Re: [PATCH -next v2] uprobes: fix two zero old_folio bugs in __replace_page()
From: Tong Tiangen
Date: Sat Feb 22 2025 - 02:20:35 EST
在 2025/2/22 10:37, Tong Tiangen 写道:
在 2025/2/21 23:28, Oleg Nesterov 写道:
On 02/21, Tong Tiangen wrote:
--- a/kernel/events/uprobes.c
+++ b/kernel/events/uprobes.c
@@ -506,6 +506,11 @@ int uprobe_write_opcode(struct arch_uprobe
*auprobe, struct mm_struct *mm,
if (ret <= 0)
goto put_old;
+ if (is_zero_page(old_page)) {
+ ret = -EINVAL;
+ goto put_old;
+ }
I agree with David, the subject looks a bit misleading.
And. I won't insist, this is cosmetic, but if you send V2 please consider
moving the "verify_opcode()" check down, after the
is_zero_page/PageCompound
checks.
Oleg.
OK, check the validity of the old page first and modify the subject in
v3 .
Thanks.
I'm going to add a new patch to moving the "verify_opcode()" check down
, IIUC that "!PageAnon(old_page)" below also needs to be moved together,
and as David said this can be triggered by user space, so delete the use
of "WARN", as follows:
@@ -502,20 +502,16 @@ int uprobe_write_opcode(struct arch_uprobe
*auprobe, struct mm_struct *mm,
if (IS_ERR(old_page))
return PTR_ERR(old_page);
- ret = verify_opcode(old_page, vaddr, &opcode);
- if (ret <= 0)
+ ret = -EINVAL;
+ if (is_zero_page(old_page))
goto put_old;
- if (is_zero_page(old_page)) {
- ret = -EINVAL;
+ if (!is_register && (PageCompound(old_page) || !PageAnon(old_page)))
goto put_old;
- }
- if (WARN(!is_register && PageCompound(old_page),
- "uprobe unregister should never work on compound
page\n")) {
- ret = -EINVAL;
+ ret = verify_opcode(old_page, vaddr, &opcode);
+ if (ret <= 0)
goto put_old;
- }
/* We are going to replace instruction, update ref_ctr. */
if (!ref_ctr_updated && uprobe->ref_ctr_offset) {
@@ -526,10 +522,6 @@ int uprobe_write_opcode(struct arch_uprobe
*auprobe, struct mm_struct *mm,
ref_ctr_updated = 1;
}
- ret = 0;
- if (!is_register && !PageAnon(old_page))
- goto put_old;
-
ret = anon_vma_prepare(vma);
Thanks.
.
.