From: Greg Kroah-Hartman Date: Mon, 24 Jan 2022 15:09:51 +0000 (+0100) Subject: 5.4-stable patches X-Git-Tag: v4.4.300~30 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d95717ebdae913ae926d1dd8e3e60fc0b8de2f1e;p=thirdparty%2Fkernel%2Fstable-queue.git 5.4-stable patches added patches: revert-ia64-kprobes-use-generic-kretprobe-trampoline-handler.patch --- diff --git a/queue-5.4/revert-ia64-kprobes-use-generic-kretprobe-trampoline-handler.patch b/queue-5.4/revert-ia64-kprobes-use-generic-kretprobe-trampoline-handler.patch new file mode 100644 index 00000000000..0024350169d --- /dev/null +++ b/queue-5.4/revert-ia64-kprobes-use-generic-kretprobe-trampoline-handler.patch @@ -0,0 +1,129 @@ +From mhiramat@kernel.org Mon Jan 24 16:08:19 2022 +From: Masami Hiramatsu +Date: Sat, 15 Jan 2022 21:59:16 +0900 +Subject: Revert "ia64: kprobes: Use generic kretprobe trampoline handler" +To: stable@vger.kernel.org, Greg Kroah-Hartman +Cc: linux-kernel@vger.kernel.org, Ingo Molnar , Sasha Levin +Message-ID: <164225155571.1964629.11131335649262508943.stgit@devnote2> + +From: Masami Hiramatsu + +This reverts commit 77fa5e15c933a1ec812de61ad709c00aa51e96ae. + +Since the upstream commit e792ff804f49720ce003b3e4c618b5d996256a18 +depends on the generic kretprobe trampoline handler, which was +introduced by commit 66ada2ccae4e ("kprobes: Add generic kretprobe +trampoline handler") but that is not ported to the stable kernel +because it is not a bugfix series. +So revert this commit to fix a build error. + +NOTE: I keep commit a7fe2378454c ("ia64: kprobes: Fix to pass +correct trampoline address to the handler") on the tree, that seems +just a cleanup without the original reverted commit, but it would +be better to use dereference_function_descriptor() macro instead +of accessing descriptor's field directly. + +Fixes: 77fa5e15c933 ("ia64: kprobes: Use generic kretprobe trampoline handler") +Reported-by: kernel test robot +Signed-off-by: Masami Hiramatsu +Signed-off-by: Greg Kroah-Hartman +--- + arch/ia64/kernel/kprobes.c | 78 +++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 75 insertions(+), 3 deletions(-) + +--- a/arch/ia64/kernel/kprobes.c ++++ b/arch/ia64/kernel/kprobes.c +@@ -396,10 +396,83 @@ static void kretprobe_trampoline(void) + { + } + ++/* ++ * At this point the target function has been tricked into ++ * returning into our trampoline. Lookup the associated instance ++ * and then: ++ * - call the handler function ++ * - cleanup by marking the instance as unused ++ * - long jump back to the original return address ++ */ + int __kprobes trampoline_probe_handler(struct kprobe *p, struct pt_regs *regs) + { +- regs->cr_iip = __kretprobe_trampoline_handler(regs, +- dereference_function_descriptor(kretprobe_trampoline), NULL); ++ struct kretprobe_instance *ri = NULL; ++ struct hlist_head *head, empty_rp; ++ struct hlist_node *tmp; ++ unsigned long flags, orig_ret_address = 0; ++ unsigned long trampoline_address = ++ (unsigned long)dereference_function_descriptor(kretprobe_trampoline); ++ ++ INIT_HLIST_HEAD(&empty_rp); ++ kretprobe_hash_lock(current, &head, &flags); ++ ++ /* ++ * It is possible to have multiple instances associated with a given ++ * task either because an multiple functions in the call path ++ * have a return probe installed on them, and/or more than one return ++ * return probe was registered for a target function. ++ * ++ * We can handle this because: ++ * - instances are always inserted at the head of the list ++ * - when multiple return probes are registered for the same ++ * function, the first instance's ret_addr will point to the ++ * real return address, and all the rest will point to ++ * kretprobe_trampoline ++ */ ++ hlist_for_each_entry_safe(ri, tmp, head, hlist) { ++ if (ri->task != current) ++ /* another task is sharing our hash bucket */ ++ continue; ++ ++ orig_ret_address = (unsigned long)ri->ret_addr; ++ if (orig_ret_address != trampoline_address) ++ /* ++ * This is the real return address. Any other ++ * instances associated with this task are for ++ * other calls deeper on the call stack ++ */ ++ break; ++ } ++ ++ regs->cr_iip = orig_ret_address; ++ ++ hlist_for_each_entry_safe(ri, tmp, head, hlist) { ++ if (ri->task != current) ++ /* another task is sharing our hash bucket */ ++ continue; ++ ++ if (ri->rp && ri->rp->handler) ++ ri->rp->handler(ri, regs); ++ ++ orig_ret_address = (unsigned long)ri->ret_addr; ++ recycle_rp_inst(ri, &empty_rp); ++ ++ if (orig_ret_address != trampoline_address) ++ /* ++ * This is the real return address. Any other ++ * instances associated with this task are for ++ * other calls deeper on the call stack ++ */ ++ break; ++ } ++ kretprobe_assert(ri, orig_ret_address, trampoline_address); ++ ++ kretprobe_hash_unlock(current, &flags); ++ ++ hlist_for_each_entry_safe(ri, tmp, &empty_rp, hlist) { ++ hlist_del(&ri->hlist); ++ kfree(ri); ++ } + /* + * By returning a non-zero value, we are telling + * kprobe_handler() that we don't want the post_handler +@@ -412,7 +485,6 @@ void __kprobes arch_prepare_kretprobe(st + struct pt_regs *regs) + { + ri->ret_addr = (kprobe_opcode_t *)regs->b0; +- ri->fp = NULL; + + /* Replace the return addr with trampoline addr */ + regs->b0 = (unsigned long)dereference_function_descriptor(kretprobe_trampoline); diff --git a/queue-5.4/series b/queue-5.4/series index dd3c170190e..57617470447 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -318,3 +318,4 @@ scripts-dtc-dtx_diff-remove-broken-example-from-help-text.patch lib82596-fix-irq-check-in-sni_82596_probe.patch lib-test_meminit-destroy-cache-in-kmem_cache_alloc_bulk-test.patch mtd-nand-bbt-fix-corner-case-in-bad-block-table-handling.patch +revert-ia64-kprobes-use-generic-kretprobe-trampoline-handler.patch