From: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
To: Oleg Nesterov <oleg@redhat.com>
Cc: Ingo Molnar <mingo@elte.hu>,
Peter Zijlstra <peterz@infradead.org>,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
Anton Arapov <anton@redhat.com>,
Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/3] uprobes: Restrict valid_vma(false) to skip VM_SHARED
Date: Tue, 25 Sep 2012 14:35:09 +0530 [thread overview]
Message-ID: <20120925090509.GC18334@linux.vnet.ibm.com> (raw)
In-Reply-To: <20120916175248.GA32373@redhat.com>
* Oleg Nesterov <oleg@redhat.com> [2012-09-16 19:52:48]:
> valid_vma(false) ignores ->vm_flags, this is not actually right.
> We should never try to write into MAP_SHARED mapping, this can
> confuse an apllication which actually writes to ->vm_file.
Agree,
>
> With this patch valid_vma(false) ignores VM_WRITE only but checks
> other (immutable) bits checked by valid_vma(true).
Yes, checking for other immutable flags other than VM_WRITE is good.
> This can also
> speedup uprobe_munmap() and uprobe_unregister().
>
I didnt get how it speeds up uprobe_munmap() and uprobe_unregister()?
> Note: even after this patch _unregister can confuse the probed
> application if it does mprotect(PROT_WRITE) after _register and
> installs "int3", but this is hardly possible to avoid and this
> doesn't differ from gdb case.
>
Again I didnt quite understand how unregister can confuse the probed
application.
> Signed-off-by: Oleg Nesterov <oleg@redhat.com>
The changes look good.
Acked-by: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
> ---
> kernel/events/uprobes.c | 13 ++++---------
> 1 files changed, 4 insertions(+), 9 deletions(-)
>
> diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c
> index b9b50dd..78364a2 100644
> --- a/kernel/events/uprobes.c
> +++ b/kernel/events/uprobes.c
> @@ -100,17 +100,12 @@ struct uprobe {
> */
> static bool valid_vma(struct vm_area_struct *vma, bool is_register)
> {
> - if (!vma->vm_file)
> - return false;
> -
> - if (!is_register)
> - return true;
> + vm_flags_t flags = VM_HUGETLB | VM_MAYEXEC | VM_SHARED;
>
> - if ((vma->vm_flags & (VM_HUGETLB | VM_WRITE | VM_MAYEXEC | VM_SHARED))
> - == VM_MAYEXEC)
> - return true;
> + if (is_register)
> + flags |= VM_WRITE;
>
> - return false;
> + return vma->vm_file && (vma->vm_flags & flags) == VM_MAYEXEC;
> }
>
> static unsigned long offset_to_vaddr(struct vm_area_struct *vma, loff_t offset)
> --
> 1.5.5.1
>
next prev parent reply other threads:[~2012-09-25 9:33 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-16 17:52 [PATCH 0/3] uprobes: mprotect fixes Oleg Nesterov
2012-09-16 17:52 ` [PATCH 1/3] uprobes: Change write_opcode() to use FOLL_FORCE Oleg Nesterov
2012-09-25 8:49 ` Srikar Dronamraju
2012-09-16 17:52 ` [PATCH 2/3] uprobes: Change valid_vma() to demand VM_MAYEXEC rather than VM_EXEC Oleg Nesterov
2012-09-25 8:51 ` Srikar Dronamraju
2012-09-16 17:52 ` [PATCH 3/3] uprobes: Restrict valid_vma(false) to skip VM_SHARED Oleg Nesterov
2012-09-25 9:05 ` Srikar Dronamraju [this message]
2012-09-25 14:20 ` Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120925090509.GC18334@linux.vnet.ibm.com \
--to=srikar@linux.vnet.ibm.com \
--cc=ananth@in.ibm.com \
--cc=anton@redhat.com \
--cc=bigeasy@linutronix.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.