| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Dec 2013 11:12:26 +0900 From: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com> To: Ingo Molnar <mingo@...nel.org> Cc: Ananth N Mavinakayanahalli <ananth@...ibm.com>, Sandeepa Prabhu <sandeepa.prabhu@...aro.org>, x86@...nel.org, lkml <linux-kernel@...r.kernel.org>, "Steven Rostedt (Red Hat)" <rostedt@...dmis.org>, systemtap@...rceware.org, "David S. Miller" <davem@...emloft.net> Subject: Re: [PATCH -tip v4 0/6] kprobes: introduce NOKPROBE_SYMBOL() and fixes crash bugs (2013/12/11 0:28), Ingo Molnar wrote: > > * Masami Hiramatsu <masami.hiramatsu.pt@...achi.com> wrote: > >> (2013/12/05 19:21), Ingo Molnar wrote: >>> >>> * Masami Hiramatsu <masami.hiramatsu.pt@...achi.com> wrote: >>> >>>>> So we need both a maintainable and a sane/safe solution, and I'd >>>>> like to apply the whole thing at once and be at ease that the >>>>> solution is round. We should have done this years ago. >>>> >>>> For the safeness of kprobes, I have an idea; introduce a whitelist >>>> for dynamic events. AFAICS, the biggest unstable issue of kprobes >>>> comes from putting *many* probes on the functions called from >>>> tracers. >>> >>> If the number of 'noprobe' annotations is expected to explode then >>> maybe another approach should be considered. >> >> No, since this is a "quantitative" issue, the annotation helps us. Sorry for confusion, it should be "the annotation helps us to solves only for qualitative issue". It's my miss... >>> For example in perf we detect recursion. Could kprobes do that and >>> detect hitting a probe while running kprobes code, and ignore it [do >>> an early return]? >> >> Yes, the kprobe itself already has recursion detector and it rejects >> calling handler. > > So why are annotations needed at all? What can happen if an annotation > is missing and a piece of code is probed which is also used by the > kprobes code internally - do we crash, lock up, misbehave or handle it > safely? The kprobe has recursion detector, but it is detected in the kprobe exception(int3) handler, this means that if we put a probe before detecting the recursion, we'll do an infinite recursion. And also, even if we can detect the recursion, we can't stop the kernel, we need to skip the probe. This means that we need to recover to the main execution path by doing single step. As you may know, since the single stepping involves the debug exception, we have to avoid proving on that path too. Or we'll have an infinite recursion again. This is the basic reason why the __kprobes annotation is introduced. Thank you, -- Masami HIRAMATSU IT Management Research Dept. Linux Technology Center Hitachi, Ltd., Yokohama Research Laboratory E-mail: masami.hiramatsu.pt@...achi.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists