kprobes: Search non-suffixed symbol in blacklist
authorMasami Hiramatsu <mhiramat@kernel.org>
Tue, 12 Feb 2019 16:13:12 +0000 (01:13 +0900)
committerIngo Molnar <mingo@kernel.org>
Wed, 13 Feb 2019 07:16:40 +0000 (08:16 +0100)
Newer GCC versions can generate some different instances of a function
with suffixed symbols if the function is optimized and only
has a part of that. (e.g. .constprop, .part etc.)

In this case, it is not enough to check the entry of kprobe
blacklist because it only records non-suffixed symbol address.

To fix this issue, search non-suffixed symbol in blacklist if
given address is within a symbol which has a suffix.

Note that this can cause false positive cases if a kprobe-safe
function is optimized to suffixed instance and has same name
symbol which is blacklisted.
But I would like to chose a fail-safe design for this issue.

Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Andrea Righi <righi.andrea@gmail.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/154998799234.31052.6136378903570418008.stgit@devbox
Signed-off-by: Ingo Molnar <mingo@kernel.org>
kernel/kprobes.c

index f4ddfdd2d07ea154387483fa539c3555dd775b10..c83e547271312e9f32ed5447fdb9eef1b8e2c2e7 100644 (file)
@@ -1396,7 +1396,7 @@ bool __weak arch_within_kprobe_blacklist(unsigned long addr)
               addr < (unsigned long)__kprobes_text_end;
 }
 
-bool within_kprobe_blacklist(unsigned long addr)
+static bool __within_kprobe_blacklist(unsigned long addr)
 {
        struct kprobe_blacklist_entry *ent;
 
@@ -1410,7 +1410,26 @@ bool within_kprobe_blacklist(unsigned long addr)
                if (addr >= ent->start_addr && addr < ent->end_addr)
                        return true;
        }
+       return false;
+}
 
+bool within_kprobe_blacklist(unsigned long addr)
+{
+       char symname[KSYM_NAME_LEN], *p;
+
+       if (__within_kprobe_blacklist(addr))
+               return true;
+
+       /* Check if the address is on a suffixed-symbol */
+       if (!lookup_symbol_name(addr, symname)) {
+               p = strchr(symname, '.');
+               if (!p)
+                       return false;
+               *p = '\0';
+               addr = (unsigned long)kprobe_lookup_name(symname, 0);
+               if (addr)
+                       return __within_kprobe_blacklist(addr);
+       }
        return false;
 }