From patchwork Sun Oct 29 03:10:46 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Masami Hiramatsu (Google)" <mhiramat@kernel.org>
X-Patchwork-Id: 159321
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:d641:0:b0:403:3b70:6f57 with SMTP id cy1csp1503939vqb;
        Sat, 28 Oct 2023 20:17:41 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IHdOvh3k4/HAzpZOMtcv3d/9aGwSn75MJpypp0C7mYw3h9NSKFYVNT12yC71JAjPGjkyxbY
X-Received: by 2002:a05:6a00:248b:b0:6be:130a:22a0 with SMTP id
 c11-20020a056a00248b00b006be130a22a0mr8769575pfv.14.1698549461475;
        Sat, 28 Oct 2023 20:17:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1698549461; cv=none;
        d=google.com; s=arc-20160816;
        b=HbuTTTXgKPKryRkWJJPhjBhCxr2cRRDHuJ2Qn89/t3S7vwo40p8WELcrMSxoQGQ7JD
         t+O17iMuPrxj+yq3b2y1Y8x/6G+G+K/48SZeybYGf1I+vvaWeZklnoJHFJAZpA2iTEv+
         zkM8SVM+Dchou+Rtco8gYbeZzgzCIEY+R0QlA5+IbJiSQXyDWn3LRHw7wmHoqxwAlqco
         r7dqNpBY2zcBEqb6jwLgHrg9UlQ7ZJpqUKUZ0fPfjF+VLO+W23ae7rqG/0TrR6QMK5H9
         1WzUeJc7yvrTgA/bMpnvuiGe8Hfhbk4eGWgbPp73Uyt8e83Wx+07cEBwl0K2AWbGvqqD
         7upA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:message-id:date:subject:cc:to:from:dkim-signature;
        bh=ZKpdRCG9sEnr4wKIHL22Jeg7RDO55WFCFlkJ1GAirdE=;
        fh=4yReygJ1OgLncp37ga1hDHWG/gBIxCQ/HGN6mNRdK6c=;
        b=PSuAPUmMy12v41A62+e2lT14GhrRvip+6K5tNjTn3hC39wTmjNJaLGVIFx7cwDMOOH
         sCuZDBO5enO+fk53k7/h4BEGeru6orV2NZDmONeK5a9Ad/Gqhvgzi8BTaZU2uMAM+W0U
         jwfX2ThFacNoGdhFNuEftYY+d97iwSVTPo8jCvC6dtinTaMn11FJ8kSi0TXewQZ+c0SD
         He+NqFcSg1DIv5kwtnnH+Q5JM6PxcDp90V3gibju0SY7Q61ZRNLo3poGVlUcrNzbFWI4
         xeLUJ2e1o9ufzG63jNPdSKuRWvi2VviE/YWunkLxs1sFnbqcbk5gKf/MoAUoUjh+qKFx
         Pxsw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GfviiagA;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:7 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7])
        by mx.google.com with ESMTPS id
 y184-20020a638ac1000000b005775c7e503csi3128429pgd.116.2023.10.28.20.17.41
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 28 Oct 2023 20:17:41 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:7 as permitted sender)
 client-ip=2620:137:e000::3:7;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GfviiagA;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:7 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by snail.vger.email (Postfix) with ESMTP id 0F81F80755CB;
	Sat, 28 Oct 2023 20:16:35 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229529AbjJ2DKz (ORCPT <rfc822;peter110.wang@gmail.com>
        + 29 others); Sat, 28 Oct 2023 23:10:55 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42362 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229446AbjJ2DKy (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 28 Oct 2023 23:10:54 -0400
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 90899CF
        for <linux-kernel@vger.kernel.org>;
 Sat, 28 Oct 2023 20:10:51 -0700 (PDT)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7F86DC433C8;
        Sun, 29 Oct 2023 03:10:49 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1698549051;
        bh=9t8XSEZa0yobHjz6LzUAd1uwRa75aeszKCTXOZzVNt0=;
        h=From:To:Cc:Subject:Date:From;
        b=GfviiagAPaVvYNtgf+S9S/2I5n7P92WfJI53ixQW6rJllJzgKdpphgzpJK9PV6dqA
         pZA/yEehcL+Ee2kJ0EATFjwfBxNIVR3POKfsxHl/wtm4k05/iUsry2NJcMH+D1Vwh8
         Mihlf8udmWchtragYxqeG0kCoTYSrVVmRB269bAnydzOMXV0FF8KqEx8wzA3UuwPgB
         cRwf50aFgkRUsR0gRfeqTK3jAI2U3zor1HtNZDvoWXIYOJR1CL5npJkjZRZPQMif5I
         6cSHUhp7G+4rqyRlz8KyfO16GPmppznSvd+dbhU57CxGS13wn40VWOx4vDVLuCv0Yz
         q2MTEgtVMKxXg==
From: "Masami Hiramatsu (Google)" <mhiramat@kernel.org>
To: LKML <linux-kernel@vger.kernel.org>,
        Linux trace kernel <linux-trace-kernel@vger.kernel.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>,
        Steven Rostedt <rostedt@goodmis.org>,
        Andrii Nakryiko <andrii@kernel.org>,
        Francis Laniel <flaniel@linux.microsoft.com>
Subject: [PATCH for-next] tracing/kprobes: Add symbol counting check when
 module loads
Date: Sun, 29 Oct 2023 12:10:46 +0900
Message-Id: <169854904604.132316.12500381416261460174.stgit@devnote2>
X-Mailer: git-send-email 2.34.1
User-Agent: StGit/0.19
MIME-Version: 1.0
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]);
 Sat, 28 Oct 2023 20:16:35 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1781058199891975090
X-GMAIL-MSGID: 1781058199891975090

From: Masami Hiramatsu (Google) <mhiramat@kernel.org>

Check the number of probe target symbols in the target module when
the module is loaded. If the probe is not on the unique name symbols
in the module, it will be rejected at that point.

Note that the symbol which has a unique name in the target module,
it will be accepted even if there are same-name symbols in the
kernel or other modules,

Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Reviewed-by: Steven Rosted (Google) <rostedt@goodmis.org>
Acked-by: Andrii Nakryiko <andrii@kernel.org>
---
 kernel/trace/trace_kprobe.c |  112 ++++++++++++++++++++++++++-----------------
 1 file changed, 68 insertions(+), 44 deletions(-)

diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
index e834f149695b..90cf2219adb4 100644
--- a/kernel/trace/trace_kprobe.c
+++ b/kernel/trace/trace_kprobe.c
@@ -670,6 +670,21 @@ static int register_trace_kprobe(struct trace_kprobe *tk)
 	return ret;
 }
 
+static int validate_module_probe_symbol(const char *modname, const char *symbol);
+
+static int register_module_trace_kprobe(struct module *mod, struct trace_kprobe *tk)
+{
+	const char *p;
+	int ret = 0;
+
+	p = strchr(trace_kprobe_symbol(tk), ':');
+	if (p)
+		ret = validate_module_probe_symbol(module_name(mod), p++);
+	if (!ret)
+		ret = register_trace_kprobe(tk);
+	return ret;
+}
+
 /* Module notifier call back, checking event on the module */
 static int trace_kprobe_module_callback(struct notifier_block *nb,
 				       unsigned long val, void *data)
@@ -688,7 +703,7 @@ static int trace_kprobe_module_callback(struct notifier_block *nb,
 		if (trace_kprobe_within_module(tk, mod)) {
 			/* Don't need to check busy - this should have gone. */
 			__unregister_trace_kprobe(tk);
-			ret = __register_trace_kprobe(tk);
+			ret = register_module_trace_kprobe(mod, tk);
 			if (ret)
 				pr_warn("Failed to re-register probe %s on %s: %d\n",
 					trace_probe_name(&tk->tp),
@@ -729,17 +744,55 @@ static int count_mod_symbols(void *data, const char *name, unsigned long unused)
 	return 0;
 }
 
-static unsigned int number_of_same_symbols(char *func_name)
+static unsigned int number_of_same_symbols(const char *mod, const char *func_name)
 {
 	struct sym_count_ctx ctx = { .count = 0, .name = func_name };
 
-	kallsyms_on_each_match_symbol(count_symbols, func_name, &ctx.count);
+	if (!mod)
+		kallsyms_on_each_match_symbol(count_symbols, func_name, &ctx.count);
 
-	module_kallsyms_on_each_symbol(NULL, count_mod_symbols, &ctx);
+	module_kallsyms_on_each_symbol(mod, count_mod_symbols, &ctx);
 
 	return ctx.count;
 }
 
+static int validate_module_probe_symbol(const char *modname, const char *symbol)
+{
+	unsigned int count = number_of_same_symbols(modname, symbol);
+
+	if (count > 1) {
+		/*
+		 * Users should use ADDR to remove the ambiguity of
+		 * using KSYM only.
+		 */
+		return -EADDRNOTAVAIL;
+	} else if (count == 0) {
+		/*
+		 * We can return ENOENT earlier than when register the
+		 * kprobe.
+		 */
+		return -ENOENT;
+	}
+	return 0;
+}
+
+static int validate_probe_symbol(char *symbol)
+{
+	char *mod = NULL, *p;
+	int ret;
+
+	p = strchr(symbol, ':');
+	if (p) {
+		mod = symbol;
+		symbol = p + 1;
+		*p = '\0';
+	}
+	ret = validate_module_probe_symbol(mod, symbol);
+	if (p)
+		*p = ':';
+	return ret;
+}
+
 static int __trace_kprobe_create(int argc, const char *argv[])
 {
 	/*
@@ -859,6 +912,14 @@ static int __trace_kprobe_create(int argc, const char *argv[])
 			trace_probe_log_err(0, BAD_PROBE_ADDR);
 			goto parse_error;
 		}
+		ret = validate_probe_symbol(symbol);
+		if (ret) {
+			if (ret == -EADDRNOTAVAIL)
+				trace_probe_log_err(0, NON_UNIQ_SYMBOL);
+			else
+				trace_probe_log_err(0, BAD_PROBE_ADDR);
+			goto parse_error;
+		}
 		if (is_return)
 			ctx.flags |= TPARG_FL_RETURN;
 		ret = kprobe_on_func_entry(NULL, symbol, offset);
@@ -871,31 +932,6 @@ static int __trace_kprobe_create(int argc, const char *argv[])
 		}
 	}
 
-	if (symbol && !strchr(symbol, ':')) {
-		unsigned int count;
-
-		count = number_of_same_symbols(symbol);
-		if (count > 1) {
-			/*
-			 * Users should use ADDR to remove the ambiguity of
-			 * using KSYM only.
-			 */
-			trace_probe_log_err(0, NON_UNIQ_SYMBOL);
-			ret = -EADDRNOTAVAIL;
-
-			goto error;
-		} else if (count == 0) {
-			/*
-			 * We can return ENOENT earlier than when register the
-			 * kprobe.
-			 */
-			trace_probe_log_err(0, BAD_PROBE_ADDR);
-			ret = -ENOENT;
-
-			goto error;
-		}
-	}
-
 	trace_probe_log_set_index(0);
 	if (event) {
 		ret = traceprobe_parse_event_name(&event, &group, gbuf,
@@ -1767,21 +1803,9 @@ create_local_trace_kprobe(char *func, void *addr, unsigned long offs,
 	char *event;
 
 	if (func) {
-		unsigned int count;
-
-		count = number_of_same_symbols(func);
-		if (count > 1)
-			/*
-			 * Users should use addr to remove the ambiguity of
-			 * using func only.
-			 */
-			return ERR_PTR(-EADDRNOTAVAIL);
-		else if (count == 0)
-			/*
-			 * We can return ENOENT earlier than when register the
-			 * kprobe.
-			 */
-			return ERR_PTR(-ENOENT);
+		ret = validate_probe_symbol(func);
+		if (ret)
+			return ERR_PTR(ret);
 	}
 
 	/*