Re: [PATCH -tip v2 3/3] [BUGFIX] kprobes: Prohibit probing onfunc_ptr_is_kernel_text

From: Steven Rostedt
Date: Tue Nov 05 2013 - 08:13:26 EST

On Tue, 5 Nov 2013 08:05:37 +0100
Ingo Molnar <mingo@xxxxxxxxxx> wrote:

> The macro magic I can think of would need to change the syntax of the
> function definition - for example that is how the SYSCALL_DEFINE*() macros
> work.

Or something like the EXPORT_SYMBOL(), but that wouldn't include the
size of the function. But using the name we could use kallsyms to see
if a probe is placed in a function that is blacklisted. Not very pretty
to do though.

> It would be nice if there was a GCC extension that marked a function
> noinline and allowed the emitting of the function's address (and size)
> into a special section - but I'm not aware of any such compiler feature
> today.

Yeah, I was wishing the same thing. Maybe I'll try to talk with the gcc
folks about adding such a feature. Something like

void __attribute__((save_loc_and_size(".section"))) function(void)

-- Steve

