Re: [PATCH] kretprobe: avoid re-registration of the same kretprobe earlier

From: "Wangshaobo (bobo)" <bobo.shaobowang@huawei.com>
To: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Steven Rostedt <rostedt@goodmis.org>,
	<naveen.n.rao@linux.ibm.com>, <anil.s.keshavamurthy@intel.com>,
	<davem@davemloft.net>, <linux-kernel@vger.kernel.org>,
	<huawei.libin@huawei.com>, <cj.chengjian@huawei.com>
Subject: Re: [PATCH] kretprobe: avoid re-registration of the same kretprobe earlier
Date: Tue, 15 Dec 2020 16:39:30 +0800	[thread overview]
Message-ID: <4b1db6c0-2ff3-f163-7d03-ebc594971005@huawei.com> (raw)
In-Reply-To: <20201215123119.35258dd5006942be247600db@kernel.org>

Hi Masami,

I will update and resend it soon

Thank you

-- ShaoBo

在 2020/12/15 11:31, Masami Hiramatsu 写道:
> Hi ShaoBo,
>
> On Wed, 2 Dec 2020 09:23:35 +0800
> "Wangshaobo (bobo)" <bobo.shaobowang@huawei.com> wrote:
>
>> Hi steve, Masami,
>>
>> Thanks for your works, i will check code again and modify properly
>> according to steve's suggestion.
>>
> Can you update your patch and resend it?
>
> Thank you,
>
>> -- ShaoBo
>>
>> 在 2020/12/2 7:32, Masami Hiramatsu 写道:
>>> On Mon, 30 Nov 2020 16:18:50 -0500
>>> Steven Rostedt <rostedt@goodmis.org> wrote:
>>>
>>>> Masami,
>>>>
>>>> Can you review this patch, and also, should this go to -rc and stable?
>>>>
>>>> -- Steve
>>> Thanks for ping me!
>>>
>>>> On Tue, 24 Nov 2020 19:57:19 +0800
>>>> Wang ShaoBo <bobo.shaobowang@huawei.com> wrote:
>>>>
>>>>> Our system encountered a re-init error when re-registering same kretprobe,
>>>>> where the kretprobe_instance in rp->free_instances is illegally accessed
>>>>> after re-init.
>>> Ah, OK. Anyway if re-register happens on kretprobe, it must lose instances
>>> on the list before checking re-register in register_kprobe().
>>> So the idea looks good to me.
>>>
>>>
>>>>> Implementation to avoid re-registration has been introduced for kprobe
>>>>> before, but lags for register_kretprobe(). We must check if kprobe has
>>>>> been re-registered before re-initializing kretprobe, otherwise it will
>>>>> destroy the data struct of kretprobe registered, which can lead to memory
>>>>> leak, system crash, also some unexpected behaviors.
>>>>>
>>>>> we use check_kprobe_rereg() to check if kprobe has been re-registered
>>>>> before calling register_kretprobe(), for giving a warning message and
>>>>> terminate registration process.
>>>>>
>>>>> Signed-off-by: Wang ShaoBo <bobo.shaobowang@huawei.com>
>>>>> Signed-off-by: Cheng Jian <cj.chengjian@huawei.com>
>>>>> ---
>>>>>    kernel/kprobes.c | 8 ++++++++
>>>>>    1 file changed, 8 insertions(+)
>>>>>
>>>>> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
>>>>> index 41fdbb7953c6..7f54a70136f3 100644
>>>>> --- a/kernel/kprobes.c
>>>>> +++ b/kernel/kprobes.c
>>>>> @@ -2117,6 +2117,14 @@ int register_kretprobe(struct kretprobe *rp)
>>>>>    		}
>>>>>    	}
>>>>>    
>>>>> +	/*
>>>>> +	 * Return error if it's being re-registered,
>>>>> +	 * also give a warning message to the developer.
>>>>> +	 */
>>>>> +	ret = check_kprobe_rereg(&rp->kp);
>>>>> +	if (WARN_ON(ret))
>>>>> +		return ret;
>>> If you call this here, you must make sure kprobe_addr() is called on rp->kp.
>>> But if kretprobe_blacklist_size == 0, kprobe_addr() is not called before
>>> this check. So it should be in between kprobe_on_func_entry() and
>>> kretprobe_blacklist_size check, like this
>>>
>>> 	if (!kprobe_on_func_entry(rp->kp.addr, rp->kp.symbol_name, rp->kp.offset))
>>> 		return -EINVAL;
>>>
>>> 	addr = kprobe_addr(&rp->kp);
>>> 	if (IS_ERR(addr))
>>> 		return PTR_ERR(addr);
>>> 	rp->kp.addr = addr;
>>>
>>> 	ret = check_kprobe_rereg(&rp->kp);
>>> 	if (WARN_ON(ret))
>>> 		return ret;
>>>
>>>           if (kretprobe_blacklist_size) {
>>> 		for (i = 0; > > +	ret = check_kprobe_rereg(&rp->kp);
>>>
>>>
>>> Thank you,
>>>
>>>
>