[PATCH 2/4] ftrace/x86: Do not crash when reading wrong ftrace func

From: Petr Mladek
Date: Wed Jun 22 2016 - 09:49:06 EST

Next message: Colin Ian King: "[PATCH] spi: ti-qspi: spelling mistake: "trasnfers" -> "transfers""
Previous message: Chen-Yu Tsai: "[PATCH] regmap: Support bulk writes for devices without raw formatting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ftrace modifies the code on many locations. It is paranoid
and avoid a kernel crash using probe_kernel_read() and
probe_kernel_write(). The only exception is update_ftrace_func()
where where we read the old code using memcpy().

It is true that this function is used only to modify well
defined functions that are part of the ftrace API. But
it might still make sense to be paranoid and be consistent
with the writing side.

Signed-off-by: Petr Mladek <pmladek@xxxxxxxx>
---
arch/x86/kernel/ftrace.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c
index 42ea69d35dfd..951c4bd639c4 100644
--- a/arch/x86/kernel/ftrace.c
+++ b/arch/x86/kernel/ftrace.c
@@ -233,7 +233,13 @@ static int update_ftrace_func(unsigned long ip, void *new)
unsigned char old[MCOUNT_INSN_SIZE];
int ret;

- memcpy(old, (void *)ip, MCOUNT_INSN_SIZE);
+ /*
+ * ip points to the ftrace infrastructure. If this fails,
+ * then something is totally messed up.
+ */
+ ret = probe_kernel_read(old, (void *)ip, MCOUNT_INSN_SIZE);
+ if (WARN_ON(ret))
+ return -EFAULT;

/*
* Make sure that we replace 5-byte instruction that
--
1.8.5.6

Next message: Colin Ian King: "[PATCH] spi: ti-qspi: spelling mistake: "trasnfers" -> "transfers""
Previous message: Chen-Yu Tsai: "[PATCH] regmap: Support bulk writes for devices without raw formatting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]