| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210203085232.402e2e35@oasis.local.home>
Date: Wed, 3 Feb 2021 08:52:32 -0500
From: Steven Rostedt <rostedt@...dmis.org>
To: Masami Hiramatsu <mhiramat@...nel.org>
Cc: Peter Zijlstra <peterz@...radead.org>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Nikolay Borisov <nborisov@...e.com>,
LKML <linux-kernel@...r.kernel.org>,
Alexei Starovoitov <ast@...nel.org>, bpf <bpf@...r.kernel.org>,
Josh Poimboeuf <jpoimboe@...hat.com>
Subject: Re: kprobes broken since 0d00449c7a28 ("x86: Replace ist_enter()
with nmi_enter()")
On Wed, 3 Feb 2021 22:33:28 +0900
Masami Hiramatsu <mhiramat@...nel.org> wrote:
> Ah, that is what I worried about. ftrace and kprobes handler usually want to
> know "what is the actual status of the system where the probe hits".
>
> If the new kernel_exception_enter() for ftrace/kprobes or any other kernel
> instrumention does
>
> __preempt_count_add(KEX_OFFSET + NMI_OFFSET + HARDIRQ_OFFSET);
>
> And we can distinguish the KEX from NMI, and get the original status of the context.
> What would you think about?
Oh, that reminds me about the obvious difference between an NMI and a
ftrace handler. A ftrace handler doesn't disable interrupts nor
preemption. Thus, if you set "in_nmi" to a ftrace handler, and an
interrupt (or NMI) comes in, then any ftrace handlers called by the
interrupt / NMI will be ignored, since it will think it is recursing
from NMI context.
-- Steve
Powered by blists - more mailing lists