lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.20.1705162340300.2095@nanos>
Date:   Tue, 16 May 2017 23:42:58 +0200 (CEST)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Masami Hiramatsu <mhiramat@...nel.org>
cc:     Steven Rostedt <rostedt@...dmis.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: WARNING at arch/x86/kernel/alternative.c:707
 text_poke+0x25d/0x270

On Wed, 17 May 2017, Masami Hiramatsu wrote:
> On Tue, 16 May 2017 09:48:02 -0400
> Steven Rostedt <rostedt@...dmis.org> wrote:
> > It appears that the kprobe_optimizer work thread call happened after
> > the init pages were freed, causing alternative.c to give the above
> > warning because the text that is being unoptimized happens to no longer
> > exist.
> 
> Ah, I see. I need to check that case. Actually for the module
> init text area, kill_kprobe() correctly kicks kill_optimized_kprobe()
> so it should safe. But above case is on the init-text in kernel
> itself. I guess module_notifier may not be called for that area...

Find below the patch I'm using for now .

Thanks,

	tglx

8<--------------------

--- a/include/linux/kprobes.h
+++ b/include/linux/kprobes.h
@@ -349,6 +349,9 @@ extern int proc_kprobes_optimization_han
 					     int write, void __user *buffer,
 					     size_t *length, loff_t *ppos);
 #endif
+extern void wait_for_kprobe_optimizer(void);
+#else
+static inline void wait_for_kprobe_optimizer(void) { }
 #endif /* CONFIG_OPTPROBES */
 #ifdef CONFIG_KPROBES_ON_FTRACE
 extern void kprobe_ftrace_handler(unsigned long ip, unsigned long parent_ip,
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -595,7 +595,7 @@ static void kprobe_optimizer(struct work
 }
 
 /* Wait for completing optimization and unoptimization */
-static void wait_for_kprobe_optimizer(void)
+void wait_for_kprobe_optimizer(void)
 {
 	mutex_lock(&kprobe_mutex);
 
--- a/kernel/trace/trace_kprobe.c
+++ b/kernel/trace/trace_kprobe.c
@@ -1535,6 +1535,11 @@ static __init int kprobe_trace_self_test
 
 end:
 	release_all_trace_kprobes();
+	/*
+	 * Wait for the optimizer work to finish. Otherwise it might fiddle
+	 * with probes in already freed __init text.
+	 */
+	wait_for_kprobe_optimizer();
 	if (warn)
 		pr_cont("NG: Some tests are failed. Please check them.\n");
 	else

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ