Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3320536pxj;
        Mon, 7 Jun 2021 07:54:10 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJz/X6gK/6t9op2SVn7Y8e85T6BJ2jBmOj1zmN9WTO2euNJOFHOOX6C1t1VMC1wB2c0QoH+t
X-Received: by 2002:aa7:da81:: with SMTP id q1mr20023847eds.60.1623077650344;
        Mon, 07 Jun 2021 07:54:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1623077650; cv=none;
        d=google.com; s=arc-20160816;
        b=k1p6Fu4RAdEjEOPvV/jVkbBj4Tu2RHyKlDE/n8MuDiYSWAULVrcWFguetl1tbY3iRa
         oCGJuUtQU0woGicF92wjZWSFXec/BTb55R9HNZHE87MPFTA5ykqzvHbAs1rLSrqvqvoy
         MA87y3CjwklwZ2H62RBPh/LjKkYgncPYPDy2v9nfZjG7bG1oJIvYKCU9UFiJDDeBs3eK
         mySyK/1lMsoDB7qqryh0LdVezvJYzGMrmAyVZnXku5CwjIqrvUeVcZdSvtESoy3KFPtE
         cL6ZY55mGZ4nrwuce4drwuUJWjTe/v3J/dZEdkneMkwR+riOg7CNOC82rP30PZ+dO/6V
         xn/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:subject:cc:to:from:date;
        bh=d0e3VAJV1ZfrVbQBaCdA5Oyf9e1+7rMWPzQmBdTj7O8=;
        b=sTwTVAcMXCBqlpIycraL3MVPc9L5bXHo2hndVirh5pfD5VFRfCxjzkrvLfSUZAicgV
         Z4pZfJFBGUsHD/OZcNTcL3rQUNGFZOUsw+YiCvLZ+IZ1dBJc+yt1ZV6XbH4Kwyt/wx/n
         mDdUuU/ZE3ykzHjpf4U/nkAdPdsqABDFaWQU7IpIOfnGTV90V1sqhtGOCPKL2r0egNak
         +BoCRy7ZV4KxhoJ0OrByXL1L93yx6J9S/Z6ckDNAd2YFbR3c10VYHNLxRJw9JyJaCYCR
         SqWMvyjwUqeK6enNVL8ePou3jJfCG+7IpwVJGOO6u4p8gXk9Yz2n6ikBxfFInlelub/u
         EDSA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id j5si5590761ejj.184.2021.06.07.07.53.47;
        Mon, 07 Jun 2021 07:54:10 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230242AbhFGOyN (ORCPT <rfc822;luscent@gmail.com> + 99 others);
        Mon, 7 Jun 2021 10:54:13 -0400
Received: from mail.kernel.org ([198.145.29.99]:37184 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S230254AbhFGOyL (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 7 Jun 2021 10:54:11 -0400
Received: from oasis.local.home (cpe-66-24-58-225.stny.res.rr.com [66.24.58.225])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id F368F60FE5;
        Mon,  7 Jun 2021 14:52:18 +0000 (UTC)
Date:   Mon, 7 Jun 2021 10:52:17 -0400
From:   Steven Rostedt <rostedt@goodmis.org>
To:     Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Cc:     <catalin.marinas@arm.com>, <linux-arm-kernel@lists.infradead.org>,
        <linux-kernel@vger.kernel.org>,
        <linux-mediatek@lists.infradead.org>, <matthias.bgg@gmail.com>,
        <mingo@redhat.com>, <will@kernel.org>, <yj.chiang@mediatek.com>
Subject: Re: [PATCH] arm64: ftrace: don't dereference a probably invalid
 address
Message-ID: <20210607105217.772214e5@oasis.local.home>
In-Reply-To: <20210607141522.3281-1-mark-pk.tsai@mediatek.com>
References: <20210607095518.12694437@oasis.local.home>
        <20210607141522.3281-1-mark-pk.tsai@mediatek.com>
X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.33; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, 7 Jun 2021 22:15:22 +0800
Mark-PK Tsai <mark-pk.tsai@mediatek.com> wrote:

> And the crash is becuase kernel trying to read *rec->ip in print_ip_ins() if
> ftrace_bug() get error code -EINVAL.

Right, so the actual fix should be something like this:

[ not tested, nor even compiled ]

-- Steve


diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
index 2e8a3fde7104..72ef4dccbcc4 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
@@ -1967,12 +1967,18 @@ static int ftrace_hash_ipmodify_update(struct ftrace_ops *ops,
 
 static void print_ip_ins(const char *fmt, const unsigned char *p)
 {
+	char ins[MCOUNT_INSN_SIZE];
 	int i;
 
+	if (copy_from_kernel_nofault(ins, p, MCOUNT_INSN_SIZE)) {
+		printk(KERN_CONT "%s[FAULT](%px)", fmt, p);
+		return;
+	}
+
 	printk(KERN_CONT "%s", fmt);
 
 	for (i = 0; i < MCOUNT_INSN_SIZE; i++)
-		printk(KERN_CONT "%s%02x", i ? ":" : "", p[i]);
+		printk(KERN_CONT "%s%02x", i ? ":" : "", ins[i]);
 }
 
 enum ftrace_bug_type ftrace_bug_type;