Re: kprobes vs __ex_table[]

From: Masami Hiramatsu
Date: Thu Feb 23 2017 - 20:05:09 EST


On Thu, 23 Feb 2017 19:30:02 +0100
Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:

> Hi Masami,
>
> I just wondered what would happen if I put a probe on an instruction
> that was listed in __ex_table[] or __bug_table[].

Ah, thanks for reporting, I know __ex_table issue and fixed, but
I didn't care about __bug_table.

> And it looks like it will happily do that. It will then run the
> instruction out-of-line, and when said instruction traps, the
> instruction address will not match the one listed in either __ex_table[]
> or __bug_table[] and badness will happen.

For the __ex_table[], at least on x86, kprobes already handles it in
kprobe_fault_handler, which restore regs->ip to original place when
a pagefault happens on singlestepping.

> If kprobes does indeed not check this, we should probably fix it, if it
> does do check this, could you point me to it?

Yeah, for BUG() case, as far as I can see, there is no check about that.
So, there are 2 ways to fix it up, one is to just reject to put kprobes on
UD2, another is fixup trap address as we did for exceptions_table.
I think latter is better because if there is a divide error happening
on single-step, anyway we should fixup the address...

Thank you,

--
Masami Hiramatsu <mhiramat@xxxxxxxxxx>