From 59d002ce808ce30c6d9927ff9705e1c57f3dd755 Mon Sep 17 00:00:00 2001 From: Felix Hilgers Date: Wed, 11 Dec 2024 00:38:24 +0100 Subject: [PATCH] fix: undefined behavior ebpf see: https://doc.rust-lang.org/beta/std/ptr/macro.addr_of_mut.html Signed-off-by: Felix Hilgers --- rust/backend/ebpf/src/jni_references.rs | 11 ++++++----- rust/backend/ebpf/src/sys_sendmsg.rs | 14 +++++++------- rust/backend/ebpf/src/vfs_write.rs | 15 ++++++++------- 3 files changed, 21 insertions(+), 19 deletions(-) diff --git a/rust/backend/ebpf/src/jni_references.rs b/rust/backend/ebpf/src/jni_references.rs index f443004..129f15c 100644 --- a/rust/backend/ebpf/src/jni_references.rs +++ b/rust/backend/ebpf/src/jni_references.rs @@ -2,7 +2,7 @@ // // SPDX-License-Identifier: MIT -use core::mem; +use core::{mem, ptr::addr_of_mut}; use aya_ebpf::{maps::RingBuf, macros::{uprobe, map}, programs::{ProbeContext}, EbpfContext, helpers::bpf_ktime_get_ns}; use aya_ebpf::maps::HashMap; use aya_log_ebpf::error; @@ -38,10 +38,11 @@ fn handle_trace(ctx: ProbeContext, method: JNIMethodName) -> u32 { let entry_mut = entry.as_mut_ptr(); unsafe { - (*entry_mut).pid = pid; - (*entry_mut).tid = tid; - (*entry_mut).begin_time_stamp = time_stamp; - (*entry_mut).method_name = method; + (&raw mut (*entry_mut).pid).write(pid); + (&raw mut (*entry_mut).pid).write(pid); + (&raw mut (*entry_mut).tid).write(tid); + (&raw mut (*entry_mut).begin_time_stamp).write(time_stamp); + (&raw mut (*entry_mut).method_name).write(method); } entry.submit(0); diff --git a/rust/backend/ebpf/src/sys_sendmsg.rs b/rust/backend/ebpf/src/sys_sendmsg.rs index dae1afe..b73788d 100644 --- a/rust/backend/ebpf/src/sys_sendmsg.rs +++ b/rust/backend/ebpf/src/sys_sendmsg.rs @@ -2,6 +2,8 @@ // // SPDX-License-Identifier: MIT +use core::ptr::addr_of_mut; + use aya_ebpf::{macros::{tracepoint, map}, maps::{HashMap, RingBuf}, programs::{TracePointContext}, EbpfContext, helpers::gen::bpf_ktime_get_ns}; use aya_log_ebpf::error; use backend_common::{generate_id, SysSendmsgCall}; @@ -84,16 +86,14 @@ pub fn sys_exit_sendmsg(ctx: TracePointContext) -> u32 { let entry_mut = entry.as_mut_ptr(); unsafe { - (*entry_mut).pid = pid; - (*entry_mut).tid = tid; - (*entry_mut).begin_time_stamp = data.begin_time_stamp; - (*entry_mut).fd = data.fd; - (*entry_mut).duration_nano_sec = duration_nano_sec; + (&raw mut (*entry_mut).pid).write(pid); + (&raw mut (*entry_mut).tid).write(tid); + (&raw mut (*entry_mut).begin_time_stamp).write(data.begin_time_stamp); + (&raw mut (*entry_mut).fd).write(data.fd); + (&raw mut (*entry_mut).duration_nano_sec).write(duration_nano_sec); } - entry.submit(0); - 0 } diff --git a/rust/backend/ebpf/src/vfs_write.rs b/rust/backend/ebpf/src/vfs_write.rs index f4f6a83..677c0a5 100644 --- a/rust/backend/ebpf/src/vfs_write.rs +++ b/rust/backend/ebpf/src/vfs_write.rs @@ -2,6 +2,8 @@ // // SPDX-License-Identifier: MIT +use core::ptr::addr_of_mut; + use aya_ebpf::{ macros::{kprobe, map, kretprobe}, maps::{HashMap, RingBuf}, @@ -97,14 +99,13 @@ pub fn vfs_write_ret(ctx: RetProbeContext) -> Result<(), u32> { }; let entry_mut = entry.as_mut_ptr(); - + unsafe { - (*entry_mut).pid = pid; - (*entry_mut).tid = tid; - (*entry_mut).begin_time_stamp = data.begin_time_stamp; - (*entry_mut).fp = data.fp; - (*entry_mut).bytes_written = data.bytes_written; - + (&raw mut (*entry_mut).pid).write(pid); + (&raw mut (*entry_mut).tid).write(tid); + (&raw mut (*entry_mut).begin_time_stamp).write(data.begin_time_stamp); + (&raw mut (*entry_mut).fp).write(data.fp); + (&raw mut (*entry_mut).bytes_written).write(data.bytes_written); } entry.submit(0);