Re: [PATCH] uprobes: ensure that uprobe->offset and ->ref_ctr_offset are properly aligned
From: Steven Rostedt
Date: Wed May 06 2020 - 08:51:48 EST
On Wed, 6 May 2020 10:59:55 +0530
Srikar Dronamraju <srikar@xxxxxxxxxxxxxxxxxx> wrote:
> * Oleg Nesterov <oleg@xxxxxxxxxx> [2020-05-04 18:47:25]:
>
> > uprobe_write_opcode() must not cross page boundary; prepare_uprobe()
> > relies on arch_uprobe_analyze_insn() which should validate "vaddr" but
> > some architectures (csky, s390, and sparc) don't do this.
> >
> > We can remove the BUG_ON() check in prepare_uprobe() and validate the
> > offset early in __uprobe_register(). The new IS_ALIGNED() check matches
> > the alignment check in arch_prepare_kprobe() on supported architectures,
> > so I think that all insns must be aligned to UPROBE_SWBP_INSN_SIZE.
> >
> > Another problem is __update_ref_ctr() which was wrong from the very
> > beginning, it can read/write outside of kmap'ed page unless "vaddr" is
> > aligned to sizeof(short), __uprobe_register() should check this too.
> >
> > Cc: stable@xxxxxxxxxxxxxxx
> > Reported-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> > Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> > Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
>
> Thanks Oleg.
>
> Looks good to me.
>
> Reviewed-by: Srikar Dronamraju <srikar@xxxxxxxxxxxxxxxxxx>
> > ---
>
Thanks Oleg, Srikar and Sven.
As this is in the kernel/events/ directory, I'm guessing it should be taken
through the tip tree?
-- Steve