Re: [PATCH 1/2 v2] kprobe: Do not use uaccess functions to access kernel memory that can fault

From: Masami Hiramatsu
Date: Thu Feb 21 2019 - 10:58:19 EST


On Thu, 21 Feb 2019 09:36:25 -0500
Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:

> On Thu, 21 Feb 2019 16:52:52 +0900
> Masami Hiramatsu <mhiramat@xxxxxxxxxx> wrote:
>
> > Basically OK to me.
> > Could you use probe_kernel_read() in this context, since probe_mem_read() is a
> > wrapper function for template code.
> >
> > With that change,
> >
> > Acked-by: Masami Hiramatsu <mhiramat@xxxxxxxxxx>
>
> This already hit Linus's tree. I was able to reproduce the crash, so I
> streamlined it. I should have still pushed more for your ack first.
> Sorry about that.

Oh, never mind. That seems urgent issue for kprobe event.
Thank you very much for fixing it!

> For some reason, I thought the change was in the generic probe code,
> and accepted the probe_mem_read(). Anyway, did you want to send a patch
> to change it to probe_kernel_read(), for the merge window?

No problem.

> > And for the long term, I need to find more efficient (or smarter) way to do it,
> > like strnlen_user() does.
>
> Agreed.

Thank you,


--
Masami Hiramatsu <mhiramat@xxxxxxxxxx>