• Sargun Dhillon's avatar
    bpf: Add bpf_probe_write_user BPF helper to be called in tracers · 96ae5227
    Sargun Dhillon authored
    This allows user memory to be written to during the course of a kprobe.
    It shouldn't be used to implement any kind of security mechanism
    because of TOC-TOU attacks, but rather to debug, divert, and
    manipulate execution of semi-cooperative processes.
    
    Although it uses probe_kernel_write, we limit the address space
    the probe can write into by checking the space with access_ok.
    We do this as opposed to calling copy_to_user directly, in order
    to avoid sleeping. In addition we ensure the threads's current fs
    / segment is USER_DS and the thread isn't exiting nor a kernel thread.
    
    Given this feature is meant for experiments, and it has a risk of
    crashing the system, and running programs, we print a warning on
    when a proglet that attempts to use this helper is installed,
    along with the pid and process name.
    Signed-off-by: 's avatarSargun Dhillon <sargun@sargun.me>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Acked-by: 's avatarAlexei Starovoitov <ast@kernel.org>
    Signed-off-by: 's avatarDavid S. Miller <davem@davemloft.net>
    96ae5227
Name
Last commit
Last update
..
bpf Loading commit data...
configfs Loading commit data...
connector Loading commit data...
hidraw Loading commit data...
hw_breakpoint Loading commit data...
kdb Loading commit data...
kfifo Loading commit data...
kobject Loading commit data...
kprobes Loading commit data...
livepatch Loading commit data...
pktgen Loading commit data...
rpmsg Loading commit data...
seccomp Loading commit data...
trace_events Loading commit data...
uhid Loading commit data...
v4l Loading commit data...
Kconfig Loading commit data...
Makefile Loading commit data...