Re: [PATCH 1/2] x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK

From: Peter Zijlstra
Date: Wed Sep 07 2022 - 09:05:35 EST

Next message: Jason A. Donenfeld: "Re: [PATCH] random / hw_random: core: start hwrng kthread also for untrusted sources"
Previous message: Kent Overstreet: "Re: [RFC PATCH 00/30] Code tagging framework and applications"
In reply to: Peter Zijlstra: "Re: [PATCH 1/2] x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK"
Next in thread: Google: "Re: [PATCH 1/2] x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 07, 2022 at 10:02:41AM +0200, Peter Zijlstra wrote:

> struct queue q;
>
> start = paddr - offset;
> end = start + size;
> push(&q, paddr - offset);
>
> while (start = pop(&q)) {
> for_each_insn(&insn, start, end, buf) {
> if (insn.kaddr == paddr)
> return 1;
>
> target = insn_get_branch_addr(&insn);
> if (target)
> push(&q, target);
>
> if (dead_end_insn(&insn))
> break;
> }
> }

There is the very rare case of intra-function-calls; but I *think*
they're all in noinstr/nokprobe code anyway.

For instance we have RSB stuffing code like:

.rept 16
call 1f;
int3
1:
.endr
add $(BITS_PER_LONG/8) * 16, %_ASM_SP

And the proposed will be horribly confused by that. But like said; it
should also never try and untangle it.

Next message: Jason A. Donenfeld: "Re: [PATCH] random / hw_random: core: start hwrng kthread also for untrusted sources"
Previous message: Kent Overstreet: "Re: [RFC PATCH 00/30] Code tagging framework and applications"
In reply to: Peter Zijlstra: "Re: [PATCH 1/2] x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK"
Next in thread: Google: "Re: [PATCH 1/2] x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]