Received: by 2002:a05:6a10:6006:0:0:0:0 with SMTP id w6csp1250038pxa; Fri, 28 Aug 2020 07:46:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxIBU86C0jtQBH6V6bfv9IhAbrCBHNvfUw2Cf+IzO77r2OAxiiBgCTRds2ufRD6nCLkPKgo X-Received: by 2002:a17:906:cb86:: with SMTP id mf6mr2285783ejb.415.1598626006774; Fri, 28 Aug 2020 07:46:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598626006; cv=none; d=google.com; s=arc-20160816; b=v0Z96+WaFqjDtoWN8/O0rfbVDmGIYnMiwf/jP7CEhh76h8u8pZvxnNW0VgQVYyCtmf /1yb7dz0Sm/cYipg4yWRKbepzCeQKTAg2WYepeIQ9owSjhjaga9JYldhFFyLRq7+vnG1 nQYIpK/LT+HCDDnNpWfTSlRnfob9Oh9TFUmMqZqZTNalujbv7WF+IgB+K/lOunkR3RIa K0UGZU8+1NM3GiNmhqilHEk7IqunouBwzLk4egPJrNPbNbAX+Yht050XEK3nRaF+tja7 LVSy9lC9BD7yUorSEFpMio3pAG0QK1kyu+C9FRE79a8MIFuBC5uKD21XiPPFCYpYFBlV i6Hw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=Uo5UCPXycftBS028IocdkCT3EguJ9vbrvCh3hJtkDWo=; b=cqnkU17w175RLmTiaV6bMib/lSslwqkGA9i3xKibTJ57My1MYJLWEeGVihzsVZwW1/ Yn10f/IZIhDWJ+AR7aX9LTA20eiTINx1Ygsqup+UPEB0dtoKftQ5i3dwHDAChiAGXUl2 pg53RYYfXPqeG9jDZTVaPc9hERamgN9STCtuL1b3/GLTUv7wSHU+G7Wro6uFSgZK7oFM LJMb7+mhxbvBB6J+7+8B3EiReD1lp3dKbfVLCzXOWp4cgU1dUzHGVdRwDnwuZxfI5rEW DsTaDMz1j4Nz1/zpGV0zlD6YrCTfY2bmsRjw8hETCaIUef5vg60tB92Dj7OvAUD4xb5q UaeA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=a4nxuEPF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cz8si751941edb.455.2020.08.28.07.46.24; Fri, 28 Aug 2020 07:46:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=a4nxuEPF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728009AbgH1One (ORCPT + 99 others); Fri, 28 Aug 2020 10:43:34 -0400 Received: from mail.kernel.org ([198.145.29.99]:48672 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727912AbgH1Olc (ORCPT ); Fri, 28 Aug 2020 10:41:32 -0400 Received: from devnote2 (NE2965lan1.rev.em-net.ne.jp [210.141.244.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B15B020757; Fri, 28 Aug 2020 14:41:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1598625687; bh=MApO7IXUAC6FNjyRIIj5d7nxPW2xAsj7WUutz95Xyqg=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=a4nxuEPFYWe+mitbJg8k/3/xHYjWwm7zcHFWaceJ8o+6JQbMJAw1fxA8m9xacqKtT IQ82vAR3yWmOwMtfcdGMO7aVHEYhZL/0KofUjreowr1fZMqKcvoofRvtVIe4Z2G4ZZ FJ267yddp/UCr2FVdAvkh/+R3B0vdpwCAi4L3abk= Date: Fri, 28 Aug 2020 23:41:23 +0900 From: Masami Hiramatsu To: peterz@infradead.org Cc: "Eddy_Wu@trendmicro.com" , Masami Hiramatsu , "linux-kernel@vger.kernel.org" , "x86@kernel.org" , "davem@davemloft.net" , "rostedt@goodmis.org" , "naveen.n.rao@linux.ibm.com" , "anil.s.keshavamurthy@intel.com" , "linux-arch@vger.kernel.org" , "cameron@moodycamel.com" , "oleg@redhat.com" , "will@kernel.org" , "paulmck@kernel.org" Subject: Re: [RFC][PATCH 3/7] kprobes: Remove kretprobe hash Message-Id: <20200828234123.f033d15e4d345c03eef97e88@kernel.org> In-Reply-To: <20200828141917.GE1362448@hirez.programming.kicks-ass.net> References: <20200827161237.889877377@infradead.org> <20200827161754.359432340@infradead.org> <7df0a1af432040d9908517661c32dc34@trendmicro.com> <20200828225113.9541a5f67a3bcb17c4ce930c@kernel.org> <23d43cfb12c54a1fbc766ea313ecb5a6@trendmicro.com> <20200828141917.GE1362448@hirez.programming.kicks-ass.net> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 28 Aug 2020 16:19:17 +0200 peterz@infradead.org wrote: > On Fri, Aug 28, 2020 at 02:11:18PM +0000, Eddy_Wu@trendmicro.com wrote: > > > From: Masami Hiramatsu > > > > > > OK, schedule function will be the key. I guess the senario is.. > > > > > > 1) kretporbe replace the return address with kretprobe_trampoline on task1's kernel stack > > > 2) the task1 forks task2 before returning to the kretprobe_trampoline > > > 3) while copying the process with the kernel stack, task2->kretprobe_instances.first = NULL > > > > I think new process created by fork/clone uses a brand new kernel > > stack? I thought only user stack are copied. Otherwise any process > > launch should crash in the same way > > I was under the same impression, we create a brand new stack-frame for > the new task, this 'fake' frame we can schedule into. > > It either points to ret_from_fork() for new user tasks, or > kthread_frame_init() for kernel threads. Ah sorry, then it's my misreading... anyway, I could reproduce the crash with probing on schedule(). Hmm, it is better to dump the current comm with BUG(). Thank you, -- Masami Hiramatsu