lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180730184010.0d5597a1@gandalf.local.home>
Date:   Mon, 30 Jul 2018 18:40:10 -0400
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Masami Hiramatsu <mhiramat@...nel.org>
Cc:     Francis Deslauriers <francis.deslauriers@...icios.com>,
        peterz@...radead.org, Shuah Khan <shuah@...nel.org>,
        mathieu.desnoyers@...icios.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 1/3] tracing: kprobes: Prohibit probing on notrace
 function

On Mon, 30 Jul 2018 19:20:14 +0900
Masami Hiramatsu <mhiramat@...nel.org> wrote:

> Prohibit kprobe-events probing on notrace function.
> Since probing on the notrace function can cause recursive
> event call. In most case those are just skipped, but
> in some case it falls into infinit recursive call.
> 
> This protection can be disabled by the kconfig
> CONFIG_KPROBE_EVENTS_ON_NOTRACE=y, but it is highly
> recommended to keep it "n" for normal kernel.
> Note that this is only available if "kprobes on ftrace"
> has been implemented on target arch and
> CONFIG_KPROBES_ON_FTRACE=y.
> 
> Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
>

Hi Masami,

Note, I made the following changes for grammar. For the Change log I
have this:

    tracing: kprobes: Prohibit probing on notrace function
    
    Prohibit kprobe-events probing on notrace functions.  Since probing on a
    notrace function can cause a recursive event call. In most cases those are just
    skipped, but in some cases it falls into an infinite recursive call.
    
    This protection can be disabled by the kconfig
    CONFIG_KPROBE_EVENTS_ON_NOTRACE=y, but it is highly recommended to keep it
    "n" for normal kernel builds.  Note that this is only available if "kprobes on
    ftrace" has been implemented on the target arch and CONFIG_KPROBES_ON_FTRACE=y.
    
    Link: http://lkml.kernel.org/r/153294601436.32740.10557881188933661239.stgit@devbox
    
    Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
    Tested-by: Francis Deslauriers <francis.deslauriers@...icios.com>
    [ Slight grammar and spelling fixes ]
    Signed-off-by: Steven Rostedt (VMware) <rostedt@...dmis.org>


And this change to the patch:

diff --git a/kernel/trace/Kconfig b/kernel/trace/Kconfig
index 4d4eb15cc7fd..23fc7c9abedb 100644
--- a/kernel/trace/Kconfig
+++ b/kernel/trace/Kconfig
@@ -457,7 +457,7 @@ config KPROBE_EVENTS
 	  If you want to use perf tools, this option is strongly recommended.
 
 config KPROBE_EVENTS_ON_NOTRACE
-	bool "Do NOT protect notrace function from kprobe events"
+	bool "Do NOT protect notrace functions from kprobe events"
 	depends on KPROBE_EVENTS
 	depends on KPROBES_ON_FTRACE
 	default n
@@ -465,13 +465,13 @@ config KPROBE_EVENTS_ON_NOTRACE
 	  This is only for the developers who want to debug ftrace itself
 	  using kprobe events.
 
-	  If kprobes can use ftrace instead of breakpoint, ftrace related
-	  functions are protected from kprobe-events to prevent an infinit
-	  recursion or any unexpected execution path which leads to a kernel
-	  crash.
+	  If kprobes is using ftrace to hook to a function instead of a
+	  breakpoint, ftrace related functions are protected from
+	  kprobe-events to prevent an infinite recursion or any unexpected
+	  execution path which would lead to a kernel crash.
 
 	  This option disables such protection and allows you to put kprobe
-	  events on ftrace functions for debugging ftrace by itself.
+	  events on ftrace functions for debugging ftrace itself.
 	  Note that this might let you shoot yourself in the foot.
 
 	  If unsure, say N.


Are you OK with this?

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ