8bf1101bd5
Fix a bug in kprobes that can cause an Oops or even a crash when a return probe is installed on one of the following functions: sys_execve, do_execve, load_*_binary, flush_old_exec, or flush_thread. The fix is to remove the call to kprobe_flush_task() in flush_thread(). This fix has been tested on all architectures for which the return-probes feature has been implemented (i386, x86_64, ppc64, ia64). Please apply. BACKGROUND Up to now, we have called kprobe_flush_task() under two situations: when a task exits, and when it execs. Flushing kretprobe_instances on exit is correct because (a) do_exit() doesn't return, and (b) one or more return-probed functions may be active when a task calls do_exit(). Neither is the case for sys_execve() and its callees. Initially, the mistaken call to kprobe_flush_task() on exec was harmless because we put the "real" return address of each active probed function back in the stack, just to be safe, when we recycled its kretprobe_instance. When support for ppc64 and ia64 was added, this safety measure couldn't be employed, and was eventually dropped even for i386 and x86_64. sys_execve() and its callees were informally blacklisted for return probes until this fix was developed. Acked-by: Prasanna S Panchamukhi <prasanna@in.ibm.com> Signed-off-by: Jim Keniston <jkenisto@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> |
||
---|---|---|
.. | ||
acpi | ||
cpu | ||
timers | ||
apic.c | ||
apm.c | ||
asm-offsets.c | ||
bootflag.c | ||
cpuid.c | ||
crash.c | ||
dmi_scan.c | ||
doublefault.c | ||
early_printk.c | ||
efi.c | ||
efi_stub.S | ||
entry.S | ||
head.S | ||
i386_ksyms.c | ||
i387.c | ||
i8237.c | ||
i8259.c | ||
init_task.c | ||
io_apic.c | ||
ioport.c | ||
irq.c | ||
kprobes.c | ||
ldt.c | ||
machine_kexec.c | ||
Makefile | ||
mca.c | ||
microcode.c | ||
module.c | ||
mpparse.c | ||
msr.c | ||
nmi.c | ||
numaq.c | ||
pci-dma.c | ||
process.c | ||
ptrace.c | ||
quirks.c | ||
reboot.c | ||
reboot_fixups.c | ||
relocate_kernel.S | ||
scx200.c | ||
semaphore.c | ||
setup.c | ||
sigframe.h | ||
signal.c | ||
smp.c | ||
smpboot.c | ||
srat.c | ||
summit.c | ||
sys_i386.c | ||
syscall_table.S | ||
sysenter.c | ||
time.c | ||
time_hpet.c | ||
trampoline.S | ||
traps.c | ||
vm86.c | ||
vmlinux.lds.S | ||
vsyscall-int80.S | ||
vsyscall-note.S | ||
vsyscall-sigreturn.S | ||
vsyscall-sysenter.S | ||
vsyscall.lds.S | ||
vsyscall.S |