From: Sven Schnelle <svens@linux.ibm.com>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: linux-kernel@vger.kernel.org
Subject: Re: [PATCH] tracing: fix memcpy size when copying stack entries
Date: Wed, 12 Jul 2023 16:32:04 +0200 [thread overview]
Message-ID: <yt9dwmz5dwuz.fsf@linux.ibm.com> (raw)
In-Reply-To: <20230712102621.4c588de9@gandalf.local.home> (Steven Rostedt's message of "Wed, 12 Jul 2023 10:26:21 -0400")
Hi Steven,
Steven Rostedt <rostedt@goodmis.org> writes:
>> As I don't know how the fortifier works, nor what exactly it is checking,
>> do you have any idea on how to quiet it?
>>
>> This is a false positive, as I described before.
>
>
> Hmm, maybe this would work?
>
> diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
> index 4529e264cb86..20122eeccf97 100644
> --- a/kernel/trace/trace.c
> +++ b/kernel/trace/trace.c
> @@ -3118,6 +3118,7 @@ static void __ftrace_trace_stack(struct trace_buffer *buffer,
> struct ftrace_stack *fstack;
> struct stack_entry *entry;
> int stackidx;
> + void *ptr;
>
> /*
> * Add one, for this function and the call to save_stack_trace()
> @@ -3161,9 +3162,25 @@ static void __ftrace_trace_stack(struct trace_buffer *buffer,
> trace_ctx);
> if (!event)
> goto out;
> - entry = ring_buffer_event_data(event);
> + ptr = ring_buffer_event_data(event);
> + entry = ptr;
> +
> + /*
> + * For backward compatibility reasons, the entry->caller is an
> + * array of 8 slots to store the stack. This is also exported
> + * to user space. The amount allocated on the ring buffer actually
> + * holds enough for the stack specified by nr_entries. This will
> + * go into the location of entry->caller. Due to string fortifiers
> + * checking the size of the destination of memcpy() it triggers
> + * when it detects that size is greater than 8. To hide this from
> + * the fortifiers, we use "ptr" and pointer arithmetic to assign caller.
> + *
> + * The below is really just:
> + * memcpy(&entry->caller, fstack->calls, size);
> + */
> + ptr += offsetof(typeof(*entry), caller);
> + memcpy(ptr, fstack->calls, size);
>
> - memcpy(&entry->caller, fstack->calls, size);
> entry->size = nr_entries;
>
> if (!call_filter_check_discard(call, entry, buffer, event))
>
>
I just sent about the same thing without the nice comment. So yes, this
works. :-)
next prev parent reply other threads:[~2023-07-12 14:32 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-12 16:07 [PATCH] tracing: fix memcpy size when copying stack entries Sven Schnelle
2023-06-12 16:34 ` Steven Rostedt
2023-06-13 5:19 ` Sven Schnelle
2023-06-13 15:37 ` Steven Rostedt
2023-06-14 10:41 ` Sven Schnelle
2023-06-14 11:30 ` David Laight
2023-07-12 14:06 ` Sven Schnelle
2023-07-12 14:14 ` Steven Rostedt
2023-07-12 14:26 ` Steven Rostedt
2023-07-12 14:32 ` Sven Schnelle [this message]
2023-07-12 14:31 ` Sven Schnelle
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=yt9dwmz5dwuz.fsf@linux.ibm.com \
--to=svens@linux.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rostedt@goodmis.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.