From: Peter Zijlstra <peterz@infradead.org>
To: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
Cc: Oleg Nesterov <oleg@redhat.com>, Ingo Molnar <mingo@elte.hu>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Masami Hiramatsu <mhiramat@redhat.com>,
Randy Dunlap <rdunlap@xenotime.net>,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
Jim Keniston <jkenisto@linux.vnet.ibm.com>,
Frederic Weisbecker <fweisbec@gmail.com>,
"Frank Ch. Eigler" <fche@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
Roland McGrath <roland@redhat.com>, Mel Gorman <mel@csn.ul.ie>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
Andrea Arcangeli <aarcange@redhat.com>
Subject: Re: [PATCH v2 7/11] Uprobes Implementation
Date: Tue, 11 May 2010 22:43:23 +0200 [thread overview]
Message-ID: <1273610603.1810.101.camel@laptop> (raw)
In-Reply-To: <20100422133154.GA10776@linux.vnet.ibm.com>
On Thu, 2010-04-22 at 19:01 +0530, Srikar Dronamraju wrote:
> * Oleg Nesterov <oleg@redhat.com> [2010-04-21 18:05:15]:
> > 4. mremap(). What if the application does mremap() and moves the
> > memory? After that vaddr of user_bkpt/uprobe no longer matches
> > the virtual address of bp. This breaks uprobe_bkpt_notifier(),
> > unregister_uprobe(), etc.
> >
> > Even worse. Say, unregister_uprobe() calls remove_bkpt().
> > mremap()+mmap() can be called after ->read_opcode() verifies vaddr
> > points to bkpt_insn, but before write_opcode() changes the page.
> >
>
> I dont think we handle this case now. I think even munmap of the region
> where there are probes inserted also can have the same problem.
>
> Are there ways to handle this.
> I think taking a write lock on mmap_sem instead of the read lock could
> handle this problem.
>
> I am copying Mel Gorman and Andrea Arcangeli so that they can provide
> their inputs on VM and KSM related issues.
KSM only does anonymous pages, and I thought uprobes was limited to
MAP_PRIVATE|PROT_EXEC file maps.
We can't hold mmap_sem (for either read or write -- read would be
sufficient to serialize against mmap/mremap/munmap) from atomic uprobe
context, what we can do is validate that there is a INT3 on that
particular address, a mremap/munmap/munmap+mmap will either end not
having a pte entry for the address, or not have the INT3.
That said, you shouldn't be executing code on maps you're changing, much
fun can happen if you try, so I don't think we should expend too much
effort as long as the race will only result in the app crashing and not
the kernel.
next prev parent reply other threads:[~2010-05-11 20:43 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-31 15:51 [PATCH v2 0/11] Uprobes patches Srikar Dronamraju
2010-03-31 15:51 ` [PATCH v2 1/11] Move Macro W to insn.h Srikar Dronamraju
2010-03-31 15:51 ` [PATCH v2 2/11] Move replace_page() to mm/memory.c Srikar Dronamraju
2010-03-31 15:51 ` [PATCH v2 3/11] Enhance replace_page() to support pagecache Srikar Dronamraju
2010-03-31 15:51 ` [PATCH v2 4/11] User Space Breakpoint Assistance Layer Srikar Dronamraju
2010-03-31 15:52 ` [PATCH v2 5/11] X86 details for user space breakpoint assistance Srikar Dronamraju
2010-03-31 15:52 ` [PATCH v2 6/11] Slot allocation for Execution out of line Srikar Dronamraju
2010-03-31 15:52 ` [PATCH v2 7/11] Uprobes Implementation Srikar Dronamraju
2010-04-13 18:35 ` Oleg Nesterov
2010-04-15 9:35 ` Srikar Dronamraju
2010-04-19 19:31 ` Oleg Nesterov
2010-04-20 12:43 ` Srikar Dronamraju
2010-04-20 15:30 ` Oleg Nesterov
2010-04-21 6:59 ` Srikar Dronamraju
2010-04-21 16:05 ` Oleg Nesterov
2010-04-22 13:31 ` Srikar Dronamraju
2010-04-22 15:40 ` Oleg Nesterov
2010-04-23 14:58 ` Srikar Dronamraju
2010-04-23 18:53 ` Oleg Nesterov
2010-05-11 20:47 ` Peter Zijlstra
2010-05-11 20:44 ` Peter Zijlstra
2010-05-11 20:45 ` Peter Zijlstra
2010-05-12 10:31 ` Srikar Dronamraju
2010-05-13 19:40 ` Oleg Nesterov
2010-05-13 19:59 ` Linus Torvalds
2010-05-13 22:12 ` Andi Kleen
2010-05-13 22:25 ` Linus Torvalds
2010-05-14 0:56 ` Roland McGrath
2010-05-14 5:42 ` Srikar Dronamraju
2010-05-11 20:43 ` Peter Zijlstra [this message]
2010-05-12 10:41 ` Srikar Dronamraju
2010-05-12 11:12 ` Peter Zijlstra
2010-05-12 14:24 ` Srikar Dronamraju
2010-05-11 20:32 ` Peter Zijlstra
2010-05-11 20:57 ` Frank Ch. Eigler
2010-05-11 21:01 ` Peter Zijlstra
2010-03-31 15:52 ` [PATCH v2 8/11] X86 details for uprobes Srikar Dronamraju
2010-03-31 15:52 ` [PATCH v2 9/11] Uprobes Documentation patch Srikar Dronamraju
2010-03-31 15:52 ` [PATCH v2 10/11] Uprobes samples Srikar Dronamraju
2010-03-31 15:53 ` [PATCH v2 11/11] Uprobes traceevents patch Srikar Dronamraju
2010-03-31 21:24 ` Steven Rostedt
2010-04-01 4:16 ` Masami Hiramatsu
2010-05-12 14:57 ` Frederic Weisbecker
2010-05-12 11:02 ` Frederic Weisbecker
2010-05-12 14:34 ` Srikar Dronamraju
2010-05-12 15:15 ` Frederic Weisbecker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1273610603.1810.101.camel@laptop \
--to=peterz@infradead.org \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=ananth@in.ibm.com \
--cc=fche@redhat.com \
--cc=fweisbec@gmail.com \
--cc=jkenisto@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mel@csn.ul.ie \
--cc=mhiramat@redhat.com \
--cc=mingo@elte.hu \
--cc=oleg@redhat.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=rdunlap@xenotime.net \
--cc=roland@redhat.com \
--cc=srikar@linux.vnet.ibm.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.