On 3.02.21 г. 9:06 ч., Alexei Starovoitov wrote:
> From: Alexei Starovoitov <ast@xxxxxxxxxx>
>
> The commit 0d00449c7a28 ("x86: Replace ist_enter() with nmi_enter()")
> converted do_int3 handler to be "NMI-like".
> That made old if (in_nmi()) check abort execution of bpf programs
> attached to kprobe when kprobe is firing via int3
> (For example when kprobe is placed in the middle of the function).
> Remove the check to restore user visible behavior.
>
> Fixes: 0d00449c7a28 ("x86: Replace ist_enter() with nmi_enter()")
> Reported-by: Nikolay Borisov <nborisov@xxxxxxxx>
> Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx>
Tested-by: Nikolay Borisov <nborisov@xxxxxxxx>
So I take it you have verified the callpaths and deemed that it's safe
to remove this check?
> ---
> kernel/trace/bpf_trace.c | 3 ---
> 1 file changed, 3 deletions(-)
>
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index 6c0018abe68a..764400260eb6 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -96,9 +96,6 @@ unsigned int trace_call_bpf(struct trace_event_call *call, void *ctx)
> {
> unsigned int ret;
>
> - if (in_nmi()) /* not supported yet */
> - return 1;
> -
> cant_sleep();
>
> if (unlikely(__this_cpu_inc_return(bpf_prog_active) != 1)) {
>
