From 1da177e4c34fb9684d10f5bc65ad3c83c662a24e Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Sun, 15 Dec 2024 17:27:47 -0800 Subject: [PATCH 1/3] docs: git SHA prefixes are for humans Clarify that the preferred git SHA abbreviation length for the Fixes tag is 12 characters[1], as the tag is intended for humans (though, yes, it is parsed by machines too). Collision resolution needs to be performed using the parenthetical patch Subject that follows the abbreviated hash. Suggested-by: Linus Torvalds Link: https://lore.kernel.org/all/CAHk-=wiwAz3UgPOWK3RdGXDnTRHcwVbxpuxCQt_0SoAJC-oGXQ@mail.gmail.com [1] Signed-off-by: Kees Cook --- Documentation/process/handling-regressions.rst | 4 ++-- Documentation/process/maintainer-tip.rst | 4 ++-- Documentation/process/submitting-patches.rst | 6 ++++++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/Documentation/process/handling-regressions.rst b/Documentation/process/handling-regressions.rst index 1f5ab49c48a4..a0e8715c6cd3 100644 --- a/Documentation/process/handling-regressions.rst +++ b/Documentation/process/handling-regressions.rst @@ -29,9 +29,9 @@ The important bits (aka "The TL;DR") * For mailed reports, check if the reporter included a line like ``#regzbot introduced: v5.13..v5.14-rc1``. If not, send a reply (with the regressions list in CC) containing a paragraph like the following, which tells regzbot - when the issue started to happen:: + when the issue started to happen, preferably with a full git SHA:: - #regzbot ^introduced: 1f2e3d4c5b6a + #regzbot ^introduced: 1f2e3d4c5b6a1524e886b7f1b8a0c1fc7321cac2 * When forwarding reports from a bug tracker to the regressions list (see above), include a paragraph like the following:: diff --git a/Documentation/process/maintainer-tip.rst b/Documentation/process/maintainer-tip.rst index e374b67b3277..658b489705be 100644 --- a/Documentation/process/maintainer-tip.rst +++ b/Documentation/process/maintainer-tip.rst @@ -284,7 +284,7 @@ following tag ordering scheme: Commit - abcdef012345678 ("x86/xxx: Replace foo with bar") + ab0123456789 ("x86/xxx: Replace foo with bar") left an unused instance of variable foo around. Remove it. @@ -295,7 +295,7 @@ following tag ordering scheme: The recent replacement of foo with bar left an unused instance of variable foo around. Remove it. - Fixes: abcdef012345678 ("x86/xxx: Replace foo with bar") + Fixes: ab0123456789 ("x86/xxx: Replace foo with bar") Signed-off-by: J.Dev The latter puts the information about the patch into the focus and diff --git a/Documentation/process/submitting-patches.rst b/Documentation/process/submitting-patches.rst index 1518bd57adab..efd4fb1109e9 100644 --- a/Documentation/process/submitting-patches.rst +++ b/Documentation/process/submitting-patches.rst @@ -163,6 +163,12 @@ An example call:: $ git log -1 --pretty=fixes 54a4f0239f2e Fixes: 54a4f0239f2e ("KVM: MMU: make kvm_mmu_zap_page() return the number of pages it actually freed") +Note that the "Fixes" tag, while it does get parsed by machines, is intended +for humans (hence the Subject portion). It is preferred that hashes remain at +12 characters even in the face of prefix collisions. When encountering hash +prefix collisions, tools (and humans) need to resolve such collisions using +the parenthetical patch Subject. + .. _split_changes: Separate your changes From 57a6baf3a3ea61159a149573258a0a92f3a3d6dd Mon Sep 17 00:00:00 2001 From: Marco Elver Date: Fri, 8 Nov 2024 12:34:24 +0100 Subject: [PATCH 2/3] tracing: Add task_prctl_unknown tracepoint prctl() is a complex syscall which multiplexes its functionality based on a large set of PR_* options. Currently we count 64 such options. The return value of unknown options is -EINVAL, and doesn't distinguish from known options that were passed invalid args that also return -EINVAL. To understand if programs are attempting to use prctl() options not yet available on the running kernel, provide the task_prctl_unknown tracepoint. Note, this tracepoint is in an unlikely cold path, and would therefore be suitable for continuous monitoring (e.g. via perf_event_open). While the above is likely the simplest usecase, additionally this tracepoint can help unlock some testing scenarios (where probing sys_enter or sys_exit causes undesirable performance overheads): a. unprivileged triggering of a test module: test modules may register a probe to be called back on task_prctl_unknown, and pick a very large unknown prctl() option upon which they perform a test function for an unprivileged user; b. unprivileged triggering of an eBPF program function: similar as idea (a). Example trace_pipe output: test-380 [001] ..... 78.142904: task_prctl_unknown: option=1234 arg2=101 arg3=102 arg4=103 arg5=104 Signed-off-by: Marco Elver Reviewed-by: Alexander Potapenko Link: https://lore.kernel.org/r/20241108113455.2924361-1-elver@google.com Signed-off-by: Kees Cook --- include/trace/events/task.h | 37 +++++++++++++++++++++++++++++++++++++ kernel/sys.c | 3 +++ 2 files changed, 40 insertions(+) diff --git a/include/trace/events/task.h b/include/trace/events/task.h index 47b527464d1a..209d315852fb 100644 --- a/include/trace/events/task.h +++ b/include/trace/events/task.h @@ -56,6 +56,43 @@ TRACE_EVENT(task_rename, __entry->newcomm, __entry->oom_score_adj) ); +/** + * task_prctl_unknown - called on unknown prctl() option + * @option: option passed + * @arg2: arg2 passed + * @arg3: arg3 passed + * @arg4: arg4 passed + * @arg5: arg5 passed + * + * Called on an unknown prctl() option. + */ +TRACE_EVENT(task_prctl_unknown, + + TP_PROTO(int option, unsigned long arg2, unsigned long arg3, + unsigned long arg4, unsigned long arg5), + + TP_ARGS(option, arg2, arg3, arg4, arg5), + + TP_STRUCT__entry( + __field( int, option) + __field( unsigned long, arg2) + __field( unsigned long, arg3) + __field( unsigned long, arg4) + __field( unsigned long, arg5) + ), + + TP_fast_assign( + __entry->option = option; + __entry->arg2 = arg2; + __entry->arg3 = arg3; + __entry->arg4 = arg4; + __entry->arg5 = arg5; + ), + + TP_printk("option=%d arg2=%ld arg3=%ld arg4=%ld arg5=%ld", + __entry->option, __entry->arg2, __entry->arg3, __entry->arg4, __entry->arg5) +); + #endif /* This part must be outside protection */ diff --git a/kernel/sys.c b/kernel/sys.c index 4da31f28fda8..b366cef102ec 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -75,6 +75,8 @@ #include #include +#include + #include "uid16.h" #ifndef SET_UNALIGN_CTL @@ -2785,6 +2787,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, error = RISCV_SET_ICACHE_FLUSH_CTX(arg2, arg3); break; default: + trace_task_prctl_unknown(option, arg2, arg3, arg4, arg5); error = -EINVAL; break; } From a6115cceb1dd61974410979e278dd3f369a7f566 Mon Sep 17 00:00:00 2001 From: Marco Elver Date: Fri, 8 Nov 2024 12:34:25 +0100 Subject: [PATCH 3/3] tracing: Remove pid in task_rename tracing output Remove pid in task_rename tracepoint output, since that tracepoint only deals with the current task, and is printed by default. This also saves some space in the entry and avoids wasted padding. Link: https://lkml.kernel.org/r/20241105120247.596a0dc9@gandalf.local.home Suggested-by: Steven Rostedt Signed-off-by: Marco Elver Link: https://lore.kernel.org/r/20241108113455.2924361-2-elver@google.com Signed-off-by: Kees Cook --- include/trace/events/task.h | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/include/trace/events/task.h b/include/trace/events/task.h index 209d315852fb..af535b053033 100644 --- a/include/trace/events/task.h +++ b/include/trace/events/task.h @@ -38,22 +38,19 @@ TRACE_EVENT(task_rename, TP_ARGS(task, comm), TP_STRUCT__entry( - __field( pid_t, pid) __array( char, oldcomm, TASK_COMM_LEN) __array( char, newcomm, TASK_COMM_LEN) __field( short, oom_score_adj) ), TP_fast_assign( - __entry->pid = task->pid; memcpy(entry->oldcomm, task->comm, TASK_COMM_LEN); strscpy(entry->newcomm, comm, TASK_COMM_LEN); __entry->oom_score_adj = task->signal->oom_score_adj; ), - TP_printk("pid=%d oldcomm=%s newcomm=%s oom_score_adj=%hd", - __entry->pid, __entry->oldcomm, - __entry->newcomm, __entry->oom_score_adj) + TP_printk("oldcomm=%s newcomm=%s oom_score_adj=%hd", + __entry->oldcomm, __entry->newcomm, __entry->oom_score_adj) ); /**