lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <863e9df20806030827n41942f28i30fe3d45b10df6ae@mail.gmail.com>
Date:	Tue, 3 Jun 2008 20:57:05 +0530
From:	"Abhishek Sagar" <sagar.abhishek@...il.com>
To:	"Steven Rostedt" <rostedt@...dmis.org>
Cc:	"Ingo Molnar" <mingo@...e.hu>,
	"Thomas Gleixner" <tglx@...utronix.de>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 0/3][RFC] ftrace: track dynamic ftrace update failures

On Tue, Jun 3, 2008 at 6:30 PM, Steven Rostedt <rostedt@...dmis.org> wrote:
> Can we add an API to kprobes or perhaps a way to register code
> modification in ftrace, that ftrace can ignore? Let the two know about
> each other, but in a way that they dont need to know the internals of one
> another.

There's a get_kprobe() already which can tell if an address's kprobed
or not. But still doesn't stop kprobe from forcing change on mcount
sites and fooling ftrace like mentioned previously. The
problem with maintaining a blacklist sort of thing for kprobed mcount
sites may also be an
overkill since it can permanently make that function un-ftraceable.

One kprobe specific measure can be to provide notifiers in
[un]register_kprobe(). Ftrace can
listen on register event to temporarily disable tracing of the
corresponding function by forcing
a NOP at the mcount site just before a kprobe is placed on it, if it's
already recorded/enabled.
The tracing can be enabled back when the corresponding unregister
event is received. Worth a
shot?

--
Regards,
Abhishek Sagar
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ