lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 1 Mar 2022 20:12:45 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     "Naveen N. Rao" <naveen.n.rao@...ux.vnet.ibm.com>
Cc:     Masami Hiramatsu <mhiramat@...nel.org>,
        alexei.starovoitov@...il.com, alyssa.milburn@...el.com,
        andrew.cooper3@...rix.com, hjl.tools@...il.com,
        joao@...rdrivepizza.com, jpoimboe@...hat.com,
        keescook@...omium.org, linux-kernel@...r.kernel.org,
        mark.rutland@....com, mbenes@...e.cz, ndesaulniers@...gle.com,
        rostedt@...dmis.org, samitolvanen@...gle.com, x86@...nel.org
Subject: Re: [PATCH v2 15/39] x86/ibt,kprobes: Fix more +0 assumptions

On Tue, Mar 01, 2022 at 10:49:09PM +0530, Naveen N. Rao wrote:
> Peter Zijlstra wrote:
> > On Tue, Mar 01, 2022 at 11:49:05AM +0900, Masami Hiramatsu wrote:
> > 
> > > - the 'offset' is NOT limited under the symbol size.
> > >   (e.g. symbol_name = "_text" and @offset points the offset of target symbol from _text)
> > > 
> > > This means we need to call kallsyms_lookup_size_offset() in this case too.
> > 
> > I'm feeling we should error out in that case. Using sym+offset beyond
> > the limits of sym is just daft.
> > 
> > But if you really want/need to retain that, then yes, we need that
> > else branch unconditionally :/
> 
> I think we will need this. perf always specifies an offset from _text.

The _text section symbol should have an adequate size, no?

> Also, I just noticed:

> > +		if (!kallsyms_lookup_size_offset((unsigned long)addr + offset,
> > +						 NULL, &offset))
> > +			return ERR_PTR(-ENOENT);
> > +		addr = (kprobe_opcode_t *)((unsigned long)addr - offset);
> >  	}
> 
> This looks wrong. I think you need to retain offset to calculate the proper
> function entry address so that you can do:
> 	addr = (kprobe_opcode_t *)((unsigned long)(addr + offset) - func_offset);
> 	offset = func_offset;


Right you are, it needs to be:

	addr += offset;
	kallsyms_lookup_size_offset(addr, &size, &offset);
	addr -= offset;

with all the extra unreadable casts on.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ