lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180205082423.GB1253@krava>
Date:   Mon, 5 Feb 2018 09:24:23 +0100
From:   Jiri Olsa <jolsa@...hat.com>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     linux-kernel@...r.kernel.org,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Ingo Molnar <mingo@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Tom Zanussi <tom.zanussi@...ux.intel.com>,
        linux-rt-users@...r.kernel.org, linux-trace-users@...r.kernel.org,
        Arnaldo Carvalho de Melo <acme@...nel.org>,
        Clark Williams <williams@...hat.com>,
        Daniel Bristot de Oliveira <bristot@...hat.com>,
        Juri Lelli <juri.lelli@...hat.com>,
        Jonathan Corbet <corbet@....net>,
        Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
        Namhyung Kim <namhyung@...nel.org>,
        Alexei Starovoitov <alexei.starovoitov@...il.com>
Subject: Re: [PATCH 01/18] tracing: Add function based events

On Fri, Feb 02, 2018 at 06:04:59PM -0500, Steven Rostedt wrote:

SNIP

> +static int create_function_event(int argc, char **argv)
> +{
> +	struct func_event *func_event, *fe;
> +	enum func_states state = FUNC_STATE_INIT;
> +	char *token;
> +	char *ptr;
> +	char last;
> +	int ret = -EINVAL;
> +	int i;
> +
> +	func_event = kzalloc(sizeof(*func_event), GFP_KERNEL);
> +	if (!func_event)
> +		return -ENOMEM;
> +
> +	INIT_LIST_HEAD(&func_event->files);
> +	func_event->ops.func = func_event_call;
> +	func_event->ops.flags = FTRACE_OPS_FL_SAVE_REGS;
> +
> +	for (i = 0; i < argc; i++) {
> +		ptr = argv[i];
> +		last = 0;
> +		for (token = next_token(&ptr, &last); token;
> +		     token = next_token(&ptr, &last)) {
> +			state = process_event(func_event, token, state);
> +			if (state == FUNC_STATE_ERROR)
> +				goto fail;
> +		}
> +	}
> +	if (state != FUNC_STATE_END)
> +		goto fail;
> +
> +	ret = -EALREADY;
> +	list_for_each_entry(fe, &func_events, list) {
> +		if (strcmp(fe->func, func_event->func) == 0)
> +			goto fail;
> +	}
> +
> +	ret = ftrace_set_filter(&func_event->ops, func_event->func,
> +				strlen(func_event->func), 0);
> +	if (ret < 0)
> +		goto fail;
> +
> +	ret = func_event_create(func_event);
> +	if (ret < 0)
> +		goto fail;
> +
> +	list_add_tail(&func_event->list, &func_events);
> +	return 0;

should this be done under 'func_event_mutex' ?

I tried and crashed the system by running 2 scripts with:

  echo 'ip_rcv(u64 skb, u64 dev)' > /sys/kernel/debug/tracing/function_events
  echo 'SyS_openat(int dfd, string buf, x32 flags, x32 mode)' >> /sys/kernel/debug/tracing/function_events
  echo 'SyS_open(x8[32] buf, x32 flags, x32 mode)' >> /sys/kernel/debug/tracing/function_events

jirka


[  376.727159] general protection fault: 0000 [#1] SMP PTI
[  376.732992] Modules linked in: intel_rapl sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul igb ghash_clmulni_intel intel_cstate ptp intel_uncore pps_core iTCO_wdt iTCO_vendor_support ipmi_ssif ipmi_si ipmi_devintf ipmi_msghandler shpchp ioatdma cdc_ether usbnet mii intel_rapl_perf i2c_i801 tpm_tis tpm_tis_core dca tpm lpc_ich wmi xfs libcrc32c mgag200 i2c_algo_bit drm_kms_helper ttm crc32c_intel drm megaraid_sas
[  376.779583] CPU: 9 PID: 1285 Comm: t.sh Not tainted 4.15.0-rc9idle+ #32
[  376.786956] Hardware name: IBM System x3650 M4 : -[7915E2G]-/00Y7683, BIOS -[VVE124AUS-1.30]- 11/21/2012
[  376.797545] RIP: 0010:__unregister_trace_event+0xe/0x70
[  376.803376] RSP: 0018:ffffa643043cbc50 EFLAGS: 00010286
[  376.809206] RAX: dead000000000100 RBX: ffff91b6340c2480 RCX: ffffffffbf2ebf50
[  376.817170] RDX: dead000000000200 RSI: ffffffffbf2ed540 RDI: ffff91b6340c2480
[  376.825135] RBP: ffff91b6340c2460 R08: 0000000000000001 R09: 0000000000000000
[  376.833099] R10: ffffa643043cbc78 R11: 0000000000000000 R12: ffff91b6340c2400
[  376.841062] R13: ffff91b6326f8600 R14: dead000000000200 R15: dead000000000100
[  376.849028] FS:  00007ff3644bcb40(0000) GS:ffff91b63fac0000(0000) knlGS:0000000000000000
[  376.858058] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  376.864469] CR2: 000055c83b531008 CR3: 00000004736d0003 CR4: 00000000000606e0
[  376.872433] Call Trace:
[  376.875168]  event_remove+0x72/0x120
[  376.879159]  trace_remove_event_call+0x79/0xd0
[  376.884117]  func_event_open+0xb1/0xd0
[  376.888302]  ? free_func_event+0x70/0x70
[  376.892673]  do_dentry_open+0x1b1/0x2d0
[  376.896954]  path_openat+0x602/0x14e0
[  376.901041]  do_filp_open+0x9b/0x110
[  376.905032]  ? __vfs_write+0x33/0x170
[  376.909119]  ? __check_object_size+0xaf/0x1b0
[  376.913981]  ? do_sys_open+0x1bd/0x250
[  376.918164]  do_sys_open+0x1bd/0x250
[  376.922156]  entry_SYSCALL_64_fastpath+0x20/0x83
[  376.927299] RIP: 0033:0x7ff363ba01c0
[  376.931287] RSP: 002b:00007ffdf21e4978 EFLAGS: 00000246
[  376.931290] Code: e0 d9 2e bf e9 94 aa 6e 00 0f 1f 40 00 48 c7 c7 e0 d9 2e bf e9 54 5c f7 ff 0f 1f 40 00 53 48 8b 07 48 89 fb 48 8b 57 08 48 85 c0 <48> 89 02 74 04 48 89 50 08 48 b8 00 01 00 00 00 00 ad de 48 8d 
[  376.958209] RIP: __unregister_trace_event+0xe/0x70 RSP: ffffa643043cbc50
[  376.965711] ---[ end trace b3dd6064ee6bc2f4 ]---

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ