From: Masami Hiramatsu <mhiramat@kernel.org>
To: Masami Hiramatsu <mhiramat@kernel.org>
Cc: stable@vger.kernel.org, Jianlin.Lv@arm.com, rostedt@goodmis.org
Subject: Re: [PATCH 4.19.y] tracing/kprobe: Fix to support kretprobe events on unloaded modules
Date: Wed, 10 Feb 2021 19:24:27 +0900 [thread overview]
Message-ID: <20210210192427.bb15c80ca90618f368adf7e6@kernel.org> (raw)
In-Reply-To: <161295249877.311478.554843513199648098.stgit@devnote2>
On Wed, 10 Feb 2021 19:21:38 +0900
Masami Hiramatsu <mhiramat@kernel.org> wrote:
Oops, forgot to add upstream commit hash. Let me send v2.
> Fix kprobe_on_func_entry() returns error code instead of false so that
> register_kretprobe() can return an appropriate error code.
>
> append_trace_kprobe() expects the kprobe registration returns -ENOENT
> when the target symbol is not found, and it checks whether the target
> module is unloaded or not. If the target module doesn't exist, it
> defers to probe the target symbol until the module is loaded.
>
> However, since register_kretprobe() returns -EINVAL instead of -ENOENT
> in that case, it always fail on putting the kretprobe event on unloaded
> modules. e.g.
>
> Kprobe event:
> /sys/kernel/debug/tracing # echo p xfs:xfs_end_io >> kprobe_events
> [ 16.515574] trace_kprobe: This probe might be able to register after target module is loaded. Continue.
>
> Kretprobe event: (p -> r)
> /sys/kernel/debug/tracing # echo r xfs:xfs_end_io >> kprobe_events
> sh: write error: Invalid argument
> /sys/kernel/debug/tracing # cat error_log
> [ 41.122514] trace_kprobe: error: Failed to register probe event
> Command: r xfs:xfs_end_io
> ^
>
> To fix this bug, change kprobe_on_func_entry() to detect symbol lookup
> failure and return -ENOENT in that case. Otherwise it returns -EINVAL
> or 0 (succeeded, given address is on the entry).
>
> Link: https://lkml.kernel.org/r/161176187132.1067016.8118042342894378981.stgit@devnote2
>
> Cc: stable@vger.kernel.org
> Fixes: 59158ec4aef7 ("tracing/kprobes: Check the probe on unloaded module correctly")
> Reported-by: Jianlin Lv <Jianlin.Lv@arm.com>
> Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
> ---
> include/linux/kprobes.h | 2 +-
> kernel/kprobes.c | 34 +++++++++++++++++++++++++---------
> kernel/trace/trace_kprobe.c | 4 ++--
> 3 files changed, 28 insertions(+), 12 deletions(-)
>
> diff --git a/include/linux/kprobes.h b/include/linux/kprobes.h
> index 9f22652d69bb..c28204e22b54 100644
> --- a/include/linux/kprobes.h
> +++ b/include/linux/kprobes.h
> @@ -245,7 +245,7 @@ extern void kprobes_inc_nmissed_count(struct kprobe *p);
> extern bool arch_within_kprobe_blacklist(unsigned long addr);
> extern int arch_populate_kprobe_blacklist(void);
> extern bool arch_kprobe_on_func_entry(unsigned long offset);
> -extern bool kprobe_on_func_entry(kprobe_opcode_t *addr, const char *sym, unsigned long offset);
> +extern int kprobe_on_func_entry(kprobe_opcode_t *addr, const char *sym, unsigned long offset);
>
> extern bool within_kprobe_blacklist(unsigned long addr);
> extern int kprobe_add_ksym_blacklist(unsigned long entry);
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index 2161f519d481..ebbd4320143d 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -1921,29 +1921,45 @@ bool __weak arch_kprobe_on_func_entry(unsigned long offset)
> return !offset;
> }
>
> -bool kprobe_on_func_entry(kprobe_opcode_t *addr, const char *sym, unsigned long offset)
> +/**
> + * kprobe_on_func_entry() -- check whether given address is function entry
> + * @addr: Target address
> + * @sym: Target symbol name
> + * @offset: The offset from the symbol or the address
> + *
> + * This checks whether the given @addr+@offset or @sym+@offset is on the
> + * function entry address or not.
> + * This returns 0 if it is the function entry, or -EINVAL if it is not.
> + * And also it returns -ENOENT if it fails the symbol or address lookup.
> + * Caller must pass @addr or @sym (either one must be NULL), or this
> + * returns -EINVAL.
> + */
> +int kprobe_on_func_entry(kprobe_opcode_t *addr, const char *sym, unsigned long offset)
> {
> kprobe_opcode_t *kp_addr = _kprobe_addr(addr, sym, offset);
>
> if (IS_ERR(kp_addr))
> - return false;
> + return PTR_ERR(kp_addr);
>
> - if (!kallsyms_lookup_size_offset((unsigned long)kp_addr, NULL, &offset) ||
> - !arch_kprobe_on_func_entry(offset))
> - return false;
> + if (!kallsyms_lookup_size_offset((unsigned long)kp_addr, NULL, &offset))
> + return -ENOENT;
>
> - return true;
> + if (!arch_kprobe_on_func_entry(offset))
> + return -EINVAL;
> +
> + return 0;
> }
>
> int register_kretprobe(struct kretprobe *rp)
> {
> - int ret = 0;
> + int ret;
> struct kretprobe_instance *inst;
> int i;
> void *addr;
>
> - if (!kprobe_on_func_entry(rp->kp.addr, rp->kp.symbol_name, rp->kp.offset))
> - return -EINVAL;
> + ret = kprobe_on_func_entry(rp->kp.addr, rp->kp.symbol_name, rp->kp.offset);
> + if (ret)
> + return ret;
>
> if (kretprobe_blacklist_size) {
> addr = kprobe_addr(&rp->kp);
> diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
> index 5c17f70c7f2d..61eff45653f5 100644
> --- a/kernel/trace/trace_kprobe.c
> +++ b/kernel/trace/trace_kprobe.c
> @@ -112,9 +112,9 @@ bool trace_kprobe_on_func_entry(struct trace_event_call *call)
> {
> struct trace_kprobe *tk = (struct trace_kprobe *)call->data;
>
> - return kprobe_on_func_entry(tk->rp.kp.addr,
> + return (kprobe_on_func_entry(tk->rp.kp.addr,
> tk->rp.kp.addr ? NULL : tk->rp.kp.symbol_name,
> - tk->rp.kp.addr ? 0 : tk->rp.kp.offset);
> + tk->rp.kp.addr ? 0 : tk->rp.kp.offset) == 0);
> }
>
> bool trace_kprobe_error_injectable(struct trace_event_call *call)
>
--
Masami Hiramatsu <mhiramat@kernel.org>
prev parent reply other threads:[~2021-02-10 10:27 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-10 10:21 [PATCH 4.19.y] tracing/kprobe: Fix to support kretprobe events on unloaded modules Masami Hiramatsu
2021-02-10 10:24 ` Masami Hiramatsu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210210192427.bb15c80ca90618f368adf7e6@kernel.org \
--to=mhiramat@kernel.org \
--cc=Jianlin.Lv@arm.com \
--cc=rostedt@goodmis.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).