| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Jan 2011 15:31:57 +0530 From: Srikar Dronamraju <srikar@...ux.vnet.ibm.com> To: Peter Zijlstra <peterz@...radead.org> Cc: Ingo Molnar <mingo@...e.hu>, Steven Rostedt <rostedt@...dmis.org>, Linux-mm <linux-mm@...ck.org>, Arnaldo Carvalho de Melo <acme@...radead.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Ananth N Mavinakayanahalli <ananth@...ibm.com>, Christoph Hellwig <hch@...radead.org>, Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>, Oleg Nesterov <oleg@...hat.com>, Andrew Morton <akpm@...ux-foundation.org>, SystemTap <systemtap@...rces.redhat.com>, Jim Keniston <jkenisto@...ux.vnet.ibm.com>, Frederic Weisbecker <fweisbec@...il.com>, Andi Kleen <andi@...stfloor.org>, LKML <linux-kernel@...r.kernel.org>, "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> Subject: Re: [RFC] [PATCH 2.6.37-rc5-tip 5/20] 5: Uprobes: register/unregister probes. * Peter Zijlstra <peterz@...radead.org> [2011-01-26 18:12:29]: > On Wed, 2011-01-26 at 22:26 +0530, Srikar Dronamraju wrote: > > > > - lookup the vma relating to the address you stored, > > > > We already do this thro get_user_pages in write_opcode(). > > Ah, I didn't read that far.. > > > > - validate that the vma is indeed a map of the right inode > > > > We can add a check in write_opcode( we need to pass the inode to > > write_opcode). > > sure.. > > > > - validate that the offset of the probe corresponds with the stored > > > address > > > > I am not clear on this. We would have derived the address from the > > offset. So is that we check for > > (vaddr == vma->vm_start + uprobe->offset) > > Sure, but the vma might have changed since you computed the offset -) If the vma has changed then it would fail the 2nd validation i.e vma corresponds to the uprobe inode right. If the vma was unmapped and mapped back at the same place, then I guess we are okay to probe. > > > > > > > Otherwise you can race with unmap/map and end up installing the probe in > > > a random location. > > > > > > Also, I think the whole thing goes funny if someone maps the same text > > > twice ;-) > > > > I am not sure if we can map the same text twice. If something like > > this is possible then we would have 2 addresses for each function. > > So how does the linker know which address to jump to out of the 2 or > > multiple matching addresses. What would be the usecases for same > > text being mapped multiple times and both being executable? > > You can, if only to wreck your thing, you can call mmap() as often as > you like (until your virtual memory space runs out) and get many many > mapping of the same file. > > It doesn't need to make sense to the linker, all it needs to do is > confuse your code ;-) Currently if there are multiple mappings of the same executable code, only one mapped area would have the breakpoint inserted. If the code were to execute from some other mapping, then it would work as if there are no probes. However if the code from the mapping that had the breakpoint executes then we would see the probes. If we want to insert breakpoints in each of the maps then we would have to extend mm->uprobes_vaddr. Do you have any other ideas to tackle this? Infact do you think we should be handling this case? -- Thanks and Regards Srikar -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists