Re: [PATCH 5/5] uprobes: Change uprobe_copy_process() to dupxol_area

From: Oleg Nesterov
Date: Mon Oct 14 2013 - 11:02:59 EST

Next message: Peter De Schrijver: "Re: [PATCH 1/5] clk: tegra: Add support for PLLSS"
Previous message: Stanimir Varbanov: "Re: [PATCH v2 1/2] ARM: DT: msm: Add Qualcomm's PRNG driver bindingdocument"
In reply to: Peter Zijlstra: "Re: [PATCH 5/5] uprobes: Change uprobe_copy_process() to dup xol_area"
Next in thread: Peter Zijlstra: "Re: [PATCH 5/5] uprobes: Change uprobe_copy_process() to dup xol_area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/14, Peter Zijlstra wrote:
>
> On Sun, Oct 13, 2013 at 09:18:44PM +0200, Oleg Nesterov wrote:
> > This finally fixes the serious bug in uretprobes: a forked child
> > crashes if the parent called fork() with the pending ret probe.
> > ...
> >
> > Unfortunately, this also means that we can not handle the errors
> > properly, we obviously can not abort the already completed fork().
> > So we simply print the warning if GFP_KERNEL allocation (the only
> > possible reason) fails.
>
> Oh cute.. so we could actually ignore this perf_event_mmap() because we
> got it for the parent when we inserted the probe, and the perf tools
> assume the child mm layout is identical to the parent layout (it doesn't
> actually see the VM_DONTCOPY bit).
>
> So we could add: 'if (vma->vm_mm != current->mm) return;' to
> perf_event_mmap() with a very big nasty comment.

Perhaps. I can't really comment, but this is really nasty. I mean, this
simply doesn't look good. perf_event_mmap() will be reported or not
depending on how/why the task creates xol_area.

> That said; should we hide the XOL vma from perf altogether? That is; it
> will greatly obfuscate the perf data to get hits from the XOL table as
> we've got no means of mapping it back to an instruction.

Again, I can't really comment. But this creates the special case. OK,
xol_area is "special" anon mapping anyway, but still. And of course
this needs __install_special_mapping().

So I'd prefer to push these changes as is for now. GFP_KERNEL should
"never" fail and we need the fix for stable.

I agree, in the long term we should fix the inability to handle the
errors correctly. But this needs more changes and more uprobes hooks.
To simplify, suppose that we simply remove perf_event_mmap() from
install_special_mapping() (yes, wes, we cant'). Then we should:

1. revert 1/5, it already moves uprobe_copy_process() to the
point-of-no-return (for 4-5).

2. uprobe_copy_process() can avoid task_work_add() _and_ it can
return an error if dup_utask/dup_xol fails.

3. However, 2. means that we need to handle the potential errors
after uprobe_copy_process() suceeds. This means we need, say,
uprobe_abort_fork() somewhere near bad_fork_cleanup_mm.

So will you agree with task_work for now?

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Peter De Schrijver: "Re: [PATCH 1/5] clk: tegra: Add support for PLLSS"
Previous message: Stanimir Varbanov: "Re: [PATCH v2 1/2] ARM: DT: msm: Add Qualcomm's PRNG driver bindingdocument"
In reply to: Peter Zijlstra: "Re: [PATCH 5/5] uprobes: Change uprobe_copy_process() to dup xol_area"
Next in thread: Peter Zijlstra: "Re: [PATCH 5/5] uprobes: Change uprobe_copy_process() to dup xol_area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]