Re: [PATCH 0/2] [GIT PULL] tracing: Two more fixes

From: Linus Torvalds
Date: Fri Feb 15 2019 - 12:09:01 EST

On Fri, Feb 15, 2019 at 6:21 AM Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> - Have kprobes not use copy_from_user to access kernel addresses
> as this is now considered a security issue.

No, you people are confused.

The problem isn't that it's using a user access function on kernel memory.

The problem is that it's using a user access function on a complete
garbage pointer that happens to not even be a valid pointer at all.

You get a GP fault because the code tries to access an address at

That's not a valid pointer on x86-64. Nothing to do with user or
kernel, everything to do with "it's garbage".

Switching over to probe_mem_read() just means that even non-canonical
address faults are ignored. But it has absolutely nothing to do with
"kernel addresses" or any security issues.

So the patch looks like it might be ok, but the explanations for it
are garbage and only confuse the issue.

Please fix the explanations, I don't want to have actively wrong
commit messages for when people start looking at things like this.