kprobes: consistent rcu api usage for kretprobe holder

commit d839a656d0f3caca9f96e9bf912fd394ac6a11bc upstream.

It seems that the pointer-to-kretprobe "rp" within the kretprobe_holder is
RCU-managed, based on the (non-rethook) implementation of get_kretprobe().
The thought behind this patch is to make use of the RCU API where possible
when accessing this pointer so that the needed barriers are always in place
and to self-document the code.

The __rcu annotation to "rp" allows for sparse RCU checking. Plain writes
done to the "rp" pointer are changed to make use of the RCU macro for
assignment. For the single read, the implementation of get_kretprobe()
is simplified by making use of an RCU macro which accomplishes the same,
but note that the log warning text will be more generic.

I did find that there is a difference in assembly generated between the
usage of the RCU macros vs without. For example, on arm64, when using
rcu_assign_pointer(), the corresponding store instruction is a
store-release (STLR) which has an implicit barrier. When normal assignment
is done, a regular store (STR) is found. In the macro case, this seems to
be a result of rcu_assign_pointer() using smp_store_release() when the
value to write is not NULL.

Link: https://lore.kernel.org/all/20231122132058.3359-1-inwardvessel@gmail.com/
Fixes: d741bf41d7c7 ("kprobes: Remove kretprobe hash")
Cc: stable@vger.kernel.org
Signed-off-by: JP Kobryn <inwardvessel@gmail.com>
Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/include/linux/kprobes.h b/include/linux/kprobes.h
index 2cbb6a51c2912f0519c70d14c7a3409c6dfd72de..24b0eaa5de3073d33a591849a0b0ba5ae4ddb6c2 100644 (file)
--- a/include/linux/kprobes.h
+++ b/include/linux/kprobes.h
@@ -139,7 +139,7 @@ static inline int kprobe_ftrace(struct kprobe *p)
  *
  */
 struct kretprobe_holder {
-       struct kretprobe        *rp;
+       struct kretprobe __rcu *rp;
        refcount_t              ref;
 };
 
@@ -224,10 +224,7 @@ unsigned long kretprobe_trampoline_handler(struct pt_regs *regs,
 
 static nokprobe_inline struct kretprobe *get_kretprobe(struct kretprobe_instance *ri)
 {
-       RCU_LOCKDEP_WARN(!rcu_read_lock_any_held(),
-               "Kretprobe is accessed from instance under preemptive context");
-
-       return READ_ONCE(ri->rph->rp);
+       return rcu_dereference_check(ri->rph->rp, rcu_read_lock_any_held());
 }
 
 #else /* CONFIG_KRETPROBES */

diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 6cf561322bbe6366e43688540e3a4c09b7ae16da..07d36cee2a800643e8048ea4c52349e7506b382f 100644 (file)
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -2044,7 +2044,7 @@ int register_kretprobe(struct kretprobe *rp)
        if (!rp->rph)
                return -ENOMEM;
 
-       rp->rph->rp = rp;
+       rcu_assign_pointer(rp->rph->rp, rp);
        for (i = 0; i < rp->maxactive; i++) {
                inst = kzalloc(sizeof(struct kretprobe_instance) +
                               rp->data_size, GFP_KERNEL);
@@ -2101,7 +2101,7 @@ void unregister_kretprobes(struct kretprobe **rps, int num)
        for (i = 0; i < num; i++) {
                if (__unregister_kprobe_top(&rps[i]->kp) < 0)
                        rps[i]->kp.addr = NULL;
-               rps[i]->rph->rp = NULL;
+               rcu_assign_pointer(rps[i]->rph->rp, NULL);
        }
        mutex_unlock(&kprobe_mutex);