Re: [RFC PATCH 2/2] x86/kprobes: Prohibit probing on compiler generated CFI checking code

From: Peter Zijlstra
Date: Mon Jul 10 2023 - 12:21:19 EST


On Mon, Jul 10, 2023 at 06:16:43PM +0200, Peter Zijlstra wrote:

> diff --git a/kernel/cfi.c b/kernel/cfi.c
> index 08caad776717..2656e6ffa013 100644
> --- a/kernel/cfi.c
> +++ b/kernel/cfi.c
> @@ -31,16 +31,22 @@ static inline unsigned long trap_address(s32 *p)
> return (unsigned long)((long)p + (long)*p);
> }
>
> -static bool is_trap(unsigned long addr, s32 *start, s32 *end)
> +static long cfi_trap_distance(unsigned long addr, s32 *start, s32 *end)
> {
> + long dist = LONG_MAX;
> s32 *p;
>
> for (p = start; p < end; ++p) {
> - if (trap_address(p) == addr)
> - return true;
> + long d = trap_address(p) - addr;
> +
> + if (abs(dist) < abs(d)) {

Not that I expect anybody will care, but that should obviously be:

abs(d) < abs(dist)

> + dist = d;
> + if (dist == 0)
> + return 0;
> + }
> }
>
> - return false;
> + return dist;
> }