• Daniel Borkmann's avatar
    uaccess: Add strict non-pagefault kernel-space read function · 75a1a607
    Daniel Borkmann authored
    Add two new probe_kernel_read_strict() and strncpy_from_unsafe_strict()
    helpers which by default alias to the __probe_kernel_read() and the
    __strncpy_from_unsafe(), respectively, but can be overridden by archs
    which have non-overlapping address ranges for kernel space and user
    space in order to bail out with -EFAULT when attempting to probe user
    memory including non-canonical user access addresses [0]:
    
      4-level page tables:
        user-space mem: 0x0000000000000000 - 0x00007fffffffffff
        non-canonical:  0x0000800000000000 - 0xffff7fffffffffff
    
      5-level page tables:
        user-space mem: 0x0000000000000000 - 0x00ffffffffffffff
        non-canonical:  0x0100000000000000 - 0xfeffffffffffffff
    
    The idea is that these helpers are complementary to the probe_user_read()
    and strncpy_from_unsafe_user() which probe user-only memory. Both added
    helpers here do the same, but for kernel-only addresses.
    
    Both set of helpers are going to be used for BPF tracing. They also
    explicitly avoid throwing the splat for non-canonical user addresses from
    00c42373 ("x86-64: add warning for non-canonical user access address
    dereferences").
    
    For compat, the current probe_kernel_read() and strncpy_from_unsafe() are
    left as-is.
    
      [0] Documentation/x86/x86_64/mm.txt
    Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
    Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Masami Hiramatsu <mhiramat@kernel.org>
    Cc: x86@kernel.org
    Link: https://lore.kernel.org/bpf/eefeefd769aa5a013531f491a71f0936779e916b.1572649915.git.daniel@iogearbox.net
    75a1a607
Makefile 1.8 KB