From: Masami Hiramatsu <[email protected]>
commit f3fbd7ec62dec1528fb8044034e2885f2b257941 upstream
This is arm port of commit 6a5022a56ac3 ("kprobes/x86: Allow to
handle reentered kprobe on single-stepping")
Since the FIQ handlers can interrupt in the single stepping
(or preparing the single stepping, do_debug etc.), we should
consider a kprobe is hit in the NMI handler. Even in that
case, the kprobe is allowed to be reentered as same as the
kprobes hit in kprobe handlers
(KPROBE_HIT_ACTIVE or KPROBE_HIT_SSDONE).
The real issue will happen when a kprobe hit while another
reentered kprobe is processing (KPROBE_REENTER), because
we already consumed a saved-area for the previous kprobe.
Signed-off-by: Masami Hiramatsu <[email protected]>
Signed-off-by: Jon Medhurst <[email protected]>
Fixes: 24ba613c9d6c ("ARM kprobes: core code")
Cc: [email protected] #v2.6.25~v4.11
Signed-off-by: huangshaobo <[email protected]>
---
arch/arm/probes/kprobes/core.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/arch/arm/probes/kprobes/core.c b/arch/arm/probes/kprobes/core.c
index 3eb018fa1a1f..c3362ddd6c4c 100644
--- a/arch/arm/probes/kprobes/core.c
+++ b/arch/arm/probes/kprobes/core.c
@@ -270,6 +270,7 @@ void __kprobes kprobe_handler(struct pt_regs *regs)
switch (kcb->kprobe_status) {
case KPROBE_HIT_ACTIVE:
case KPROBE_HIT_SSDONE:
+ case KPROBE_HIT_SS:
/* A pre- or post-handler probe got us here. */
kprobes_inc_nmissed_count(p);
save_previous_kprobe(kcb);
@@ -278,6 +279,11 @@ void __kprobes kprobe_handler(struct pt_regs *regs)
singlestep(p, regs, kcb);
restore_previous_kprobe(kcb);
break;
+ case KPROBE_REENTER:
+ /* A nested probe was hit in FIQ, it is a BUG */
+ pr_warn("Unrecoverable kprobe detected at %p.\n",
+ p->addr);
+ /* fall through */
default:
/* impossible cases */
BUG();
--
2.12.3
Hi ShaoBo,
Thanks for backporting and real bug report!
On Wed, 3 Mar 2021 15:10:52 +0800
ShaoBo Huang <[email protected]> wrote:
> From: Masami Hiramatsu <[email protected]>
>
> commit f3fbd7ec62dec1528fb8044034e2885f2b257941 upstream
>
> This is arm port of commit 6a5022a56ac3 ("kprobes/x86: Allow to
> handle reentered kprobe on single-stepping")
>
> Since the FIQ handlers can interrupt in the single stepping
> (or preparing the single stepping, do_debug etc.), we should
> consider a kprobe is hit in the NMI handler. Even in that
> case, the kprobe is allowed to be reentered as same as the
> kprobes hit in kprobe handlers
> (KPROBE_HIT_ACTIVE or KPROBE_HIT_SSDONE).
>
> The real issue will happen when a kprobe hit while another
> reentered kprobe is processing (KPROBE_REENTER), because
> we already consumed a saved-area for the previous kprobe.
>
> Signed-off-by: Masami Hiramatsu <[email protected]>
> Signed-off-by: Jon Medhurst <[email protected]>
> Fixes: 24ba613c9d6c ("ARM kprobes: core code")
> Cc: [email protected] #v2.6.25~v4.11
> Signed-off-by: huangshaobo <[email protected]>
> ---
> arch/arm/probes/kprobes/core.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/arch/arm/probes/kprobes/core.c b/arch/arm/probes/kprobes/core.c
> index 3eb018fa1a1f..c3362ddd6c4c 100644
> --- a/arch/arm/probes/kprobes/core.c
> +++ b/arch/arm/probes/kprobes/core.c
> @@ -270,6 +270,7 @@ void __kprobes kprobe_handler(struct pt_regs *regs)
> switch (kcb->kprobe_status) {
> case KPROBE_HIT_ACTIVE:
> case KPROBE_HIT_SSDONE:
> + case KPROBE_HIT_SS:
> /* A pre- or post-handler probe got us here. */
> kprobes_inc_nmissed_count(p);
> save_previous_kprobe(kcb);
> @@ -278,6 +279,11 @@ void __kprobes kprobe_handler(struct pt_regs *regs)
> singlestep(p, regs, kcb);
> restore_previous_kprobe(kcb);
> break;
> + case KPROBE_REENTER:
> + /* A nested probe was hit in FIQ, it is a BUG */
> + pr_warn("Unrecoverable kprobe detected at %p.\n",
> + p->addr);
> + /* fall through */
> default:
> /* impossible cases */
> BUG();
> --
> 2.12.3
>
--
Masami Hiramatsu <[email protected]>
On Wed, Mar 03, 2021 at 09:18:27PM +0900, Masami Hiramatsu wrote:
> Hi ShaoBo,
>
> Thanks for backporting and real bug report!
>
> On Wed, 3 Mar 2021 15:10:52 +0800
> ShaoBo Huang <[email protected]> wrote:
>
> > From: Masami Hiramatsu <[email protected]>
> >
> > commit f3fbd7ec62dec1528fb8044034e2885f2b257941 upstream
> >
> > This is arm port of commit 6a5022a56ac3 ("kprobes/x86: Allow to
> > handle reentered kprobe on single-stepping")
> >
> > Since the FIQ handlers can interrupt in the single stepping
> > (or preparing the single stepping, do_debug etc.), we should
> > consider a kprobe is hit in the NMI handler. Even in that
> > case, the kprobe is allowed to be reentered as same as the
> > kprobes hit in kprobe handlers
> > (KPROBE_HIT_ACTIVE or KPROBE_HIT_SSDONE).
> >
> > The real issue will happen when a kprobe hit while another
> > reentered kprobe is processing (KPROBE_REENTER), because
> > we already consumed a saved-area for the previous kprobe.
> >
> > Signed-off-by: Masami Hiramatsu <[email protected]>
> > Signed-off-by: Jon Medhurst <[email protected]>
> > Fixes: 24ba613c9d6c ("ARM kprobes: core code")
> > Cc: [email protected] #v2.6.25~v4.11
> > Signed-off-by: huangshaobo <[email protected]>
> > ---
> > arch/arm/probes/kprobes/core.c | 6 ++++++
> > 1 file changed, 6 insertions(+)
> >
> > diff --git a/arch/arm/probes/kprobes/core.c b/arch/arm/probes/kprobes/core.c
> > index 3eb018fa1a1f..c3362ddd6c4c 100644
> > --- a/arch/arm/probes/kprobes/core.c
> > +++ b/arch/arm/probes/kprobes/core.c
> > @@ -270,6 +270,7 @@ void __kprobes kprobe_handler(struct pt_regs *regs)
> > switch (kcb->kprobe_status) {
> > case KPROBE_HIT_ACTIVE:
> > case KPROBE_HIT_SSDONE:
> > + case KPROBE_HIT_SS:
> > /* A pre- or post-handler probe got us here. */
> > kprobes_inc_nmissed_count(p);
> > save_previous_kprobe(kcb);
> > @@ -278,6 +279,11 @@ void __kprobes kprobe_handler(struct pt_regs *regs)
> > singlestep(p, regs, kcb);
> > restore_previous_kprobe(kcb);
> > break;
> > + case KPROBE_REENTER:
> > + /* A nested probe was hit in FIQ, it is a BUG */
> > + pr_warn("Unrecoverable kprobe detected at %p.\n",
> > + p->addr);
> > + /* fall through */
> > default:
> > /* impossible cases */
> > BUG();
> > --
> > 2.12.3
> >
Also queued up to 4.4.y as well.
thanks,
greg k-h