lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 26 Aug 2009 08:46:47 +0200
From:	Peter Zijlstra <peterz@...radead.org>
To:	Li Zefan <lizf@...fujitsu.com>
Cc:	Ingo Molnar <mingo@...e.hu>, Steven Rostedt <rostedt@...dmis.org>,
	Frederic Weisbecker <fweisbec@...il.com>,
	LKML <linux-kernel@...r.kernel.org>,
	Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca>
Subject: Re: [PATCH] tracing/profile: Fix profile_disable vs module_unload

On Wed, 2009-08-26 at 14:18 +0800, Li Zefan wrote:
> CC: Mathieu
> 
> Peter Zijlstra wrote:
> > On Tue, 2009-08-25 at 12:47 +0200, Peter Zijlstra wrote:
> >> On Tue, 2009-08-25 at 12:39 +0200, Ingo Molnar wrote:
> >>
> >>>> Do you really wish to burden every tracepoint user with the extra 
> >>>> logic needed to deal with modules?
> >>> Not necessarily - i'm just outlining why i think that the 'dont 
> >>> allow subsystems to utilize tracepoint callbacks' is a restriction 
> >>> we should not live with voluntarily.
> >> Well, unless someone has a bright idea that's what it comes down to. 
> > 
> > OK, I still think modules probing their own tracepoints its stupid [*],
> > but what you could do is iterate the tracepoint's callback list and see
> > if it has a callback outside of the module code section and then fail
> > the unload.
> > 
> 
> I don't think this can work, what if a new callback is registered after
> this check? Seems there's no syncronization to guarantee the result of
> the check can remain valid during module unload.

If that race can be solved using refcounts it can be solved another way
too.

> And the other proposal that bumping module refcnt in register_tracepoint_xxx(),
> I found it hard to do so, because register() won't know where the
> tracepoint is. For example:
> 
>    register_tracepoint_foo() is in module bar, while
>    DEFINE_TRACE(foo) and trace_foo() is in module foo.

You have that call->mod pointer, right? Once you're in the register bit
you should have access to the owning module, which can tell you if the
to be registered callback is part of that same module.

> Note, you're allowed to load bar without foo.
> 
> The simplest fix is the patch I sent, which you don't like. Maybe
> Mathieu, the auther of tracepoint, or some one else has some idea?

Yes, I think forcing every tracepoint consumer to know about modules is
insane.

Aahh, I see the bug, its only ftrace that knows about the module, not
tracepoints themselves, _that_ needs fixing.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ