| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Aug 2009 08:40:05 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Li Zefan <lizf@...fujitsu.com>
Cc: Ingo Molnar <mingo@...e.hu>, Steven Rostedt <rostedt@...dmis.org>,
Frederic Weisbecker <fweisbec@...il.com>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] tracing/profile: Fix profile_disable vs module_unload
On Tue, 2009-08-25 at 14:33 +0800, Li Zefan wrote:
> >>>>>>>> If the correspoding module is unloaded before ftrace_profile_disable()
> >>>>>>>> is called, event->profile_disable() won't be called, which can
> >>>>>>>> cause oops:
> >>>>>>>>
> >>>>>>>> # insmod trace-events-sample.ko
> >>>>>>>> # perf record -f -a -e sample:foo_bar sleep 3 &
> >>>>>>>> # sleep 1
> >>>>>>>> # rmmod trace_events_sample
> >>>>>>>> # insmod trace-events-sample.ko
> >>>>>>>> OOPS!
> >>>>>>>>
> >>>>>>>> Signed-off-by: Li Zefan <lizf@...fujitsu.com>
> >>>>>>> Hrmm, feel fragile, why don't we check if all a modules tracepoints are
> >>>>>>> unused on unload?
> >>>>>>>
> >>>>>> I don't think it's fragile. We are profiling via a module's
> >>>>>> tracepoint, so we should pin the module, via module_get().
> >>>>>> If event->profile_enable() has been calld, we should make
> >>>>>> sure it's profile_disable() will be called.
> >>>>> What I call fragile is that everyone registering a tracepoint
> >>>>> callback will now apparently need to worry about modules, _that_
> >>>>> is fragile.
> >>>>>
> >>>>> Either make module unload look at tracepoint users, or place the
> >>>>> try_get_module() in the registration hooks so that regular users
> >>>>> don't need to worry about it.
> >>>> The bug found by Li needs to be fixed obviously.
> >>>>
> >>>> I tend to agree with you that this does not appear to be the best
> >>>> place to do it: so you suggest to implicitly increase the module
> >>>> refcount on callback registr instead? (and releasing it when
> >>>> unregistering)
> >>>>
> >>>> Same end result, slightly cleaner place to bump the refcount.
> >>> Yes, because the user of tracepoints should never need to care about
> >>> modules.
> >>>
> >> I'm afraid it is not feasible to bump module refcnt implicitly
> >> in tracepoint_probe_register().
> >>
> >> If a tracepoint is registered in module_init, and unregistered
> >> in module_exit (see sample/tracepoints), the module is unloadable:
> >>
> >> insmod
> >> ->call mod->init()
> >> ->trace_reg_foo()
> >> ->module_get()
> >>
> >> rmmod
> >> ->check mod refcnt
> >> ->call mod->exit()
> >> ->trace_unreg_foo()
> >> ->module_put()
> >
> > Not tracepoint_probe_{un,}register(), in {un,}register_trace_$call().
> >
>
> Is there any difference?
>
> static inline int register_trace_##name(void (*probe)(proto)) \
> { \
> int ret; \
> void (*func)(void) = reg; \
> \
> ret = tracepoint_probe_register(#name, (void *)probe); \
> if (func && !ret) \
> func(); \
> return ret; \
> }
Ah, my bad, I was thikning tracepoint_probe_register() was the thing
that registered the tracepoint itself, not the callback.
Ok, then what's the problem?, don't do modules that consume their own
tracepoints, seems simple enough.
> > Basically avoid module unload when a tracepoint from that module has
> > registered callbacks.
>
> TRACE_EVENT() won't prevent this. Instead at module unload, a module
> notifier callback will be called to unregistread those tracepoint callbacks.
Ugh, that's disgusting. That means every single tracepoint user again
needs to be aware of modules.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists