From: Masami Hiramatsu <mhiramat@kernel.org>
To: linux-kernel@vger.kernel.org, Ingo Molnar <mingo@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
"H . Peter Anvin" <hpa@zytor.com>,
Ananth N Mavinakayanahalli <ananth@linux.vnet.ibm.com>,
Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>,
"David S . Miller" <davem@davemloft.net>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
Ye Xiaolong <xiaolong.ye@intel.com>,
mhiramat@kernel.org
Subject: [RFC PATCH tip/master V2 7/8] kprobes/x86: Use probe_kernel_read instead of memcpy
Date: Mon, 27 Mar 2017 16:57:17 +0900 [thread overview]
Message-ID: <149060142278.12303.16404609814924093379.stgit@devbox> (raw)
In-Reply-To: <149060091581.12303.13449343279538504544.stgit@devbox>
Use probe_kernel_read() for avoiding unexpected faults while
copying kernel text in __recover_probed_insn(),
__recover_optprobed_insn() and __copy_instruction().
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
---
Note that this is just an update patch which I had been
sent to LKML last month ( https://lkml.org/lkml/2017/2/27/294 )
---
arch/x86/kernel/kprobes/core.c | 12 +++++++++---
arch/x86/kernel/kprobes/opt.c | 5 ++++-
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c
index 3238752..a9ae61a 100644
--- a/arch/x86/kernel/kprobes/core.c
+++ b/arch/x86/kernel/kprobes/core.c
@@ -259,7 +259,10 @@ __recover_probed_insn(kprobe_opcode_t *buf, unsigned long addr)
* Fortunately, we know that the original code is the ideal 5-byte
* long NOP.
*/
- memcpy(buf, (void *)addr, MAX_INSN_SIZE * sizeof(kprobe_opcode_t));
+ if (probe_kernel_read(buf, (void *)addr,
+ MAX_INSN_SIZE * sizeof(kprobe_opcode_t)))
+ return 0UL;
+
if (faddr)
memcpy(buf, ideal_nops[NOP_ATOMIC5], 5);
else
@@ -271,7 +274,7 @@ __recover_probed_insn(kprobe_opcode_t *buf, unsigned long addr)
* Recover the probed instruction at addr for further analysis.
* Caller must lock kprobes by kprobe_mutex, or disable preemption
* for preventing to release referencing kprobes.
- * Returns zero if the instruction can not get recovered.
+ * Returns zero if the instruction can not get recovered (or access failed).
*/
unsigned long recover_probed_instruction(kprobe_opcode_t *buf, unsigned long addr)
{
@@ -365,7 +368,10 @@ int __copy_instruction(u8 *dest, u8 *src)
/* Another subsystem puts a breakpoint, failed to recover */
if (insn.opcode.bytes[0] == BREAKPOINT_INSTRUCTION)
return 0;
- memcpy(dest, insn.kaddr, length);
+
+ /* This can access kernel text if given address is not recovered */
+ if (kernel_probe_read(dest, insn.kaddr, length))
+ return 0;
#ifdef CONFIG_X86_64
/* Only x86_64 has RIP relative instructions */
diff --git a/arch/x86/kernel/kprobes/opt.c b/arch/x86/kernel/kprobes/opt.c
index b121037..5b52334 100644
--- a/arch/x86/kernel/kprobes/opt.c
+++ b/arch/x86/kernel/kprobes/opt.c
@@ -65,7 +65,10 @@ unsigned long __recover_optprobed_insn(kprobe_opcode_t *buf, unsigned long addr)
* overwritten by jump destination address. In this case, original
* bytes must be recovered from op->optinsn.copied_insn buffer.
*/
- memcpy(buf, (void *)addr, MAX_INSN_SIZE * sizeof(kprobe_opcode_t));
+ if (probe_kernel_read(buf, (void *)addr,
+ MAX_INSN_SIZE * sizeof(kprobe_opcode_t)))
+ return 0UL;
+
if (addr == (unsigned long)kp->addr) {
buf[0] = kp->opcode;
memcpy(buf + 1, op->optinsn.copied_insn, RELATIVE_ADDR_SIZE);
next prev parent reply other threads:[~2017-03-27 7:58 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-27 7:48 [RFC PATCH tip/master V2 0/8] kprobes/x86: Make kprobes instruction buffers read-only Masami Hiramatsu
2017-03-27 7:49 ` [RFC PATCH tip/master V2 1/8] kprobes/x86: Fix not to boost call far instruction Masami Hiramatsu
2017-03-27 7:51 ` [RFC PATCH tip/master V2 2/8] kprobes/x86: Fix the description of __copy_instruction() Masami Hiramatsu
2017-03-27 7:52 ` [RFC PATCH tip/master V2 3/8] kprobes/x86: Use instruction decoder for booster Masami Hiramatsu
2017-03-27 7:53 ` [RFC PATCH tip/master V2 4/8] kprobes/x86: Do not modify singlestep buffer while resuming Masami Hiramatsu
2017-03-28 7:04 ` Ingo Molnar
2017-03-28 15:28 ` Masami Hiramatsu
2017-03-27 7:54 ` [RFC PATCH tip/master V2 5/8] kprobes/x86: Make boostable flag boolean Masami Hiramatsu
2017-03-27 7:56 ` [RFC PATCH tip/master V2 6/8] kprobes/x86: Set kprobes pages readonly Masami Hiramatsu
2017-03-27 7:57 ` Masami Hiramatsu [this message]
2017-03-27 7:58 ` [RFC PATCH tip/master V2 8/8] kprobes/x86: Consolidate insn decoder users for copying code Masami Hiramatsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=149060142278.12303.16404609814924093379.stgit@devbox \
--to=mhiramat@kernel.org \
--cc=ananth@linux.vnet.ibm.com \
--cc=anil.s.keshavamurthy@intel.com \
--cc=aryabinin@virtuozzo.com \
--cc=davem@davemloft.net \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=xiaolong.ye@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.