----- On Feb 5, 2019, at 10:04 AM, Kees Cook [email protected] wrote: > On Mon, Feb 4, 2019 at 9:52 PM Mathieu Desnoyers > <[email protected]> wrote: >> >> commit e46daee53bb5 "ARM: 8806/1: kprobes: Fix false positive with >> FORTIFY_SOURCE" >> introduced a regression in optimized kprobes. It triggers "invalid >> instruction" oopses when using kprobes instrumentation through lttng and >> perf. This commit was introduced in kernel v4.20, and has been backported >> to stable kernels 4.19 and 4.14. >> >> This crash was also reported by Hongzhi Song on the redhat bugzilla >> where the patch was originally introduced. > > Ew, yes. Thanks for catching this. > > Fixes: e46daee53bb5 ("ARM: 8806/1: kprobes: Fix false positive with > FORTIFY_SOURCE") > Acked-by: Kees Cook <[email protected]> > > Can you send this to the ARM patch tracker, please?
Sure, will do right away, Thanks! Mathieu > > -Kees > >> >> Link: https://bugzilla.redhat.com/show_bug.cgi?id=1639397 >> Link: https://bugs.lttng.org/issues/1174 >> Link: >> https://lore.kernel.org/lkml/[email protected] >> Signed-off-by: Mathieu Desnoyers <[email protected]> >> Reported-by: Robert Berger <[email protected]> >> Tested-by: Robert Berger <[email protected]> >> CC: Robert Berger <[email protected]> >> CC: Masami Hiramatsu <[email protected]> >> CC: William Cohen <[email protected]> >> CC: Laura Abbott <[email protected]> >> CC: Kees Cook <[email protected]> >> CC: Russell King <[email protected]> >> CC: <[email protected]> # v4.14+ >> --- >> arch/arm/probes/kprobes/opt-arm.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/arch/arm/probes/kprobes/opt-arm.c >> b/arch/arm/probes/kprobes/opt-arm.c >> index 2c118a6ab358..0dc23fc227ed 100644 >> --- a/arch/arm/probes/kprobes/opt-arm.c >> +++ b/arch/arm/probes/kprobes/opt-arm.c >> @@ -247,7 +247,7 @@ int arch_prepare_optimized_kprobe(struct optimized_kprobe >> *op, struct kprobe *or >> } >> >> /* Copy arch-dep-instance from template. */ >> - memcpy(code, (unsigned char *)optprobe_template_entry, >> + memcpy(code, (unsigned long *)&optprobe_template_entry, >> TMPL_END_IDX * sizeof(kprobe_opcode_t)); >> >> /* Adjust buffer according to instruction. */ >> -- >> 2.11.0 >> > > > -- > Kees Cook -- Mathieu Desnoyers EfficiOS Inc. http://www.efficios.com
