From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751837AbcHCETu (ORCPT <rfc822;w@1wt.eu>);
	Wed, 3 Aug 2016 00:19:50 -0400
Received: from mail-qk0-f181.google.com ([209.85.220.181]:32922 "EHLO
	mail-qk0-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750848AbcHCETm (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 3 Aug 2016 00:19:42 -0400
Date: Wed, 3 Aug 2016 09:42:35 +0530
From: Pratyush Anand <panand@redhat.com>
To: Oleg Nesterov <oleg@redhat.com>
Cc: Ananth Mavinakayanahalli <ananth@linux.vnet.ibm.com>,
        Masami Hiramatsu <mhiramat@kernel.org>, linux-kernel@vger.kernel.org,
        srikar@linux.vnet.ibm.com,
        Alexander Shishkin <alexander.shishkin@linux.intel.com>,
        Arnaldo Carvalho de Melo <acme@kernel.org>,
        Ingo Molnar <mingo@redhat.com>, Peter Zijlstra <peterz@infradead.org>
Subject: Re: [PATCH] uprobe: Add uprobe_pre/post_sstep_notifier to
 NOKPROBE_SYMBOL
Message-ID: <20160803041235.GA18785@localhost.localdomain>
References: <66dfa2cb82fc306d42e51adf0f5d819b4695644e.1470120173.git.panand@redhat.com>
 <20160802203035.GA8335@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20160802203035.GA8335@redhat.com>
User-Agent: Mutt/1.6.1 (2016-04-27)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Oleg,

On 02/08/2016:10:30:35 PM, Oleg Nesterov wrote:
> On 08/02, Pratyush Anand wrote:
> >
> > uprobe_pre_sstep_notifier and uprobe_post_sstep_notifier are called from
> > debug exception handler, so blacklist them for kprobing.
> 
> Let me add kprobes maintainers, I am a bit confused...
> 
> > @@ -1997,6 +1998,7 @@ int uprobe_pre_sstep_notifier(struct pt_regs *regs)
> >  	set_thread_flag(TIF_UPROBE);
> >  	return 1;
> >  }
> > +NOKPROBE_SYMBOL(uprobe_pre_sstep_notifier);
> >
> >  /*
> >   * uprobe_post_sstep_notifier gets called in interrupt context as part of notifier
> > @@ -2014,6 +2016,7 @@ int uprobe_post_sstep_notifier(struct pt_regs *regs)
> >  	set_thread_flag(TIF_UPROBE);
> >  	return 1;
> >  }
> > +NOKPROBE_SYMBOL(uprobe_post_sstep_notifier);
> 
> but if we need to blacklist uprobe_pre/post_sstep_notifier then we
> also need to blacklist their caller, arch_uprobe_exception_notify() ?

I think yes, in ARM64 I have done that. However, arm64 does not use notifier
method, so arch_uprobe_exception_notify() is just a dummy function for it.

> 
> and every .notifier_call used in register_die_notifier() ?

I tried to look into x86 notify path related to uprobe_pre/post_sstep_notifier().
I see that calling sequence is like do_int3()-> notify_die() ->
atomic_notifier_call_chain() -> __atomic_notifier_call_chain() ->
notifier_call_chain() -> arch_uprobe_exception_notify().

In this sequence, every function is blacklisted for kprobe except
arch_uprobe_exception_notify(). So, I am unable to understand, if
notifier_call_chain() is not safe for kprobe then how can it be safe for a
function it calls.

~Pratyush