From: Ananth N Mavinakayanahalli <ananth@in.ibm.com>
To: "Yakov Lerner" <iler.ml@gmail.com>
Cc: prasanna@in.ibm.com, anil.s.keshavamurthy@intel.com,
davem@davemloft.net, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Subject: kprobes-x86: correct post-eip value in post_hander()
Date: Mon, 17 Mar 2008 18:09:51 +0530 [thread overview]
Message-ID: <20080317123951.GC7229@in.ibm.com> (raw)
In-Reply-To: <f36b08ee0803170359w675130bas296b5276da5f2a3d@mail.gmail.com>
On Mon, Mar 17, 2008 at 12:59:05PM +0200, Yakov Lerner wrote:
> On Mon, Mar 17, 2008 at 7:19 AM, Ananth N Mavinakayanahalli
> <ananth@in.ibm.com> wrote:
> > On Sun, Mar 16, 2008 at 03:21:21AM -0500, Yakov Lerner wrote:
> > >
> > > I was trying to get the address of instruction to be executed
> > > next after the kprobed instruction. But regs->eip in post_handler()
> > > contains value which is useless to the user. It's pre-corrected value.
> > > This value is difficult to use without access to resume_execution(), which
> > > is not exported anyway.
> > > I moved the invocation of post_handler() to *after* resume_execution().
> > > Now regs->eip contains meaningful value in post_handler().
> > >
> > > I do not think this change breaks any backward-compatibility.
> > > To make meaning of the old value, post_handler() would need access to
> > > resume_execution() which is not exported. I have difficulty to believe
> > > that previous, uncorrected, regs->eip can be meaningfully used in
> > > post_handler().
> >
> > resume_execution() exists not just for the program counter fixups after
> > out-of-line singlestepping, but is also as an insurance to put the
> > program counter back to the correct address in case the user's
> > post_handler() mucks around with it. That isn't possible with this
> > change :-(
>
> I see your point. This can be prevented by saving and restoring regs->ip
> around the post_handler() call, no ? Current code is beautiful. Saving and
> restoring regs->ip would make this place look ugly.
>
> Otoh, if the post_handler() wants to crash the kernel, it can do it
> in thousand ways, not just by trashing regs->ip, no ?
Of course, there still are other ways to shoot yourself in the foot with
the post_handler(), but, atleast for cases we can control, we need to do
the right thing.
Ananth
next prev parent reply other threads:[~2008-03-17 12:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-16 8:21 [PATCH] Subject: kprobes-x86: correct post-eip value in post_hander() Yakov Lerner
2008-03-17 5:19 ` Ananth N Mavinakayanahalli
2008-03-17 10:59 ` Yakov Lerner
2008-03-17 12:39 ` Ananth N Mavinakayanahalli [this message]
2008-03-17 22:17 ` Masami Hiramatsu
2008-03-18 4:26 ` Ananth N Mavinakayanahalli
2008-03-21 11:08 ` Ingo Molnar
2008-03-21 11:31 ` Ananth N Mavinakayanahalli
2008-03-21 14:32 ` Ingo Molnar
2008-03-21 14:51 ` Ananth N Mavinakayanahalli
2008-03-21 23:18 ` Masami Hiramatsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080317123951.GC7229@in.ibm.com \
--to=ananth@in.ibm.com \
--cc=anil.s.keshavamurthy@intel.com \
--cc=davem@davemloft.net \
--cc=iler.ml@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=prasanna@in.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.