All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] kprobes: Fix random address output of blacklist file
@ 2018-04-26  7:19 Thomas Richter
  2018-04-26  8:01 ` Masami Hiramatsu
  0 siblings, 1 reply; 3+ messages in thread
From: Thomas Richter @ 2018-04-26  7:19 UTC (permalink / raw)
  To: ananth, anil.s.keshavamurthy, davem, mhiramat, akpm, acme, rostedt
  Cc: brueckner, schwidefsky, heiko.carstens, Thomas Richter, stable,
	linux-kernel

File /sys/kernel/debug/kprobes/blacklist displays random addresses:

[root@s8360046 linux]# cat /sys/kernel/debug/kprobes/blacklist
0x0000000047149a90-0x00000000bfcb099a	print_type_x8
....

This breaks 'perf probe' which uses the blacklist file to prohibit
probes on certain functions by checking the address range.

Fix this by printing the correct (unhashed) address.

The file mode is read all but this is not an issue as the file
hierarchy points out:
 # ls -ld /sys/ /sys/kernel/ /sys/kernel/debug/ /sys/kernel/debug/kprobes/
	/sys/kernel/debug/kprobes/blacklist
dr-xr-xr-x 12 root root 0 Apr 19 07:56 /sys/
drwxr-xr-x  8 root root 0 Apr 19 07:56 /sys/kernel/
drwx------ 16 root root 0 Apr 19 06:56 /sys/kernel/debug/
drwxr-xr-x  2 root root 0 Apr 19 06:56 /sys/kernel/debug/kprobes/
-r--r--r--  1 root root 0 Apr 19 06:56 /sys/kernel/debug/kprobes/blacklist

Everything in and below /sys/kernel/debug is rwx to root only,
no group or others have access.

Background:
Directory /sys/kernel/debug/kprobes is created by debugfs_create_dir()
which sets the mode bits to rwxr-xr-x. Maybe change that to use the
parent's directory mode bits instead?

Fixes: ad67b74d2469 ("printk: hash addresses printed with %p")
Cc: <stable@vger.kernel.org> # v4.15+
Cc: <linux-kernel@vger.kernel.org>
To: Ananth N Mavinakayanahalli <ananth@linux.vnet.ibm.com>
To: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
To: David S Miller <davem@davemloft.net>
To: Masami Hiramatsu <mhiramat@kernel.org>
To: Andrew Morton <akpm@linux-foundation.org>
To: acme@kernel.org
To: Steven Rostedt <rostedt@goodmis.org>

Signed-off-by: Thomas Richter <tmricht@linux.ibm.com>
---
 kernel/kprobes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 102160ff5c66..ea619021d901 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -2428,7 +2428,7 @@ static int kprobe_blacklist_seq_show(struct seq_file *m, void *v)
 	struct kprobe_blacklist_entry *ent =
 		list_entry(v, struct kprobe_blacklist_entry, list);
 
-	seq_printf(m, "0x%p-0x%p\t%ps\n", (void *)ent->start_addr,
+	seq_printf(m, "0x%px-0x%px\t%ps\n", (void *)ent->start_addr,
 		   (void *)ent->end_addr, (void *)ent->start_addr);
 	return 0;
 }
-- 
2.14.3

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] kprobes: Fix random address output of blacklist file
  2018-04-26  7:19 [PATCH] kprobes: Fix random address output of blacklist file Thomas Richter
@ 2018-04-26  8:01 ` Masami Hiramatsu
  0 siblings, 0 replies; 3+ messages in thread
From: Masami Hiramatsu @ 2018-04-26  8:01 UTC (permalink / raw)
  To: Thomas Richter
  Cc: ananth, anil.s.keshavamurthy, davem, akpm, acme, rostedt,
	brueckner, schwidefsky, heiko.carstens, stable, linux-kernel

On Thu, 26 Apr 2018 09:19:59 +0200
Thomas Richter <tmricht@linux.ibm.com> wrote:

> File /sys/kernel/debug/kprobes/blacklist displays random addresses:
> 
> [root@s8360046 linux]# cat /sys/kernel/debug/kprobes/blacklist
> 0x0000000047149a90-0x00000000bfcb099a	print_type_x8
> ....
> 
> This breaks 'perf probe' which uses the blacklist file to prohibit
> probes on certain functions by checking the address range.
> 
> Fix this by printing the correct (unhashed) address.

Yeah, but I'm not sure recent "%px" policy. I think if the user can
dump kallsyms, this also can be dumped. But kallsyms seems different
policy...

Anyway, please check my series.

https://patchwork.kernel.org/patch/10183629/

It uses to check the kallsyms policy function to check.

Unfortunately, this is not merged. Anyway, I'll repost it (on the top of tip tree)

> 
> The file mode is read all but this is not an issue as the file
> hierarchy points out:
>  # ls -ld /sys/ /sys/kernel/ /sys/kernel/debug/ /sys/kernel/debug/kprobes/
> 	/sys/kernel/debug/kprobes/blacklist
> dr-xr-xr-x 12 root root 0 Apr 19 07:56 /sys/
> drwxr-xr-x  8 root root 0 Apr 19 07:56 /sys/kernel/
> drwx------ 16 root root 0 Apr 19 06:56 /sys/kernel/debug/
> drwxr-xr-x  2 root root 0 Apr 19 06:56 /sys/kernel/debug/kprobes/
> -r--r--r--  1 root root 0 Apr 19 06:56 /sys/kernel/debug/kprobes/blacklist
> 
> Everything in and below /sys/kernel/debug is rwx to root only,
> no group or others have access.
> 
> Background:
> Directory /sys/kernel/debug/kprobes is created by debugfs_create_dir()
> which sets the mode bits to rwxr-xr-x. Maybe change that to use the
> parent's directory mode bits instead?

Good catch! Yes, it should be hardened. 
Anyway, that is out of this topic. I just change blacklist file mode bits
in my series.

Thank you,

> 
> Fixes: ad67b74d2469 ("printk: hash addresses printed with %p")
> Cc: <stable@vger.kernel.org> # v4.15+
> Cc: <linux-kernel@vger.kernel.org>
> To: Ananth N Mavinakayanahalli <ananth@linux.vnet.ibm.com>
> To: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
> To: David S Miller <davem@davemloft.net>
> To: Masami Hiramatsu <mhiramat@kernel.org>
> To: Andrew Morton <akpm@linux-foundation.org>
> To: acme@kernel.org
> To: Steven Rostedt <rostedt@goodmis.org>
> 
> Signed-off-by: Thomas Richter <tmricht@linux.ibm.com>
> ---
>  kernel/kprobes.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index 102160ff5c66..ea619021d901 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -2428,7 +2428,7 @@ static int kprobe_blacklist_seq_show(struct seq_file *m, void *v)
>  	struct kprobe_blacklist_entry *ent =
>  		list_entry(v, struct kprobe_blacklist_entry, list);
>  
> -	seq_printf(m, "0x%p-0x%p\t%ps\n", (void *)ent->start_addr,
> +	seq_printf(m, "0x%px-0x%px\t%ps\n", (void *)ent->start_addr,
>  		   (void *)ent->end_addr, (void *)ent->start_addr);
>  	return 0;
>  }
> -- 
> 2.14.3
> 


-- 
Masami Hiramatsu <mhiramat@kernel.org>

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [PATCH] kprobes: Fix random address output of blacklist file
@ 2018-04-19 10:55 Thomas Richter
  0 siblings, 0 replies; 3+ messages in thread
From: Thomas Richter @ 2018-04-19 10:55 UTC (permalink / raw)
  To: linux-kernel
  Cc: heiko.carstens, brueckner, schwidefsky, Thomas Richter, stable,
	Ananth N Mavinakayanahalli, Anil S Keshavamurthy, David S Miller,
	Masami Hiramatsu, acme, Steven Rostedt

File /sys/kernel/debug/kprobes/blacklist displays random addresses:

[root@s8360046 linux]# cat /sys/kernel/debug/kprobes/blacklist
0x0000000047149a90-0x00000000bfcb099a	print_type_x8
....

This breaks 'perf probe' which uses the blacklist file to prohibit
probes on certain functions by checking the address range.

Fix this by printing the correct (unhashed) address.

The file mode is read all but this is not an issue as the file
hierarchy points out:
 # ls -ld /sys/ /sys/kernel/ /sys/kernel/debug/ /sys/kernel/debug/kprobes/
	/sys/kernel/debug/kprobes/blacklist
dr-xr-xr-x 12 root root 0 Apr 19 07:56 /sys/
drwxr-xr-x  8 root root 0 Apr 19 07:56 /sys/kernel/
drwx------ 16 root root 0 Apr 19 06:56 /sys/kernel/debug/
drwxr-xr-x  2 root root 0 Apr 19 06:56 /sys/kernel/debug/kprobes/
-r--r--r--  1 root root 0 Apr 19 06:56 /sys/kernel/debug/kprobes/blacklist

Everything in and below /sys/kernel/debug is rwx to root only,
no group or others have access.

Background:
Directory /sys/kernel/debug/kprobes is created by debugfs_create_dir()
which sets the mode bits to rwxr-xr-x. Maybe change that to use the
parent's directory mode bits instead?

Fixes: ad67b74d2469 ("printk: hash addresses printed with %p")
Cc: <stable@vger.kernel.org> # v4.15+
Cc: Ananth N Mavinakayanahalli <ananth@linux.vnet.ibm.com>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: David S Miller <davem@davemloft.net>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: acme@kernel.org
Cc: Steven Rostedt <rostedt@goodmis.org>

Signed-off-by: Thomas Richter <tmricht@linux.ibm.com>
---
 kernel/kprobes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 102160ff5c66..ea619021d901 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -2428,7 +2428,7 @@ static int kprobe_blacklist_seq_show(struct seq_file *m, void *v)
 	struct kprobe_blacklist_entry *ent =
 		list_entry(v, struct kprobe_blacklist_entry, list);
 
-	seq_printf(m, "0x%p-0x%p\t%ps\n", (void *)ent->start_addr,
+	seq_printf(m, "0x%px-0x%px\t%ps\n", (void *)ent->start_addr,
 		   (void *)ent->end_addr, (void *)ent->start_addr);
 	return 0;
 }
-- 
2.14.3

^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-04-26  8:01 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-26  7:19 [PATCH] kprobes: Fix random address output of blacklist file Thomas Richter
2018-04-26  8:01 ` Masami Hiramatsu
  -- strict thread matches above, loose matches on Subject: below --
2018-04-19 10:55 Thomas Richter

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.