Hi,
On Mon, 18 Dec 2023 22:13:46 +0900
"Masami Hiramatsu (Google)" <mhiramat@xxxxxxxxxx> wrote:
> @@ -408,15 +395,51 @@ int function_graph_enter(unsigned long ret, unsigned long func,
> return -EBUSY;
> }
>
> +/* This is called from ftrace_graph_func() via ftrace */
> +int function_graph_enter_ops(unsigned long ret, unsigned long func,
> + unsigned long frame_pointer, unsigned long *retp,
> + struct fgraph_ops *gops)
> +{
> + struct ftrace_graph_ent trace;
> + int index;
> + int type;
> +
Here, I found that this needs to check whether the fgraph_array[gops->idx]
is still valid or not. When unregistering the fgraph, fgraph_array[idx] is
cleared (with fgraph_stub) and disable ftrace. So there is a chance to hit
this and it will mess up the shadow stack because gops->idx is already invalid.
Thank you,
--
Masami Hiramatsu (Google) <mhiramat@xxxxxxxxxx>
