| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230516141028.d3a9cb541bf1b7ef0deb79c3@kernel.org>
Date: Tue, 16 May 2023 14:10:28 +0900
From: Masami Hiramatsu (Google) <mhiramat@...nel.org>
To: Masami Hiramatsu (Google) <mhiramat@...nel.org>
Cc: Steven Rostedt <rostedt@...dmis.org>, Yonghong Song <yhs@...a.com>,
Ze Gao <zegao2021@...il.com>, Jiri Olsa <olsajiri@...il.com>,
Song Liu <song@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <martin.lau@...ux.dev>,
Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...gle.com>,
Hao Luo <haoluo@...gle.com>, Ze Gao <zegao@...cent.com>,
bpf@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-trace-kernel@...r.kernel.org
Subject: Re: [PATCH] bpf: reject blacklisted symbols in kprobe_multi to
avoid recursive trap
On Tue, 16 May 2023 13:31:53 +0900
Masami Hiramatsu (Google) <mhiramat@...nel.org> wrote:
> On Sat, 13 May 2023 00:17:57 -0400
> Steven Rostedt <rostedt@...dmis.org> wrote:
>
> > On Fri, 12 May 2023 07:29:02 -0700
> > Yonghong Song <yhs@...a.com> wrote:
> >
> > > A fprobe_blacklist might make sense indeed as fprobe and kprobe are
> > > quite different... Thanks for working on this.
> >
> > Hmm, I think I see the problem:
> >
> > fprobe_kprobe_handler() {
> > kprobe_busy_begin() {
> > preempt_disable() {
> > preempt_count_add() { <-- trace
> > fprobe_kprobe_handler() {
> > [ wash, rinse, repeat, CRASH!!! ]
> >
> > Either the kprobe_busy_begin() needs to use preempt_disable_notrace()
> > versions, or fprobe_kprobe_handle() needs a
> > ftrace_test_recursion_trylock() call.
>
> Oops, I got it. Is preempt_count_add() tracable? If so, kprobe_busy_begin()
> should be updated.
OK, preempt_count_add() is NOKPROBE_SYMBOL() so kprobe_busy_begin() should
be safe. The problem is in fprobe_kprobe_handler() then.
Thanks!
>
> Thanks,
>
> >
> > -- Steve
>
>
> --
> Masami Hiramatsu (Google) <mhiramat@...nel.org>
--
Masami Hiramatsu (Google) <mhiramat@...nel.org>
Powered by blists - more mailing lists