lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 01 Jul 2011 20:13:16 +0900
From:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
To:	Steven Rostedt <rostedt@...dmis.org>
Cc:	LKML <linux-kernel@...r.kernel.org>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...e.hu>,
	Andrew Morton <akpm@...ux-foundation.org>,
	yrl.pp-manager.tt@...achi.com
Subject: Re: [RFC][PATCH] kprobes: Add separate preempt_disabling for kprobes

Hi Steve,

(2011/07/01 14:09), Masami Hiramatsu wrote:
> (2011/07/01 0:51), Steven Rostedt wrote:
>> Kprobes requires preemption to be disabled as it single steps the code
>> it replaced with a breakpoint. But because the code that is single
>> stepped could be reading the preempt count, the kprobe disabling of the
>> preempt count can cause the wrong value to end up as a result. Here's an
>> example:
>>
>> If we add a kprobe on a inc_preempt_count() call:
> 
> BTW, on my tip tree, add_preempt_count (a.k.a. inc_preempt_count())
> is marked as __kprobes, so it can not be probed. Is there any change?

Finally, I've stacked on this point. It seems that
the add_preempt_count() (or inc_preempt_count) is called somewhere
inside the do_int3 and it causes double fault and reboot.

I guess following loop could be happen,
inc_preempt_count->int3->do_int3->preempt_conditional_sti->inc_preempt_count..

I'm still investigating that. Could you tell me what the basic tree
you are working on? I'm using the latest -tip tree.

Thank you,

> 
> Anyway, I'll send the removing preempt_disable from kprobe patch.
> 
> Thank you,
> 
>>
>> 	[ preempt_count = 0 ]
>>
>> 	ld preempt_count, %eax	<<--- trap
>>
>> 		<trap>
>> 		preempt_disable();
>> 		[ preempt_count = 1]
>> 		setup_singlestep();
>> 		<trap return>
>>
>> 	[ preempt_count = 1 ]
>>
>> 	ld preempt_count, %eax
>>
>> 	[ %eax = 1 ]
>>
>> 		<trap>
>> 		post_kprobe_handler()
>> 			preempt_enable_no_resched();
>> 			[ preempt_count = 0 ]
>> 		<trap return>
>>
>> 	[ %eax = 1 ]
>>
>> 	add %eax,1
>>
>> 	[ %eax = 2 ]
>>
>> 	st %eax, preempt_count
>>
>> 	[ preempt_count = 2 ]
>>
>>
>> We just caused preempt count to increment twice when it should have only
>> incremented once, and this screws everything else up.
>>
>> To solve this, I've added a per_cpu variable called
>> kprobe_preempt_disabled, that is set by the kprobe code. If it is set,
>> the preempt_schedule() will not preempt the code.
>>
> 


-- 
Masami HIRAMATSU
Software Platform Research Dept. Linux Technology Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@...achi.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ