2024-01-10 21:01:31

by Mathieu Desnoyers

[permalink] [raw]
Subject: [RELEASE] LTTng-modules 2.12.15 and 2.13.11 (Linux kernel tracer)

The LTTng modules provide Linux kernel tracing capability to the LTTng
tracer toolset.

* New and noteworthy in these releases:

Newer Linux kernels (v6.6 and v6.7) are now supported by LTTng modules
2.13.11. If you need support for recent kernels (v5.18+), you will
need to upgrade to a recent LTTng-modules 2.13.x.

The "prio" context has been fixed in 2.13.11 to eliminate a crash
triggered by calling a NULL pointer address when using the "prio"
context (lttng add-context -k -t prio). This issue was introduced
when refactoring the prio context code during the 2.13 development.
The missing initialization was re-introduced, and the use of the kernel
"task_prio()" symbol was entirely replaced by inlining a copy of this
trivial function into lttng-modules instead.

The "built-in.sh" script which can be used to add a link to lttng-modules
within a kernel source tree to built LTTng into a Linux kernel image
has been updated to adapt to changes introduced in Linux v6.1.

A work-around to ensure that LTTng-modules works fine on CPUs and kernels
with IBT support enabled has been integrated:

When the Intel IBT feature is enabled, a CPU supporting this feature
validates that all indirect jumps/calls land on an ENDBR64 instruction.

The kernel seals functions which are not meant to be called indirectly,
which means that calling functions indirectly from their address fetched
using kallsyms or kprobes trigger a crash.

Use the MSR_IA32_S_CET CET_ENDBR_EN MSR bit to temporarily disable ENDBR
validation around indirect calls to kernel functions. Considering that
the main purpose of this feature is to prevent ROP-style attacks,
disabling the ENDBR validation temporarily around the call from a kernel
module does not affect the ROP protection.


Both 2.13.11 and 2.12.15:

- Fix an issue with importing VFS namespace for Android kernels.

- Fix build for RHEL 8.8 with linux 4.18.0-477.10.1+

- Fix a hardening OOPS during validation of immediate strings in the bytecode
validator when CONFIG_UBSAN_BOUNDS and/or CONFIG_FORTIFY_SOURCE are
configured. It boils down to changing 0-len arrays to flexible arrays
to let the toolchain know about our intent.

- Add Ubuntu Kinetic kernel ranges for jbd2 instrumentation.

Project website: https://lttng.org
Documentation: https://lttng.org/docs
Download link: https://lttng.org/download

Detailed change logs:

2024-01-10 (National Houseplant Appreciation Day) LTTng modules 2.13.11
* Fix: Include linux/sched/rt.h for kernels v3.9 to v3.14
* Fix: Disable IBT around indirect function calls
* Inline implementation of task_prio()
* Fix: prio context NULL pointer exception
* Fix: MODULE_IMPORT_NS is introduced in kernel 5.4
* Android: Import VFS namespace for android common kernel
* Fix: get_file_rcu is missing in kernels < 4.1
* fix: lookup_fd_rcu replaced by lookup_fdget_rcu in linux 6.7.0-rc1
* fix: mm, vmscan signatures changed in linux 6.7.0-rc1
* fix: phys_proc_id and cpu_core_id moved in linux 6.7.0-rc1
* Fix build for RHEL 8.8 with linux 4.18.0-477.10.1+
* Fix: bytecode validator: oops during validation of immediate string
* fix: lttng-probe-kvm-x86-mmu build with linux 6.6
* fix: built-in lttng with kernel >= v6.1
* fix: ubuntu kinetic kernel range for jdb2

2024-01-10 (National Houseplant Appreciation Day) 2.12.15
* Fix: MODULE_IMPORT_NS is introduced in kernel 5.4
* Android: Import VFS namespace for android common kernel
* Fix build for RHEL 8.8 with linux 4.18.0-477.10.1+
* Fix: bytecode validator: oops during validation of immediate string
* fix: ubuntu kinetic kernel range for jdb2

--
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com