| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Jan 2011 18:12:29 +0100 From: Peter Zijlstra <peterz@...radead.org> To: Srikar Dronamraju <srikar@...ux.vnet.ibm.com> Cc: Ingo Molnar <mingo@...e.hu>, Steven Rostedt <rostedt@...dmis.org>, Linux-mm <linux-mm@...ck.org>, Arnaldo Carvalho de Melo <acme@...radead.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Ananth N Mavinakayanahalli <ananth@...ibm.com>, Christoph Hellwig <hch@...radead.org>, Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>, Oleg Nesterov <oleg@...hat.com>, Andrew Morton <akpm@...ux-foundation.org>, SystemTap <systemtap@...rces.redhat.com>, Jim Keniston <jkenisto@...ux.vnet.ibm.com>, Frederic Weisbecker <fweisbec@...il.com>, Andi Kleen <andi@...stfloor.org>, LKML <linux-kernel@...r.kernel.org>, "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> Subject: Re: [RFC] [PATCH 2.6.37-rc5-tip 5/20] 5: Uprobes: register/unregister probes. On Wed, 2011-01-26 at 22:26 +0530, Srikar Dronamraju wrote: > > - lookup the vma relating to the address you stored, > > We already do this thro get_user_pages in write_opcode(). Ah, I didn't read that far.. > > - validate that the vma is indeed a map of the right inode > > We can add a check in write_opcode( we need to pass the inode to > write_opcode). sure.. > > - validate that the offset of the probe corresponds with the stored > > address > > I am not clear on this. We would have derived the address from the > offset. So is that we check for > (vaddr == vma->vm_start + uprobe->offset) Sure, but the vma might have changed since you computed the offset -) > > > > Otherwise you can race with unmap/map and end up installing the probe in > > a random location. > > > > Also, I think the whole thing goes funny if someone maps the same text > > twice ;-) > > I am not sure if we can map the same text twice. If something like > this is possible then we would have 2 addresses for each function. > So how does the linker know which address to jump to out of the 2 or > multiple matching addresses. What would be the usecases for same > text being mapped multiple times and both being executable? You can, if only to wreck your thing, you can call mmap() as often as you like (until your virtual memory space runs out) and get many many mapping of the same file. It doesn't need to make sense to the linker, all it needs to do is confuse your code ;-) -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists