| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Oct 2009 16:51:51 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: linux-kernel@...r.kernel.org
Cc: Ingo Molnar <mingo@...e.hu>,
Andrew Morton <akpm@...ux-foundation.org>,
Frederic Weisbecker <fweisbec@...il.com>,
Masami Hiramatsu <mhiramat@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Arnaldo Carvalho de Melo <acme@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, Li Zefan <lizf@...fujitsu.com>,
Lai Jiangshan <laijs@...fujitsu.com>,
"David S. Miller" <davem@...emloft.net>,
Stephen Hemminger <shemminger@...ux-foundation.org>
Subject: [PATCH 0/3][RFC] tracing/kprobes: prevent jprobes from crashing function graph tracer
Lately I've been testing with an allyesconfig. When I ran the function graph
tracer, it immediately crashed the kernel. Thanks to the new frame pointer
test in function graph, it reported directly what the issue was and then
panicked the kernel to prevent any unexpected damage from happening.
It pointed the error to be with jtcp_rcv_established. Which is a jprobe
function added to tcp_rcv_established at bootup when CONFIG_NET_TCPPROBE
is enabled.
Jprobes and the function graph tracer use the same mechanism to trace
the exit of a function. Unfortunately, only one can be done at a time.
The function graph tracer replaces the return address with its own handler,
but so does jprobes. The two are not compatible.
The solution I am proposing with this patch set is to add a call in
ftrace that lets other code in the kernel permanently disable functions from
being traced by the function and function graph tracer. As a probe function
is registered with jprobes, it calls this new function and that entry
will be removed from being traced.
I tested this with this patch series and it does solve the problem.
Some issues though:
1) this only works when DYNAMIC_FTRACE is enabled. We can prevent
function graph tracing with jprobes when DYNAMIC_FTRACE is not
enabled through Kconfig dependencies. Or have the registering of
a jprobe permanently disable function graph tracing.
2) This also prevents the function tracer from being able to trace a
function probe, even though the function tracer is not at issue
with this bug.
Feedback welcomed.
-- Steve
The following patches are in:
git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-2.6-trace.git
branch: rfc/trace
Steven Rostedt (3):
tracing: Clean up ftrace.h header and add ftrace_set_notrace() declaration
tracing: Add calls to permanently disable functions from tracing
tracing/kprobes: Disable tracing registered jprobe callback functions
----
include/linux/ftrace.h | 26 +++++++--
kernel/kprobes.c | 4 +
kernel/trace/ftrace.c | 147 +++++++++++++++++++++++++++++++++++++++++-------
3 files changed, 150 insertions(+), 27 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists