[DTrace-devel] [PATCH 07/14] Support inet_ntoa() for addresses that are not DTrace pointers
Kris Van Hees
kris.van.hees at oracle.com
Sat Feb 18 06:43:39 UTC 2023
On Thu, Nov 03, 2022 at 03:52:19PM -0400, eugene.loh--- via DTrace-devel wrote:
> From: Eugene Loh <eugene.loh at oracle.com>
>
> If the input argument to inet_ntoa() is not a DTrace pointer, the
> BPF verifier cannot confirm it is safe. So first copy the input
> data to the BPF stack using the probe_read() helper function.
>
> Signed-off-by: Eugene Loh <eugene.loh at oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees at oracle.com>
... after applying a patch I just posted to fix the return value of copyin()
> ---
> bpf/inet_ntoa.S | 36 ++++++++++++++-------
> test/unittest/funcs/tst.inet_ntoa_alloca.d | 25 ++++++++++++++
> test/unittest/funcs/tst.inet_ntoa_alloca.r | 2 ++
> test/unittest/funcs/tst.inet_ntoa_copyin.d | 23 +++++++++++++
> test/unittest/funcs/tst.inet_ntoa_copyin.r | 2 ++
> test/unittest/funcs/tst.inet_ntoa_nonDPTR.d | 23 +++++++++++++
> test/unittest/funcs/tst.inet_ntoa_nonDPTR.r | 2 ++
> 7 files changed, 101 insertions(+), 12 deletions(-)
> create mode 100644 test/unittest/funcs/tst.inet_ntoa_alloca.d
> create mode 100644 test/unittest/funcs/tst.inet_ntoa_alloca.r
> create mode 100644 test/unittest/funcs/tst.inet_ntoa_copyin.d
> create mode 100644 test/unittest/funcs/tst.inet_ntoa_copyin.r
> create mode 100644 test/unittest/funcs/tst.inet_ntoa_nonDPTR.d
> create mode 100644 test/unittest/funcs/tst.inet_ntoa_nonDPTR.r
>
> diff --git a/bpf/inet_ntoa.S b/bpf/inet_ntoa.S
> index ff36e226..1ef3b13a 100644
> --- a/bpf/inet_ntoa.S
> +++ b/bpf/inet_ntoa.S
> @@ -3,6 +3,8 @@
> * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> */
>
> +#define BPF_FUNC_probe_read 4
> +
> .text
>
> /*
> @@ -115,25 +117,27 @@ dt_inet_ntoa_write_uint8:
> * void dt_inet_ntoa(uint8_t *src, char *dst) {
> * uint64_t off, inp, len;
> *
> - * off = 0
> + * bpf_probe_read(fp + -4, 4, src);
> + *
> + * off = 0;
> * len = STRSZ;
> *
> - * inp = src[0];
> + * inp = *(fp + -4);
> * off = dt_inet_ntoa_write_uint8(inp, dst, off);
> * if (off >= STRSZ) goto done:
> * dst[off++] = ':';
> *
> - * inp = src[1];
> + * inp = *(fp + -3);
> * off = dt_inet_ntoa_write_uint8(inp, dst, off);
> * if (off >= STRSZ) goto done:
> * dst[off++] = ':';
> *
> - * inp = src[2];
> + * inp = *(fp + -2);
> * off = dt_inet_ntoa_write_uint8(inp, dst, off);
> * if (off >= STRSZ) goto done:
> * dst[off++] = ':';
> *
> - * inp = src[3];
> + * inp = *(fp + -1);
> * off = dt_inet_ntoa_write_uint8(inp, dst, off);
> *
> * done:
> @@ -146,19 +150,27 @@ dt_inet_ntoa_write_uint8:
> .type dt_inet_ntoa, @function
> dt_inet_ntoa:
>
> -/* off cycles between %r3 (input arg to subroutine) and %r0 (its return) */
> +/*
> + * the variable "off" is either in:
> + * %r3 (input arg to subroutine)
> + * %r0 (its return)
> + */
> #define INP %r1
> -#define SRC %r6
> #define DST %r7
> #define LEN %r8
>
> - mov SRC, %r1
> mov DST, %r2
>
> + mov %r3, %r1
> + mov %r2, 4
> + mov %r1, %fp
> + add %r1, -4
> + call BPF_FUNC_probe_read
> +
> mov %r3, 0
> lddw LEN, STRSZ
>
> - ldxb INP, [SRC+0]
> + ldxb INP, [%fp+-4]
> mov %r2, DST
> call dt_inet_ntoa_write_uint8
> jge %r0, LEN, .Ldone
> @@ -167,7 +179,7 @@ dt_inet_ntoa:
> add %r0, DST
> stb [%r0+0], '.'
>
> - ldxb INP, [SRC+1]
> + ldxb INP, [%fp+-3]
> mov %r2, DST
> call dt_inet_ntoa_write_uint8
> jge %r0, LEN, .Ldone
> @@ -176,7 +188,7 @@ dt_inet_ntoa:
> add %r0, DST
> stb [%r0+0], '.'
>
> - ldxb INP, [SRC+2]
> + ldxb INP, [%fp+-2]
> mov %r2, DST
> call dt_inet_ntoa_write_uint8
> jge %r0, LEN, .Ldone
> @@ -185,7 +197,7 @@ dt_inet_ntoa:
> add %r0, DST
> stb [%r0+0], '.'
>
> - ldxb INP, [SRC+3]
> + ldxb INP, [%fp+-1]
> mov %r2, DST
> call dt_inet_ntoa_write_uint8
>
> diff --git a/test/unittest/funcs/tst.inet_ntoa_alloca.d b/test/unittest/funcs/tst.inet_ntoa_alloca.d
> new file mode 100644
> index 00000000..4c44fb39
> --- /dev/null
> +++ b/test/unittest/funcs/tst.inet_ntoa_alloca.d
> @@ -0,0 +1,25 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +#pragma D option quiet
> +#pragma D option destructive
> +
> +BEGIN
> +{
> + system("printf '\xc0\xa8\x01\x17' > /dev/null 2>&1");
> +}
> +
> +syscall::write:entry
> +/ppid == $pid/
> +{
> + p = alloca(4);
> + copyinto(arg1, 4, p);
> + printf("%s\n", inet_ntoa(p));
> + exit(0);
> +}
> +
> +ERROR { exit(1); }
> diff --git a/test/unittest/funcs/tst.inet_ntoa_alloca.r b/test/unittest/funcs/tst.inet_ntoa_alloca.r
> new file mode 100644
> index 00000000..7257e488
> --- /dev/null
> +++ b/test/unittest/funcs/tst.inet_ntoa_alloca.r
> @@ -0,0 +1,2 @@
> +192.168.1.23
> +
> diff --git a/test/unittest/funcs/tst.inet_ntoa_copyin.d b/test/unittest/funcs/tst.inet_ntoa_copyin.d
> new file mode 100644
> index 00000000..a4b56685
> --- /dev/null
> +++ b/test/unittest/funcs/tst.inet_ntoa_copyin.d
> @@ -0,0 +1,23 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +#pragma D option quiet
> +#pragma D option destructive
> +
> +BEGIN
> +{
> + system("printf '\xc0\xa8\x01\x17' > /dev/null 2>&1");
> +}
> +
> +syscall::write:entry
> +/ppid == $pid/
> +{
> + printf("%s\n", inet_ntoa(copyin(arg1,4)));
> + exit(0);
> +}
> +
> +ERROR { exit(1); }
> diff --git a/test/unittest/funcs/tst.inet_ntoa_copyin.r b/test/unittest/funcs/tst.inet_ntoa_copyin.r
> new file mode 100644
> index 00000000..7257e488
> --- /dev/null
> +++ b/test/unittest/funcs/tst.inet_ntoa_copyin.r
> @@ -0,0 +1,2 @@
> +192.168.1.23
> +
> diff --git a/test/unittest/funcs/tst.inet_ntoa_nonDPTR.d b/test/unittest/funcs/tst.inet_ntoa_nonDPTR.d
> new file mode 100644
> index 00000000..3622787d
> --- /dev/null
> +++ b/test/unittest/funcs/tst.inet_ntoa_nonDPTR.d
> @@ -0,0 +1,23 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +#pragma D option quiet
> +#pragma D option destructive
> +
> +BEGIN
> +{
> + system("printf '\xc0\xa8\x01\x17' > /dev/null 2>&1");
> +}
> +
> +syscall::write:entry
> +/ppid == $pid/
> +{
> + printf("%s\n", inet_ntoa((void *)arg1));
> + exit(0);
> +}
> +
> +ERROR { exit(1); }
> diff --git a/test/unittest/funcs/tst.inet_ntoa_nonDPTR.r b/test/unittest/funcs/tst.inet_ntoa_nonDPTR.r
> new file mode 100644
> index 00000000..7257e488
> --- /dev/null
> +++ b/test/unittest/funcs/tst.inet_ntoa_nonDPTR.r
> @@ -0,0 +1,2 @@
> +192.168.1.23
> +
> --
> 2.18.4
>
>
> _______________________________________________
> DTrace-devel mailing list
> DTrace-devel at oss.oracle.com
> https://oss.oracle.com/mailman/listinfo/dtrace-devel
More information about the DTrace-devel
mailing list