Re: [PATCH v3] kernel/kprobes: add re-register safe check for register_kretprobe()

Fri, 10 Nov 2017 03:11:09 -0800 

On Fri, 10 Nov 2017 17:28:33 +0800
JianKang Chen <chenjianka...@huawei.com> wrote:

> From: Chen Jiankang <chenjianka...@huawei.com>
> 
> When there are two same struct kretprobe rp, the INIT_HLIST_HEAD()
> will result in a empty list table rp->free_instances. The memory leak
> will happen. So it needs to add re-register safe check by
> __get_valid_kprobe().

Under rcu read lock :) Please see below comment.

> 
> However, current this is not safe for multi-threadings, because
> there is still a chance to re-register kretprobe concurrently.
> So I add a kretprobe_mutex lock to protect the INIT_LIST_HEAD;
> 
> Signed-off-by: Chen Jiankang <chenjianka...@huawei.com>
> ---
>  kernel/kprobes.c | 12 +++++++++++-
>  1 file changed, 11 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index a1606a4..5ff8f69 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -67,6 +67,7 @@
>  
>  /* This protects kprobe_table and optimizing_list */
>  static DEFINE_MUTEX(kprobe_mutex);
> +static DEFINE_MUTEX(kretprobe_mutex);
>  static DEFINE_PER_CPU(struct kprobe *, kprobe_instance) = NULL;
>  static struct {
>       raw_spinlock_t lock ____cacheline_aligned_in_smp;
> @@ -1947,6 +1948,12 @@ int register_kretprobe(struct kretprobe *rp)
>               rp->maxactive = num_possible_cpus();
>  #endif
>       }
> +
> +     mutex_lock(&kretprobe_mutex);
> +     if (__get_valid_kprobe(&rp->kp)) {

__get_valid_kprobe() must be called under rcu_read_lock or preempt disabled,
because it tracks down the rcu list.

Thank you.



> +             ret = -EINVAL;
> +             goto out;
> +     }
>       raw_spin_lock_init(&rp->lock);
>       INIT_HLIST_HEAD(&rp->free_instances);
>       for (i = 0; i < rp->maxactive; i++) {
> @@ -1954,7 +1961,8 @@ int register_kretprobe(struct kretprobe *rp)
>                              rp->data_size, GFP_KERNEL);
>               if (inst == NULL) {
>                       free_rp_inst(rp);
> -                     return -ENOMEM;
> +                     ret = -ENOMEM;
> +                     goto out;
>               }
>               INIT_HLIST_NODE(&inst->hlist);
>               hlist_add_head(&inst->hlist, &rp->free_instances);
> @@ -1965,6 +1973,8 @@ int register_kretprobe(struct kretprobe *rp)
>       ret = register_kprobe(&rp->kp);
>       if (ret != 0)
>               free_rp_inst(rp);
> +out:
> +     mutex_unlock(&kretprobe_mutex);
>       return ret;
>  }
>  EXPORT_SYMBOL_GPL(register_kretprobe);
> -- 
> 1.7.12.4
> 


-- 
Masami Hiramatsu <mhira...@kernel.org>

Reply via email to