From: Mark Rutland <mark.rutland@arm.com>
To: Jeremy Linton <jeremy.linton@arm.com>
Cc: linux-trace-kernel@vger.kernel.org,
linux-perf-users@vger.kernel.org, mhiramat@kernel.org,
oleg@redhat.com, peterz@infradead.org, acme@kernel.org,
namhyung@kernel.org, alexander.shishkin@linux.intel.com,
jolsa@kernel.org, irogers@google.com, adrian.hunter@intel.com,
kan.liang@linux.intel.com, thiago.bauermann@linaro.org,
broonie@kernel.org, yury.khrustalev@arm.com,
kristina.martsenko@arm.com, liaochang1@huawei.com,
catalin.marinas@arm.com, will@kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 6/7] uprobes: Allow the use of uprobe_warn() in arch code
Date: Wed, 19 Mar 2025 14:34:25 +0000 [thread overview]
Message-ID: <Z9rV8YbThvW2r69-@J2N7QTR9R3> (raw)
In-Reply-To: <20250318204841.373116-7-jeremy.linton@arm.com>
On Tue, Mar 18, 2025 at 03:48:40PM -0500, Jeremy Linton wrote:
> The uprobe_warn function is limited to the uprobe core,
> but the functionality is useful to report arch specific errors.
>
> Drop the static so it can be used in those code paths.
>
> Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
NAK to the arm64 additions.
There is no reason to print a warning message for something that does
not adversely affect the kernel, and where buggy or malicious userspace
can trigger the warning when the kernel is behaving correctly.
This isn't even ratelimited.
Mark.
> ---
> arch/arm64/kernel/probes/simulate-insn.c | 8 ++++++--
> arch/arm64/kernel/probes/uprobes.c | 4 ++++
> include/linux/uprobes.h | 1 +
> kernel/events/uprobes.c | 2 +-
> 4 files changed, 12 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm64/kernel/probes/simulate-insn.c b/arch/arm64/kernel/probes/simulate-insn.c
> index 1fc9bb69b1eb..fe637fec8f36 100644
> --- a/arch/arm64/kernel/probes/simulate-insn.c
> +++ b/arch/arm64/kernel/probes/simulate-insn.c
> @@ -56,8 +56,10 @@ static inline void update_lr(struct pt_regs *regs, long addr)
>
> if (user_mode(regs) && task_gcs_el0_enabled(current)) {
> push_user_gcs(addr + 4, &err);
> - if (err)
> + if (err) {
> + uprobe_warn(current, "GCS stack push failure");
> force_sig(SIGSEGV);
> + }
> }
> procedure_link_pointer_set(regs, addr + 4);
> }
> @@ -160,8 +162,10 @@ simulate_ret(u32 opcode, long addr, struct pt_regs *regs)
>
> if (user_mode(regs) && task_gcs_el0_enabled(current)) {
> ret_addr = pop_user_gcs(&err);
> - if (err || ret_addr != procedure_link_pointer(regs))
> + if (err || ret_addr != procedure_link_pointer(regs)) {
> + uprobe_warn(current, "GCS RET address mismatch");
> force_sig(SIGSEGV);
> + }
> }
>
> }
> diff --git a/arch/arm64/kernel/probes/uprobes.c b/arch/arm64/kernel/probes/uprobes.c
> index 5e72409a255a..9349d521316c 100644
> --- a/arch/arm64/kernel/probes/uprobes.c
> +++ b/arch/arm64/kernel/probes/uprobes.c
> @@ -54,6 +54,7 @@ int arch_uprobe_analyze_insn(struct arch_uprobe *auprobe, struct mm_struct *mm,
>
> switch (arm_probe_decode_insn(insn, &auprobe->api)) {
> case INSN_REJECTED:
> + uprobe_warn(current, "Unsupported instruction at probe location");
> return -EINVAL;
>
> case INSN_GOOD_NO_SLOT:
> @@ -169,6 +170,7 @@ arch_uretprobe_hijack_return_addr(unsigned long trampoline_vaddr,
> gcspr = read_sysreg_s(SYS_GCSPR_EL0);
> gcs_ret_vaddr = load_user_gcs((unsigned long __user *)gcspr, &err);
> if (err) {
> + uprobe_warn(current, "GCS stack not available for retprobe");
> force_sig(SIGSEGV);
> goto out;
> }
> @@ -180,11 +182,13 @@ arch_uretprobe_hijack_return_addr(unsigned long trampoline_vaddr,
> * a GCS exception.
> */
> if (gcs_ret_vaddr != orig_ret_vaddr) {
> + uprobe_warn(current, "LR/GCS mismatch, likely due to incorrectly placed retprobe");
> orig_ret_vaddr = -1;
> goto out;
> }
> put_user_gcs(trampoline_vaddr, (unsigned long __user *) gcspr, &err);
> if (err) {
> + uprobe_warn(current, "GCS stack update failure during retprobe");
> force_sig(SIGSEGV);
> goto out;
> }
> diff --git a/include/linux/uprobes.h b/include/linux/uprobes.h
> index b1df7d792fa1..9578ef1ea5a3 100644
> --- a/include/linux/uprobes.h
> +++ b/include/linux/uprobes.h
> @@ -185,6 +185,7 @@ struct uprobes_state {
> };
>
> extern void __init uprobes_init(void);
> +extern void uprobe_warn(struct task_struct *t, const char *msg);
> extern int set_swbp(struct arch_uprobe *aup, struct mm_struct *mm, unsigned long vaddr);
> extern int set_orig_insn(struct arch_uprobe *aup, struct mm_struct *mm, unsigned long vaddr);
> extern bool is_swbp_insn(uprobe_opcode_t *insn);
> diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c
> index b4ca8898fe17..613c1c76f227 100644
> --- a/kernel/events/uprobes.c
> +++ b/kernel/events/uprobes.c
> @@ -118,7 +118,7 @@ struct xol_area {
> unsigned long vaddr; /* Page(s) of instruction slots */
> };
>
> -static void uprobe_warn(struct task_struct *t, const char *msg)
> +void uprobe_warn(struct task_struct *t, const char *msg)
> {
> pr_warn("uprobe: %s:%d failed to %s\n", current->comm, current->pid, msg);
> }
> --
> 2.48.1
>
next prev parent reply other threads:[~2025-03-19 14:36 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-18 20:48 [PATCH 0/7] arm64: Enable UPROBES with GCS Jeremy Linton
2025-03-18 20:48 ` [PATCH 1/7] arm64/gcs: task_gcs_el0_enable() should use passed task Jeremy Linton
2025-03-19 13:12 ` Mark Brown
2025-03-19 14:26 ` Mark Rutland
2025-03-19 15:03 ` Mark Brown
2025-03-18 20:48 ` [PATCH 2/7] arm64: probes: Break ret out from bl/blr Jeremy Linton
2025-03-18 20:48 ` [PATCH 3/7] arm64: uaccess: Add additional userspace GCS accessors Jeremy Linton
2025-03-19 13:24 ` Mark Brown
2025-03-21 23:43 ` Jeremy Linton
2025-03-25 18:23 ` Mark Brown
2025-03-18 20:48 ` [PATCH 4/7] arm64: probes: Add GCS support to bl/blr/ret Jeremy Linton
2025-03-18 20:48 ` [PATCH 5/7] arm64: uprobes: Add GCS support to uretprobes Jeremy Linton
2025-03-18 20:48 ` [PATCH 6/7] uprobes: Allow the use of uprobe_warn() in arch code Jeremy Linton
2025-03-19 13:32 ` Mark Brown
2025-03-19 14:34 ` Mark Rutland [this message]
2025-03-19 14:51 ` Oleg Nesterov
2025-03-19 16:40 ` Jeremy Linton
2025-03-18 20:48 ` [PATCH 7/7] arm64: Kconfig: Remove GCS restrictions on UPROBES Jeremy Linton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z9rV8YbThvW2r69-@J2N7QTR9R3 \
--to=mark.rutland@arm.com \
--cc=acme@kernel.org \
--cc=adrian.hunter@intel.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=irogers@google.com \
--cc=jeremy.linton@arm.com \
--cc=jolsa@kernel.org \
--cc=kan.liang@linux.intel.com \
--cc=kristina.martsenko@arm.com \
--cc=liaochang1@huawei.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mhiramat@kernel.org \
--cc=namhyung@kernel.org \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=thiago.bauermann@linaro.org \
--cc=will@kernel.org \
--cc=yury.khrustalev@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox