| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 24 Apr 2014 20:24:08 +0900
From: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
To: Ingo Molnar <mingo@...nel.org>
Cc: linux-kernel@...r.kernel.org,
Rusty Russell <rusty@...tcorp.com.au>,
Andi Kleen <andi@...stfloor.org>,
Ananth N Mavinakayanahalli <ananth@...ibm.com>,
Sandeepa Prabhu <sandeepa.prabhu@...aro.org>,
Frederic Weisbecker <fweisbec@...il.com>, x86@...nel.org,
Steven Rostedt <rostedt@...dmis.org>, fche@...hat.com,
mingo@...hat.com, Rob Landley <rob@...dley.net>,
"H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
"David S. Miller" <davem@...emloft.net>, systemtap@...rceware.org
Subject: Re: [PATCH -tip v9 20/26] kprobes: Support blacklist functions in
module
(2014/04/24 17:56), Ingo Molnar wrote:
>> diff --git a/include/linux/module.h b/include/linux/module.h
>> index f520a76..2fdb673 100644
>> --- a/include/linux/module.h
>> +++ b/include/linux/module.h
>> @@ -16,6 +16,7 @@
>> #include <linux/kobject.h>
>> #include <linux/moduleparam.h>
>> #include <linux/jump_label.h>
>> +#include <linux/kprobes.h>
>
> This include breaks the x86 build:
>
> CC arch/x86/kernel/jump_label.o
> In file included from arch/x86/kernel/jump_label.c:14:0:
> /fast/mingo/tip/arch/x86/include/asm/kprobes.h:35:12: error: conflicting types for ‘kprobe_opcode_t' typedef u8 kprobe_opcode_t;
> [...]
Hmm, this error seems very odd... and I don't see
>
> But the #include kprobes.h is unnecessary to begin with, as no kprobe
> specific types are used.
OK, anyway I'll remove that.
>
>> #include <linux/export.h>
>>
>> #include <linux/percpu.h>
>> @@ -357,6 +358,10 @@ struct module {
>> unsigned int num_ftrace_callsites;
>> unsigned long *ftrace_callsites;
>> #endif
>> +#ifdef CONFIG_KPROBES
>> + unsigned int num_kprobe_blacklist;
>> + unsigned long *kprobe_blacklist;
>> +#endif
>
> There's a small coding style problem here.
>
> More importantly, I think more should be done to make sure that module
> symbols are marked properly: since the module is going to register the
> kprobes handler, that would be a perfect place to emit a warning,
> right?
>
> In fact, why don't kprobe handlers get added to the exclusion list
> explicitly, when the handler gets registered? With such an approach
> handlers are automatically nokprobe and don't need any annotation -
> which is a far more robust usage model.
Ah, I see. That is because there are some local functions called only
from the kprobe handlers. It is easy to blacklist the kprobe handlers
itself, but not for the functions which are only called from them. :(
So, I can add a patch which automatically add handler functions to
blacklist. But that is another story. I think this patch is also
required.
Thank you,
>
> So I'm skipping this patch and the next one that makes use of it.
>
> Thanks,
>
> Ingo
>
--
Masami HIRAMATSU
Software Platform Research Dept. Linux Technology Research Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@...achi.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists