Received: by 2002:ac0:e350:0:0:0:0:0 with SMTP id g16csp2424313imn; Tue, 2 Aug 2022 02:12:21 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tuua9xDKfziBHccx+2yFPqMqWLf59b4KRnB0pwJuv/mgRlkqA2SjaIoLPGJTuif0eiPORt X-Received: by 2002:a63:4644:0:b0:41b:6476:1f0f with SMTP id v4-20020a634644000000b0041b64761f0fmr15805427pgk.489.1659431541631; Tue, 02 Aug 2022 02:12:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1659431541; cv=none; d=google.com; s=arc-20160816; b=CxtmEn8q9CJ2a21+0bB1scyaG+RWyTGCQ02QgfG2vNgEtpECtC7zc3hV3VnEiffigJ 5Bn5aDShSzWjFalH7Hw81W4cO0EZQVdnKcWiwIWHlxoFUiDEoaLVSxS95JDwGMKotqZ9 Ikp160F3RRGTvtK5upkezX+rX1xa8QrIrs+q1UJZqQmuJUSc//Sv77/vplYYR9GaWSn3 TPWzKGXQD0KqZuBtBWuiUbfIP7RCEuj2LuGASo4U2CUk3VVEI4cDtwAPaRSU9/CiDkjX nSM67LYJSQTj+idvlY6XdTmQL4tJUirb2/sdKlVxvqxFS7MAPnnBzHKqkT5vm4xAEEN5 0wfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:date:from:dkim-signature; bh=V8gYa+sBiTGdjjR/vK84132IAMoTr3+9+KBnD1O06nE=; b=a5VfovvN6yjCBA4kq5zPuUI1drfX+4OiwGUyIYKbeeL21HPY7SwG0lSZtG6Kr0+Xal +ADrL6bsot3Z7YoSLsmyOwo1uF9O4FiTAsB7Ytv5bQJIrN/Aw1DUjNyvw5TpXkOm0aN5 Rwgt0Dk/FPYmHBjcgX7MWzAnrpYx4v0kbMFjJmbXUesRgnigDxHA5it4dbAkGxF+4dL8 /WC8+Qd2LgqbEK0S0OD+5kFvZWxOlu+fb2vsOsvMbPnVvSX/j6z6HymuysDM+kh9qieD IzbbtTTYnVnO8EdfgCV3bUA0bqtViqs3rRpomvG9YsPHD/Z5UfjcppEqUS5Kt5fwf8dj Gt0Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=pPqkMLt4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c31-20020a634e1f000000b0040dd6d54504si14599392pgb.511.2022.08.02.02.12.04; Tue, 02 Aug 2022 02:12:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=pPqkMLt4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235988AbiHBJGg (ORCPT + 99 others); Tue, 2 Aug 2022 05:06:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231571AbiHBJGe (ORCPT ); Tue, 2 Aug 2022 05:06:34 -0400 Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 020E11F2F3; Tue, 2 Aug 2022 02:06:33 -0700 (PDT) Received: by mail-ej1-x62f.google.com with SMTP id kb8so10237056ejc.4; Tue, 02 Aug 2022 02:06:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:date:from:from:to:cc; bh=V8gYa+sBiTGdjjR/vK84132IAMoTr3+9+KBnD1O06nE=; b=pPqkMLt43zhJxSYfeIBgY5x7VroKNnvMivbgPS58Bv1VAJ65jaRyYyT1v88VdMmhaJ p4GvrNO50B3ZFbzCW+vugW75ZTEw1+oCtb41mqo4yP9yFQfSUcK91y52wzE35AyIsSf3 G72lYCESRznPDaP1ZjW5SursV/nIBAk8V5850ZONvT5W3PmPEg6burgMgK6jdGR5mhVu RVgiBvPACIsKAs1QzfgncfsSJ9e3Dhb1REMRDTO3GvHCmXertG5zjwrr9YLcAJN4+DWs NlfvvADpRf16ePfQcOaFC5WZqql1DmiqIAZBB96l9dDi/VCzNvz0ppROMKeLI4IWUuJX OFsg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:date:from:x-gm-message-state:from:to:cc; bh=V8gYa+sBiTGdjjR/vK84132IAMoTr3+9+KBnD1O06nE=; b=vNsypET/E7pnBncWcm/88AJod9C4b9H0qiCu/0oDtrsvDUmr5u893JYCMvv5KvG9Hc uADGkzCvb6gRsHmqKPewQSDqZQfl8N82mnCF5YfST7sy0v2N1Ofd27rRnHEkz9CDtw/v SzkIvwF1C4pc1oyrZMBwEj8byvFePVSmsdQxFV+G4sLdvkkQjaA3EN0R5KJdfPgr3mhQ ig4u4anCA6Pje0r5Z7xlpi6aLNM3Zcj0o95Dmx/icSoTiocNrRJQ66aNbW348lNSvcI1 a2c4Jqg4BuoyRQEcru9pR5KlRG3rJA3rZubz1xxIaH+rN5+r+fHzKFXiBqdyNIPLCRc2 HRpA== X-Gm-Message-State: AJIora8BpwrpTMqw9YKYHCaux6d4nDygHxNvDKDzqg+Tpt/tADIlOoK2 W4dmaXXe+L9x1q56n0mtiI0= X-Received: by 2002:a17:906:6c82:b0:709:f868:97f6 with SMTP id s2-20020a1709066c8200b00709f86897f6mr15071129ejr.555.1659431191492; Tue, 02 Aug 2022 02:06:31 -0700 (PDT) Received: from krava ([83.240.61.12]) by smtp.gmail.com with ESMTPSA id i26-20020a50fc1a000000b0043cf1c6bb10sm7926070edr.25.2022.08.02.02.06.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Aug 2022 02:06:31 -0700 (PDT) From: Jiri Olsa X-Google-Original-From: Jiri Olsa Date: Tue, 2 Aug 2022 11:06:29 +0200 To: Steven Rostedt Cc: Jiri Olsa , Chen Zhongjin , linux-kernel@vger.kernel.org, bpf@vger.kernel.org, naveen.n.rao@linux.ibm.com, anil.s.keshavamurthy@intel.com, davem@davemloft.net, mhiramat@kernel.org, peterz@infradead.org, mingo@kernel.org, ast@kernel.org, daniel@iogearbox.net Subject: Re: [PATCH v3] kprobes: Forbid probing on trampoline and bpf prog Message-ID: References: <20220801033719.228248-1-chenzhongjin@huawei.com> <20220801165146.26fdeca2@gandalf.local.home> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220801165146.26fdeca2@gandalf.local.home> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Aug 01, 2022 at 04:51:46PM -0400, Steven Rostedt wrote: > On Mon, 1 Aug 2022 22:41:19 +0200 > Jiri Olsa wrote: > > > LGTM cc-ing Steven because it affects ftrace as well > > Thanks for the Cc, but I don't quite see how it affects ftrace. > > Unless you are just saying how it can affect kprobe_events? nope, I just saw the 'ftrace' in changelog ;-) anyway the patch makes check_kprobe_address_safe to fail on ftrace trampoline address.. but not sure you could make kprobe on ftrace trampoline before, probably not jirka > > -- Steve > > > > > > jirka > > > > > > > > v1 -> v2: > > > Check core_kernel_text and is_module_text_address rather than > > > only kprobe_insn. > > > Also fix title and commit message for this. See old patch at [1]. > > > --- > > > kernel/kprobes.c | 3 ++- > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > diff --git a/kernel/kprobes.c b/kernel/kprobes.c > > > index f214f8c088ed..80697e5e03e4 100644 > > > --- a/kernel/kprobes.c > > > +++ b/kernel/kprobes.c > > > @@ -1560,7 +1560,8 @@ static int check_kprobe_address_safe(struct kprobe *p, > > > preempt_disable(); > > > > > > /* Ensure it is not in reserved area nor out of text */ > > > - if (!kernel_text_address((unsigned long) p->addr) || > > > + if (!(core_kernel_text((unsigned long) p->addr) || > > > + is_module_text_address((unsigned long) p->addr)) || > > > within_kprobe_blacklist((unsigned long) p->addr) || > > > jump_label_text_reserved(p->addr, p->addr) || > > > static_call_text_reserved(p->addr, p->addr) || > > > -- > > > 2.17.1 > > > >