Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp5495944rwb; Wed, 17 Aug 2022 19:41:28 -0700 (PDT) X-Google-Smtp-Source: AA6agR4PfGJAeRdzc3qRzaSLSNzwhSdOIMB3p1e8+/ANtkzcclU4GUUa/jmXyXOGtBbdWHoLH12I X-Received: by 2002:a17:906:730d:b0:731:145c:add3 with SMTP id di13-20020a170906730d00b00731145cadd3mr515670ejc.424.1660790488701; Wed, 17 Aug 2022 19:41:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660790488; cv=none; d=google.com; s=arc-20160816; b=t9WrtDyZ1CGkW4bIeBg8D5MrK8R45zvhg7citDaPs0GRvDfds2nUwkTLgRzEqSrAf6 P6Fv009J/utAkrm4Tr6cukaBa+KTB7l7zF0gzBVBQaNVzJ7C4DCgCqoTj5QaxFMAqqZX 082ZAvjEZo5j3vigZ2cmhSVi9vYslnziTWHTs5F+V3tsLX5yMYdLqAmNnQ4s+Z9IO4SL eB9hAvCJHVTHj+cPnMNBNLLzskpgSW7+2ukFc3Mdi0XxstivtUQlk4+7J9F1Ko3VoyPQ r3fgF3wWPrFqXycaP2tk+N+DjtFty1/7kx9dPyR1PS1SrSyT00Qci/LooZ09vM5LNyIF /dVw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=6VieK5Tz+JTPiUDA9rhDLrY51OESKmbIPVQ2GOc3gLk=; b=Qe1qrS2o8nn0oJQhZgBiZ6txqLiZGwxpHqA+AZDTXeZRUmwTD3MvXfaWSiA23oXwmI fypAJnshaAUPVOZdrWNF5XWMPGfYGTRuC5hyYjLU93BkTkPHGyc0xK0FWkEvVpSz7R7U Uk98N+MWplOvhg/sUR/w+4MVTPVfNuIog7xavFtV7vZKyEnsaWOJ8oUTqa+UbOMh7/bP 1EhEwtHVv12T/8yqYDHLb3r+QQg+JHEnaSfguCGIB49ioemFR1OWeC8zOUWs+qycZNP6 pjHOW/4Id97KhYtX76sJOxz0AjYuUF7JkNKuH8rdqZ0017mYtkVaUa9RJoS5+48t750C uyuQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c16-20020a50d650000000b00445ef5c7240si309329edj.519.2022.08.17.19.41.01; Wed, 17 Aug 2022 19:41:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242764AbiHRCcX (ORCPT + 99 others); Wed, 17 Aug 2022 22:32:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233588AbiHRCcW (ORCPT ); Wed, 17 Aug 2022 22:32:22 -0400 Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 838A880516 for ; Wed, 17 Aug 2022 19:32:20 -0700 (PDT) Received: from dggemv703-chm.china.huawei.com (unknown [172.30.72.55]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4M7TPV00KfzmVqL; Thu, 18 Aug 2022 10:30:05 +0800 (CST) Received: from kwepemm600003.china.huawei.com (7.193.23.202) by dggemv703-chm.china.huawei.com (10.3.19.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Thu, 18 Aug 2022 10:32:18 +0800 Received: from [10.67.111.205] (10.67.111.205) by kwepemm600003.china.huawei.com (7.193.23.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Thu, 18 Aug 2022 10:32:17 +0800 Subject: Re: [PATCH] ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead To: Steven Rostedt CC: , References: <20220804021610.209791-1-yangjihong1@huawei.com> <20220817104115.0ec6b90b@gandalf.local.home> <20220817221422.295db316@gandalf.local.home> From: Yang Jihong Message-ID: <472bdcc7-c35c-0306-5642-3eaf9061909d@huawei.com> Date: Thu, 18 Aug 2022 10:32:17 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <20220817221422.295db316@gandalf.local.home> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.67.111.205] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To kwepemm600003.china.huawei.com (7.193.23.202) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, On 2022/8/18 10:14, Steven Rostedt wrote: > On Thu, 18 Aug 2022 09:50:40 +0800 > Yang Jihong wrote: > >> Thanks for the detailed explanation. >> If panic_on_warn is not set, FTRACE_WARN_ON{_ONCE} only sets >> ftrace_disabled, but will not reboot. > > Correct. But whenever there's a WARN_ON() the administrator of the machine > should think about rebooting it ASAP. That's because all WARN_ON()s are > suppose to only happen when the system does something that was not > expected, putting it into an inconsistent state. And could be a dangerous > one. This is why all WARN_ON()s that are triggered are considered bugs and > must be fixed. > > >> I think this is to limit the problem to ftrace itself and not spread to >> other subsystems(I don't know if that's right. If it's not right, please >> correct it). > > Yes, the ftrace_disable means that ftrace just found itself in a situation > that it does not understand, and nothing can be trusted. As ftrace modifies > kernel code, it basically stops everything and WARNs about it. Because > anything else it does can make things worse. > >> Because is_ftrace_trampoline is a common and public interface (This >> interface is called in many places in the kernel). >> If is_ftrace_trampoline interface is not restricted (for example, just >> return true if ftrace_disabled is set), the preceding Syzkaller scenario >> may be triggered when this interface is called. > > If ftrace_disabled is set, then any operations should fail, and any tests > should fail with it. > >> >> Therefore, my idea is to restrict the is_ftrace_trampoline or roll back >> _unregister_ftrace_function when ftrace_disabled is set, so that the >> interface can be invoked normally. Or keep the current code and do not >> modify. > > Once ftrace_disabled is set, none of its interfaces should perform > normally. > > But you reported that you could hit a NULL pointer from the > is_ftrace_trampoline() which was caused by the failure adding the dynamic > trampoline, and then the ops is on the list but later freed. > > My suggestion above is to just call _unregister_ftrace_function(ops) to > take it off the list and prevent the NULL pointer. > > Doesn't that fix the bug? > > I don't want to totally roll it back and free the trampoline, because those > actions could cause further damage, depending on the failed state ftrace is > in. OK, I understand, and will be modified in this way in next version. Thanks, Yang