Re: BUG: optimized kprobes illegal instructions in v4.19 stable kernels
From: Kees Cook
Date: Tue Feb 05 2019 - 10:06:30 EST
On Mon, Feb 4, 2019 at 7:15 PM Mathieu Desnoyers
> I notice this commit as a possible culprit of the illegal instructions my lttng
> users are noticing on arm32 when using kprobes on a v4.19.13 Linux kernel
> in a Yocto environment . They were able to reproduce the issue with perf
> as well.
> commit e46daee53bb50bde38805f1823a182979724c229
> Author: Kees Cook <keescook@xxxxxxxxxxxx>
> Date: Tue Oct 30 22:12:56 2018 +0100
> ARM: 8806/1: kprobes: Fix false positive with FORTIFY_SOURCE
> I *think* the intent there was to do
> - memcpy(code, &optprobe_template_entry,
> + memcpy(code, (unsigned long *)&optprobe_template_entry,
> But if you look at the commit, the "&" seems to have been stripped away,
> which happens to change the behavior significantly.
Yeah, this was a typo on my part. :(
> Has this change ever been runtime-tested ?
I thought I had, given the details from the original bug report, but
clearly it didn't exercise it.
Thanks for fixing this!
> It has been backported to:
> - 4.19 stable as commit 3fe0c68aea21
> - 4.14 stable as commit f9e0bc710347
>  https://bugs.lttng.org/issues/1174
> Mathieu Desnoyers
> EfficiOS Inc.