On Tue, 14 Feb 2017 14:01:18 +0530
"Naveen N. Rao" <naveen.n....@linux.vnet.ibm.com> wrote:
> Users shouldn't be able to specify an offset with kretprobes, as we always
> want to probe at function entry. Otherwise, we won't be able to capture
> the proper return address resulting in the kretprobe never firing.
>
Nack, this should be checked by using kallsyms, since the
many non-exported kernel functions have same name.
Actually perf-probe is trying to put any probes(including return
probe) by using relative address from text-start symbol (_stext
or _text). In this case, kretprobe also can be set by _text+OFFSET.
So please rewrite this by using kallsyms_lookup_size_offset()
which tells you the address is actually on the beginning of
function or not.
Thank you,
> With samples/kprobes/kretprobe_example.c including an offset:
> my_kretprobe.kp.offset = 40;
>
> Before this patch, the probe gets planted but never fires.
>
> After this patch:
> $ sudo insmod samples/kprobes/kretprobe_example.ko
> [sudo] password for naveen:
> insmod: ERROR: could not insert module
> samples/kprobes/kretprobe_example.ko: Operation not permitted
>
> And dmesg:
> [48253.757629] register_kretprobe failed, returned -22
>
> Signed-off-by: Naveen N. Rao <naveen.n....@linux.vnet.ibm.com>
> ---
> kernel/kprobes.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index 60a702a05684..83ad7e440417 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -1847,6 +1847,9 @@ int register_kretprobe(struct kretprobe *rp)
> int i;
> void *addr;
>
> + if (rp->kp.offset)
> + return -EINVAL;
> +
> if (kretprobe_blacklist_size) {
> addr = kprobe_addr(&rp->kp);
> if (IS_ERR(addr))
> --
> 2.11.0
>
--
Masami Hiramatsu <mhira...@kernel.org>
