From: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
To: Anton Arapov <anton@redhat.com>
Cc: Oleg Nesterov <oleg@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
Josh Stone <jistone@redhat.com>, Frank Eigler <fche@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Ingo Molnar <mingo@elte.hu>,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
adrian.m.negreanu@intel.com, Torsten.Polle@gmx.de
Subject: Re: [PATCH v1 3/9] uretprobes/x86: Hijack return address
Date: Sun, 7 Apr 2013 17:18:59 +0530 [thread overview]
Message-ID: <20130407114859.GC2186@linux.vnet.ibm.com> (raw)
In-Reply-To: <1365004839-21982-4-git-send-email-anton@redhat.com>
* Anton Arapov <anton@redhat.com> [2013-04-03 18:00:33]:
> Hijack the return address and replace it with a trampoline address.
>
> v1 changes:
> * use force_sig_info()
> * rework and simplify logic
>
> RFCv5 changes:
> * change the fail return code, because orig_ret_vaddr=0 is possible
> * style fixup
> RFCv2 changes:
> * remove ->doomed flag, kill task immediately
>
> Signed-off-by: Anton Arapov <anton@redhat.com>
Acked-by: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
> ---
> arch/x86/include/asm/uprobes.h | 1 +
> arch/x86/kernel/uprobes.c | 29 +++++++++++++++++++++++++++++
> 2 files changed, 30 insertions(+)
>
> diff --git a/arch/x86/include/asm/uprobes.h b/arch/x86/include/asm/uprobes.h
> index 8ff8be7..6e51979 100644
> --- a/arch/x86/include/asm/uprobes.h
> +++ b/arch/x86/include/asm/uprobes.h
> @@ -55,4 +55,5 @@ extern int arch_uprobe_post_xol(struct arch_uprobe *aup, struct pt_regs *regs);
> extern bool arch_uprobe_xol_was_trapped(struct task_struct *tsk);
> extern int arch_uprobe_exception_notify(struct notifier_block *self, unsigned long val, void *data);
> extern void arch_uprobe_abort_xol(struct arch_uprobe *aup, struct pt_regs *regs);
> +extern unsigned long arch_uretprobe_hijack_return_addr(unsigned long trampoline_vaddr, struct pt_regs *regs);
> #endif /* _ASM_UPROBES_H */
> diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c
> index 0ba4cfb..2ed8459 100644
> --- a/arch/x86/kernel/uprobes.c
> +++ b/arch/x86/kernel/uprobes.c
> @@ -697,3 +697,32 @@ bool arch_uprobe_skip_sstep(struct arch_uprobe *auprobe, struct pt_regs *regs)
> send_sig(SIGTRAP, current, 0);
> return ret;
> }
> +
> +unsigned long
> +arch_uretprobe_hijack_return_addr(unsigned long trampoline_vaddr, struct pt_regs *regs)
> +{
> + int rasize, ncopied;
> + unsigned long orig_ret_vaddr = 0; /* clear high bits for 32-bit apps */
> +
> + rasize = is_ia32_task() ? 4 : 8;
> + ncopied = copy_from_user(&orig_ret_vaddr, (void __user *)regs->sp, rasize);
> + if (unlikely(ncopied))
> + return -1;
> +
> + /* check whether address has been already hijacked */
> + if (orig_ret_vaddr == trampoline_vaddr)
> + return orig_ret_vaddr;
> +
> + ncopied = copy_to_user((void __user *)regs->sp, &trampoline_vaddr, rasize);
> + if (likely(!ncopied))
> + return orig_ret_vaddr;
> +
> + if (ncopied != rasize) {
> + pr_err("uprobe: return address clobbered: pid=%d, %%sp=%#lx, "
> + "%%ip=%#lx\n", current->pid, regs->sp, regs->ip);
> +
> + force_sig_info(SIGSEGV, SEND_SIG_FORCED, current);
> + }
> +
> + return -1;
> +}
> --
> 1.8.1.4
>
--
Thanks and Regards
Srikar Dronamraju
next prev parent reply other threads:[~2013-04-07 11:54 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-03 16:00 [PATCH v1 0/9] uretprobes: Return uprobes implementation Anton Arapov
2013-04-03 16:00 ` [PATCH v1 1/9] uretprobes: Introduce uprobe_consumer->ret_handler() Anton Arapov
2013-04-07 11:37 ` Srikar Dronamraju
2013-04-03 16:00 ` [PATCH v1 2/9] uretprobes: Reserve the first slot in xol_vma for trampoline Anton Arapov
2013-04-07 11:44 ` Srikar Dronamraju
2013-04-09 14:16 ` Oleg Nesterov
2013-04-03 16:00 ` [PATCH v1 3/9] uretprobes/x86: Hijack return address Anton Arapov
2013-04-07 11:48 ` Srikar Dronamraju [this message]
2013-04-03 16:00 ` [PATCH v1 4/9] uretprobes/ppc: " Anton Arapov
2013-04-04 3:31 ` Ananth N Mavinakayanahalli
2013-04-07 11:51 ` Srikar Dronamraju
2013-04-03 16:00 ` [PATCH v1 5/9] uretprobes: Return probe entry, prepare_uretprobe() Anton Arapov
2013-04-07 11:52 ` Srikar Dronamraju
2013-04-03 16:00 ` [PATCH v1 6/9] uretprobes: Return probe exit, invoke handlers Anton Arapov
2013-04-07 10:53 ` Srikar Dronamraju
2013-04-09 14:05 ` Oleg Nesterov
2013-04-09 20:13 ` Oleg Nesterov
2013-04-13 10:01 ` Srikar Dronamraju
2013-04-13 16:10 ` Oleg Nesterov
2013-04-03 16:00 ` [PATCH v1 7/9] uretprobes: Limit the depth of return probe nestedness Anton Arapov
2013-04-07 11:55 ` Srikar Dronamraju
2013-04-03 16:00 ` [PATCH v1 8/9] uretprobes: Remove -ENOSYS as return probes implemented Anton Arapov
2013-04-07 11:56 ` Srikar Dronamraju
2013-04-03 16:00 ` [PATCH v1 9/9] uretprobes: Documentation update Anton Arapov
2013-04-07 11:57 ` Srikar Dronamraju
2013-04-03 17:45 ` [PATCH v1 0/9] uretprobes: Return uprobes implementation Oleg Nesterov
2013-04-04 3:32 ` Ananth N Mavinakayanahalli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130407114859.GC2186@linux.vnet.ibm.com \
--to=srikar@linux.vnet.ibm.com \
--cc=Torsten.Polle@gmx.de \
--cc=adrian.m.negreanu@intel.com \
--cc=ananth@in.ibm.com \
--cc=anton@redhat.com \
--cc=fche@redhat.com \
--cc=jistone@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.