[PATCH] Reading the VDSO area - i386

[PATCH] Reading the VDSO area - i386

[John Blackwood]

Hi Jeremy,

I was doing some tests that attempt to read the VDSO area of a
task through either the /proc/pid/mem or ptrace(PTRACE_PEEKTEXT,
...) interfaces, and it seems that when the CONFIG_COMPAT_VDSO kernel
parameter is enabled, we can no longer successfully read the VDSO area
on i386 kernels.

I believe that debuggers such as gdb will attempt to sometimes walkback
through the vsyscall area, and not being able to read the vsyscall/vdso
area would thus cause debuggers problems.

So assuming that this change in behavior was not intentional, I've
provided my stab (just an idea) at a fix.  With this change below,
the code in places such as get_user_pages() can now successfully call
in_gate_area() and then subsequently call get_gate_vma(), which already
properly returns the correct info.

Thanks for taking the time to read over this.


---
/userland/johnb/s/os/kernel/linux-2.6.22/arch/i386/kernel/sysenter.c
2007-07-17 08:38:48.000000000 -0400
+++ new/arch/i386/kernel/./sysenter.c	2007-07-17 11:48:28.000000000 -0400
@@ -336,6 +336,14 @@ struct vm_area_struct *get_gate_vma(stru

  int in_gate_area(struct task_struct *task, unsigned long addr)
  {
+	struct mm_struct *mm = task->mm;
+
+	/* Check to see if this task was created in compat vdso mode
+	 * and if the address is within the gate_vma area.
+	 */
+	if (mm && mm->context.vdso == (void *)VDSO_HIGH_BASE &&
+			addr >= gate_vma.vm_start && addr <= gate_vma.vm_end)
+		return 1;
  	return 0;
  }

Re: [PATCH] Reading the VDSO area - i386

[Jeremy Fitzhardinge]

John Blackwood wrote:
> I was doing some tests that attempt to read the VDSO area of a
> task through either the /proc/pid/mem or ptrace(PTRACE_PEEKTEXT,
> ...) interfaces, and it seems that when the CONFIG_COMPAT_VDSO kernel
> parameter is enabled, we can no longer successfully read the VDSO area
> on i386 kernels.

Thanks.  Someone else noticed this recently, and posted a near-identical
patch.  But I can't seem to find it right now...

Andrew, Andi: do you remember something like this passing by?

    J

Re: [PATCH] Reading the VDSO area - i386

[Andi Kleen]

On Tuesday 17 July 2007 18:47:56 Jeremy Fitzhardinge wrote:
> John Blackwood wrote:
> > I was doing some tests that attempt to read the VDSO area of a
> > task through either the /proc/pid/mem or ptrace(PTRACE_PEEKTEXT,
> > ...) interfaces, and it seems that when the CONFIG_COMPAT_VDSO kernel
> > parameter is enabled, we can no longer successfully read the VDSO area
> > on i386 kernels.
> 
> Thanks.  Someone else noticed this recently, and posted a near-identical
> patch.  But I can't seem to find it right now...
> 
> Andrew, Andi: do you remember something like this passing by?

Yes it was from Jan Beulich.

-Andi

Re: [PATCH] Reading the VDSO area - i386

[Jeremy Fitzhardinge]

Andi Kleen wrote:
> On Tuesday 17 July 2007 18:47:56 Jeremy Fitzhardinge wrote:
>   
>> John Blackwood wrote:
>>     
>>> I was doing some tests that attempt to read the VDSO area of a
>>> task through either the /proc/pid/mem or ptrace(PTRACE_PEEKTEXT,
>>> ...) interfaces, and it seems that when the CONFIG_COMPAT_VDSO kernel
>>> parameter is enabled, we can no longer successfully read the VDSO area
>>> on i386 kernels.
>>>       
>> Thanks.  Someone else noticed this recently, and posted a near-identical
>> patch.  But I can't seem to find it right now...
>>
>> Andrew, Andi: do you remember something like this passing by?
>>     
>
> Yes it was from Jan Beulich.
>   

Ah, yes.  For some reason I can't find it in my archives.  Do you have
it queued up?

    J

Re: [PATCH] Reading the VDSO area - i386

[Andi Kleen]

> 
> Ah, yes.  For some reason I can't find it in my archives.  Do you have
> it queued up?

Yes

-Andi