On Wed, May 20, 2020 at 08:11:26PM +0900, Masami Hiramatsu wrote:
> > - ret = probe_kernel_read(&c, (u8 *)addr + len, 1);
> > + if (IS_ENABLED(CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE) &&
> > + (unsigned long)addr < TASK_SIZE) {
> > + ret = p
On Tue, 19 May 2020 15:44:42 +0200
Christoph Hellwig wrote:
> diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
> index 2f6737cc53e6c..82da20e712507 100644
> --- a/kernel/trace/trace_kprobe.c
> +++ b/kernel/trace/trace_kprobe.c
> @@ -1208,7 +1208,13 @@ fetch_store_strlen(unsi
On Tue, May 19, 2020 at 6:45 AM Christoph Hellwig wrote:
>
> +
> + if (IS_ENABLED(CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE) &&
> + compat && (unsigned long)unsafe_ptr < TASK_SIZE)
> + ret = probe_user_read(dst, user_ptr, size);
> + else
> + re
Except for historical confusion in the kprobes/uprobes and bpf tracers,
there is no good reason to ever allow user memory accesses from
probe_kernel_read. Switch probe_kernel_read to only read from kernel
memory itself, and try to read user memory in the tracers only if
the address is smaller than
