On Mon, Feb 24, 2025 at 03:01:44PM +0100, Jiri Olsa wrote:
SNIP
> @@ -1523,15 +1698,23 @@ arch_uretprobe_hijack_return_addr(unsigned long trampoline_vaddr, struct pt_regs
> {
> int rasize = sizeof_long(regs), nleft;
> unsigned long orig_ret_vaddr = 0; /* clear high bits for 32-bit apps */
> + unsigned long off = 0;
> +
> + /*
> + * Optimized uprobe goes through uprobe trampoline which adds 4 8-byte
> + * values on stack, check uprobe_trampoline_entry for details.
> + */
> + if (!swbp)
> + off = 4*8;
ok, now when I started to add the missing register modifications in uprobe syscall,
I realized we will modify the regs->sp appropriately already in the uprobe syscall
(before the code above is hit)
so we don't need this code and we can get rid of the swbp flag and patch#7 completely
jirka
>
> - if (copy_from_user(&orig_ret_vaddr, (void __user *)regs->sp, rasize))
> + if (copy_from_user(&orig_ret_vaddr, (void __user *)regs->sp + off, rasize))
> return -1;
>
> /* check whether address has been already hijacked */
> if (orig_ret_vaddr == trampoline_vaddr)
> return orig_ret_vaddr;
>
> - nleft = copy_to_user((void __user *)regs->sp, &trampoline_vaddr, rasize);
> + nleft = copy_to_user((void __user *)regs->sp + off, &trampoline_vaddr, rasize);
> if (likely(!nleft)) {
> if (shstk_update_last_frame(trampoline_vaddr)) {
> force_sig(SIGSEGV);
SNIP
