lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170705104216.674ejyueqquctsn5@gmail.com>
Date:   Wed, 5 Jul 2017 12:42:16 +0200
From:   Ingo Molnar <mingo@...nel.org>
To:     "Naveen N. Rao" <naveen.n.rao@...ux.vnet.ibm.com>
Cc:     Masami Hiramatsu <mhiramat@...nel.org>,
        Ananth N Mavinakayanahalli <ananth@...ux.vnet.ibm.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] jprobes: Ensure that the probepoint is at function entry


* Naveen N. Rao <naveen.n.rao@...ux.vnet.ibm.com> wrote:

> Similar to commit 90ec5e89e393c ("kretprobes: Ensure probe location is
> at function entry"), ensure that the jprobe probepoint is at function
> entry.
> 
> Signed-off-by: Naveen N. Rao <naveen.n.rao@...ux.vnet.ibm.com>
> ---
>  kernel/kprobes.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index adfe3b4cfe05..950018609339 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -1776,9 +1776,14 @@ int register_jprobes(struct jprobe **jps, int num)
>  		jp = jps[i];
>  		addr = arch_deref_entry_point(jp->entry);
>  
> -		/* Verify probepoint is a function entry point */
> +		/*
> +		 * Verify probepoint as well as the jprobe handler are
> +		 * function entry points.
> +		 */
>  		if (kallsyms_lookup_size_offset(addr, NULL, &offset) &&
> -		    offset == 0) {
> +				offset == 0 &&
> +				function_offset_within_entry(jp->kp.addr,
> +					jp->kp.symbol_name, jp->kp.offset)) {
>  			jp->kp.pre_handler = setjmp_pre_handler;
>  			jp->kp.break_handler = longjmp_break_handler;
>  			ret = register_kprobe(&jp->kp);

Yeah, so I agree with the fix, but the line breaks there are disgusting.

One solution would be to split out the iterator into a register_jprobe() function. 
Also, introduce a 'kp' temporary variable to simplify and shorten usage.

Also, 'function_offset_within_entry' is way too long a name, and it's also a 
minomer I think. The purpose of this function is to enforce that the relative 
'offset' of a new probe is at the standard function entry offset: i.e. 0 on most 
architectures, and some ABI dependent constant on PowerPC, right?

That's not at all clear from that name, plus it's a global namespace symbol, yet 
has no 'kprobes' prefix. So it should be named something like 
'kprobe_offset_valid()' or such, with an arch_kprobe_offset_valid() counterpart.

All of these cleanups should be in separate patches - with the fix in the end.

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ