| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Mar 2024 00:39:01 +0900
From: Masami Hiramatsu (Google) <mhiramat@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Jinghao Jia <jinghao7@...inois.edu>, Masami Hiramatsu (Google)
<mhiramat@...nel.org>, Steven Rostedt <rostedt@...dmis.org>, Masami
Hiramatsu <mhiramat@...nel.org>, linux-kernel@...r.kernel.org
Subject: [GIT PULL] probes: Updates for v6.9
Hi Linus,
Probes updates for v6.9:
- x96/kprobes: Use boolean for some function return instead of 0 and 1.
- x86/kprobes: Prohibit probing on INT/UD. This prevents user to put kprobe on
INTn/INT1/INT3/INTO and UD0/UD1/UD2 because these are used for a special
purpose in the kernel.
- x86/kprobes: Boost Grp instructions. Because a few percent of kernel
instructions are Grp 2/3/4/5 and those are safe to be executed without
ip register fixup, allow those to be boosted (direct execution on the
trampoline buffer with a JMP).
- tracing/probes: Add function argument access from return events (kretprobe
and fprobe). This allows user to compare how a data structure field is
changed after executing a function. With BTF, return event also accepts
function argument access by name. This also includes below patches;
. Fix a wrong comment (using "Kretprobe" in fprobe)
. Cleanup a big probe argument parser function into three parts, type
parser, post-processing function, and main parser.
. Cleanup to set nr_args field when initializing trace_probe instead of
counting up it while parsing.
. Cleanup a redundant #else block from tracefs/README source code.
. Update selftests to check entry argument access from return probes.
. Documentation update about entry argument access from return probes.
Please pull the latest probes-v6.9 tree, which can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace.git
probes-v6.9
Tag SHA1: 4c6745d26a2ff77a803db82beb2168f9c37b8f2b
Head SHA1: e8c32f24766a1f22da024e73d1eb8e9c822482ac
Jinghao Jia (3):
x86/kprobes: Refactor can_{probe,boost} return type to bool
x86/kprobes: Prohibit kprobing on INT and UD
x86/kprobes: Boost more instructions from grp2/3/4/5
Masami Hiramatsu (Google) (7):
tracing/fprobe-event: cleanup: Fix a wrong comment in fprobe event
tracing/probes: Cleanup probe argument parser
tracing/probes: cleanup: Set trace_probe::nr_args at trace_probe_init
tracing: Remove redundant #else block for BTF args from README
tracing/probes: Support $argN in return probe (kprobe and fprobe)
selftests/ftrace: Add test cases for entry args at function exit
Documentation: tracing: Add entry argument access at function exit
----
Documentation/trace/fprobetrace.rst | 31 ++
Documentation/trace/kprobetrace.rst | 9 +
arch/x86/kernel/kprobes/common.h | 2 +-
arch/x86/kernel/kprobes/core.c | 98 +++--
kernel/trace/trace.c | 5 +-
kernel/trace/trace_eprobe.c | 8 +-
kernel/trace/trace_fprobe.c | 59 ++-
kernel/trace/trace_kprobe.c | 58 ++-
kernel/trace/trace_probe.c | 417 +++++++++++++++------
kernel/trace/trace_probe.h | 30 +-
kernel/trace/trace_probe_tmpl.h | 10 +-
kernel/trace/trace_uprobe.c | 14 +-
.../ftrace/test.d/dynevent/fprobe_entry_arg.tc | 18 +
.../ftrace/test.d/dynevent/fprobe_syntax_errors.tc | 4 +
.../ftrace/test.d/kprobe/kprobe_syntax_errors.tc | 2 +
.../ftrace/test.d/kprobe/kretprobe_entry_arg.tc | 18 +
16 files changed, 584 insertions(+), 199 deletions(-)
create mode 100644 tools/testing/selftests/ftrace/test.d/dynevent/fprobe_entry_arg.tc
create mode 100644 tools/testing/selftests/ftrace/test.d/kprobe/kretprobe_entry_arg.tc
--
Masami Hiramatsu (Google) <mhiramat@...nel.org>
Powered by blists - more mailing lists