lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 19 Jun 2014 15:15:26 +0530
From:	"Suzuki K. Poulose" <suzuki@...ibm.com>
To:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
CC:	Michael Ellerman <mpe@...erman.id.au>,
	Benjamin Herrenschmidt <benh@...nel.crashing.org>,
	Tony Luck <tony.luck@...il.com>,
	Paul Mackerras <paulus@...ba.org>,
	Jeremy Fitzhardinge <jeremy@...p.org>,
	linux-ia64@...r.kernel.org, sparse@...isli.org,
	"H. Peter Anvin" <hpa@...or.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	linux-tip-commits@...r.kernel.org, anil.s.keshavamurthy@...el.com,
	Ingo Molnar <mingo@...nel.org>,
	Fenghua Yu <fenghua.yu@...el.com>,
	Arnd Bergmann <arnd@...db.de>,
	Rusty Russell <rusty@...tcorp.com.au>,
	Chris Wright <chrisw@...s-sol.org>,
	yrl.pp-manager.tt@...achi.com, akataria@...are.com,
	Tony Luck <tony.luck@...el.com>,
	Kevin Hao <haokexin@...il.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	rdunlap@...radead.org,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	dl9pf@....de, Andrew Morton <akpm@...ux-foundation.org>,
	linuxppc-dev@...ts.ozlabs.org,
	"David S. Miller" <davem@...emloft.net>
Subject: Re: [RFT PATCH -next v3] [BUGFIX] kprobes: Fix "Failed to find blacklist"
 error on ia64 and ppc64

On 06/19/2014 12:56 PM, Masami Hiramatsu wrote:
> (2014/06/19 15:40), Suzuki K. Poulose wrote:
>> On 06/19/2014 10:22 AM, Masami Hiramatsu wrote:
>>> (2014/06/19 10:30), Michael Ellerman wrote:
>>>> On Wed, 2014-06-18 at 17:46 +0900, Masami Hiramatsu wrote:
>>>>> (2014/06/18 16:56), Michael Ellerman wrote:
>>>>>> On Fri, 2014-06-06 at 15:38 +0900, Masami Hiramatsu wrote:
>>>>>>> Ping?
>>>>>>>
>>>>>>> I guess this should go to 3.16 branch, shouldn't it?
>>>>>>
>>>>>>>> diff --git a/arch/powerpc/include/asm/types.h b/arch/powerpc/include/asm/types.h
>>>>>>>> index bfb6ded..8b89d65 100644
>>>>>>>> --- a/arch/powerpc/include/asm/types.h
>>>>>>>> +++ b/arch/powerpc/include/asm/types.h
>>>>>>>> @@ -25,6 +25,17 @@ typedef struct {
>>>>>>>>  	unsigned long env;
>>>>>>>>  } func_descr_t;
>>>>>>>>  
>>>>>>>> +#if defined(CONFIG_PPC64) && (!defined(_CALL_ELF) || _CALL_ELF == 1)
>>>>>>>> +/*
>>>>>>>> + * On PPC64 ABIv1 the function pointer actually points to the
>>>>>>>> + * function's descriptor. The first entry in the descriptor is the
>>>>>>>> + * address of the function text.
>>>>>>>> + */
>>>>>>>> +#define function_entry(fn)	(((func_descr_t *)(fn))->entry)
>>>>>>>> +#else
>>>>>>>> +#define function_entry(fn)	((unsigned long)(fn))
>>>>>>>> +#endif
>>>>>>
>>>>>> We already have ppc_function_entry(), can't you use that?
>>>>>
>>>>> I'd like to ask you whether the address which ppc_function_entry() returns on
>>>>> PPC ABIv2 is really same address in kallsyms or not.
>>>>> As you can see, kprobes uses function_entry() to get the actual entry address
>>>>> where kallsyms knows. I have not much information about that, but it seems that
>>>>> the "global entry point" is the address which kallsyms knows, isn't it?
>>>>
>>>> OK. I'm not sure off the top of my head which address kallsyms knows about, but
>>>> yes it's likely that it is the global entry point.
>>>>
>>>> I recently sent a patch to add ppc_global_function_entry(), because we need it
>>>> in the ftrace code. Once that is merged you could use that.
>>>
>>> Yeah, I could use that. But since this is used in arch-independent code (e.g. IA64
>>> needs similar macro), I think we'd better define function_entry() in asm/types.h for
>>> general use (for kallsyms), and rename ppc_function_entry to local_function_entry()
>>> in asm/code-patching.h.
>>>
>>>
>>>> How do you hit the original problem, you don't actually specify in your commit
>>>> message? Something with kprobes obviously, but what exactly? I'll try and
>>>> reproduce it here.
>>>
>>> Ah, those messages should be shown in dmesg when booting if it doesn't work,
>>> because the messages are printed by initialization process of kprobe blacklist.
>>> So, reproducing it is just enabling CONFIG_KPROBES and boot it.
>> Well,  we don't get those messages on Power, since the kallsyms has the
>> entries for ".function_name". The correct way to verify is, either  :
> 
> Hmm, that seems another issue on powerpc. Is that expected(and designed)
> behavior?
AFAIK, yes, it is.
To be more precise :

we have 'foo' and '.foo' for a function foo(), where 'foo' points to the
function_entry and '.foo' points to the actual function.

So, a kallsyms_lookup_size_offset() on both 'foo' and '.foo' will return
a hit. So, if we make sure we use the value of '.foo' (by using the
appropriate macros) we should be fine.

 And if so, how I can verify when initializing blacklist?
> (should I better use kallsyms_lookup() and kallsyms_lookup_name() for
> verification?)
One way to verify would be to make sure the symbol starts with '.' from
the result of the current kallsyms_lookup_size_offset() for PPC.

Thanks
Suzuki

> 
> Thank you,
> 
>>
>> 1) Dump the black_list via xmon ( see :
>> https://lkml.org/lkml/2014/5/29/893 ) and verify the entries.
>>
>> or
>>
>> 2) Issue a kprobe on a black listed entry and hit a success,(which we
>> will, since we don't check the actual function address).
>>
>> Thanks
>> Suzuki
>>
>>
>>>
>>> Thank you,
>>>

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ