While the helpers have been addressed through work in 6ae08ae3de ("bpf: Add
probe_read_{user, kernel} and probe_read_{user, kernel}_str helpers"), we need
an option for bpf_trace_printk() as well to fix it.

Similarly as with the helpers, force users to make an explicit choice by adding
%pks and %pus specifier to bpf_trace_printk() which will then pick the corresponding
strncpy_from_unsafe*() variant to perform the access under KERNEL_DS or USER_DS.
The %pk* (kernel specifier) and %pu* (user specifier) can later also be extended
for other objects aside strings that are probed and printed under tracing, and
reused out of other facilities like bpf_seq_printf() or BTF based type printing.

Existing behavior of %s for current users is still kept working for archs where it
is not broken and therefore gated through CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE.
For archs not having this property we fall-back to pick probing under KERNEL_DS as
a sensible default.

Fixes: 8d3b7dce86 ("bpf: add support for %s specifier to bpf_trace_printk()")
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Reported-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Brendan Gregg <brendan.d.gregg@gmail.com>
Link: https://lore.kernel.org/bpf/20200515101118.6508-4-daniel@iogearbox.net
2020-05-15 08:10:36 -07:00
..
assoc_array.rst Documentation: Use "while" instead of "whilst" 2018-11-20 09:30:43 -07:00
atomic_ops.rst locking/atomics/Documentation: Describe atomic_set() as a write operation 2018-07-17 09:30:31 +02:00
boot-time-mm.rst docs/boot-time-mm: remove bootmem documentation 2018-10-31 08:54:16 -07:00
cachetlb.rst ia64/tlb: Eradicate tlb_migrate_finish() callback 2019-04-03 10:33:04 +02:00
circular-buffers.rst doc: Remove ".vnet" from paulmck email addresses 2019-05-28 09:02:57 -07:00
cpu_hotplug.rst Documentation: Update CPU hotplug and move it to core-api 2017-01-13 10:32:32 -07:00
debug-objects.rst doc: debugobjects: actually pull in the kerneldoc comments 2016-11-29 14:44:14 -07:00
errseq.rst errseq: Add to documentation tree 2018-01-01 12:40:27 -07:00
genalloc.rst lib/genalloc.c: rename addr_in_gen_pool to gen_pool_has_addr 2019-12-04 19:44:13 -08:00
generic-radix-tree.rst generic radix trees 2019-03-12 10:04:02 -07:00
genericirq.rst docs: Add request_irq() documentation 2019-11-18 12:40:59 -07:00
gfp_mask-from-fs-io.rst docs: core-api/gfp_mask-from-fs-io: add a label for cross-referencing 2018-09-20 11:02:32 -06:00
idr.rst idr: Change documentation license 2018-10-15 16:31:29 -04:00
index.rst docs: move core-api/ioctl.rst to driver-api/ 2020-03-10 11:21:08 -06:00
kernel-api.rst docs/core-api: Remove possibly confusing sub-headings from Bit Operations 2019-12-04 21:20:28 +11:00
kobject.rst Documentation: kobject.txt has been moved to core-api/kobject.rst 2020-03-02 13:03:44 -07:00
librs.rst docs-rst: convert librs book to ReST 2017-05-16 08:44:16 -03:00
local_ops.rst timer: Remove init_timer() interface 2017-11-21 15:57:09 -08:00
memory-allocation.rst docs/core-api: memory-allocation: mention size helpers 2019-10-29 04:45:40 -06:00
memory-hotplug.rst docs/core-api: memory-hotplug: add some details about locking internals 2018-10-12 11:14:19 -06:00
mm-api.rst mm: add pagemap.h to the fine documentation 2020-04-02 09:35:29 -07:00
packing.rst docs: packing: move it to core-api book and adjust markups 2019-07-31 13:30:01 -06:00
padata.rst padata: update documentation 2019-12-11 16:37:02 +08:00
pin_user_pages.rst mm: dump_page(): additional diagnostics for huge pinned pages 2020-04-02 09:35:27 -07:00
printk-formats.rst bpf: Restrict bpf_trace_printk()'s %s usage and add %pks, %pus specifier 2020-05-15 08:10:36 -07:00
protection-keys.rst docs: move protection-keys.rst to the core-api book 2019-06-08 13:42:12 -06:00
refcount-vs-atomic.rst docs: remove :c:func: from refcount-vs-atomic.rst 2019-10-07 09:08:56 -06:00
symbol-namespaces.rst scripts/nsdeps: support nsdeps for external module builds 2019-11-11 20:10:01 +09:00
timekeeping.rst docs: timekeeping: Use correct prototype for deprecated functions 2020-04-15 14:48:26 -06:00
tracepoint.rst doc: Sphinxify the tracepoint docbook 2016-11-29 14:44:23 -07:00
workqueue.rst Documentation: core-api: minor workqueue.rst cleanups 2017-09-18 17:29:27 -07:00
xarray.rst XArray: Add xa_for_each_range 2020-01-17 22:33:37 -05:00