lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 26 Jul 2018 09:41:06 +0900
From:   Masami Hiramatsu <mhiramat@...nel.org>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     Francis Deslauriers <francis.deslauriers@...icios.com>,
        peterz@...radead.org, mathieu.desnoyers@...icios.com,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] tracing: kprobes: Prohibit probing on notrace
 functions

On Fri, 13 Jul 2018 08:18:03 -0400
Steven Rostedt <rostedt@...dmis.org> wrote:

> On Fri, 13 Jul 2018 11:53:01 +0900
> Masami Hiramatsu <mhiramat@...nel.org> wrote:
> 
> > On Thu, 12 Jul 2018 13:54:12 -0400
> > Francis Deslauriers <francis.deslauriers@...icios.com> wrote:
> > 
> > > From: Masami Hiramatsu <mhiramat@...nel.org>
> > > 
> > > Prohibit kprobe-events probing on notrace function.
> > > Since probing on the notrace function can cause recursive
> > > event call. In most case those are just skipped, but
> > > in some case it falls into infinite recursive call.  
> > 
> > BTW, I'm considering to add an option to allow putting
> > kprobes on notrace function - just for debugging 
> > ftrace by kprobes. That is "developer only" option
> > so generally it should be disabled, but for debugging
> > the ftrace, we still need it. Or should I introduce
> > another kprobes module for debugging it?
> 
> No, I think the former is better (to add an option to allow putting
> kprobes on notrace functions). By default we let people protect
> themselves. But if then provide a switch that lets you do things that
> might let you shoot yourself in the foot.

I'm adding CONFIG_KPROBE_EVENTS_ON_NOTRACE kconfig which allows
kprobes on notrace function. I think we don't need to make it
online switchable, since it is only good for ftrace developers.

Thank you,

> 
> BTW, I'm now leaving on vacation. I'll be back on the 23rd and will be
> looking for patches that I should be pulling in then.
> 
> Thanks!
> 
> -- Steve


-- 
Masami Hiramatsu <mhiramat@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ