Re: kprobe string arg does not return proper value

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jan 29, 2019 at 09:20:09AM +0100, Jiri Olsa wrote:
> On Tue, Jan 29, 2019 at 07:16:19AM +0100, Heiko Carstens wrote:
> > On Mon, Jan 28, 2019 at 10:14:58PM +0100, Jiri Olsa wrote:
> > >   # cd /sys/kernel/debug/tracing
> > >   # cat trace
> > >      <...>-18602 [000] d... 288289.847945: do_sys_open: (do_sys_open+0x0/0x238) filename_string=(fault)
> > >      <...>-18602 [000] d... 288289.848586: do_sys_open: (do_sys_open+0x0/0x238) filename_string=(fault)
> > >      <...>-18602 [000] d... 288289.852643: do_sys_open: (do_sys_open+0x0/0x238) filename_string=(fault)
> > >      <...>-18602 [000] d... 288289.853202: do_sys_open: (do_sys_open+0x0/0x238) filename_string=(fault)
> > >   ...
> > > 
> > > I'm getting this on latest upstream 5.0.0-rc3+
> > > 
> > > looks like we call strncpy_from_unsafe -> __get_user, which fails
> > > in this case.. any idea if this is perhaps some known issue on s390x?
> > 
> > This looks like the wrong address space is accessed. The "string" type
> > is supposed to copy a string from _kernel_ space while the filename
> > argument of do_sys_open() is a user space pointer.
> > 
> > This doesn't work on s390 due to the complete distinct address
> > spaces. At least that's what this looks like at a first glance.
> > 
> > And if I'm correct it is not easy to "fix". _If_ this functionality is
> > desired then the kprobes interface must probably be changed so that it
> > would be possible to specify the address space from where something
> > should be copied. Or.. maybe the "__user" annotation in the kernel
> > code can be instrumented(?).
> > 
> 
> I see, I'd like to find out some more about this..  I found some docs in
> Documentation/s390, would you please point me to some other s390 docs?

Well, there is only the architecture documentation. Not sure if you
really want to read this:

http://publibfi.boulder.ibm.com/epubs/pdf/dz9zr011.pdf

The relevant part is chapter 3 (Storage) - Address Spaces and Dynamic
Address Translation.

However the short form is: s390 uses two address spaces. "Home Space"
for kernel address space and "Primary Address Space" for user space
(there are some special cases where this isn't true, but that doesn't
really matter here).

Each address space has it's own(!) page tables. To access user space
from kernel space special instructions like MVCOS have to be used.

Especially this means (unlike on other architectures) that you can't
tell from an address alone if it belongs to user space or kernel
space.




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Kernel Development]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Info]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Linux Media]     [Device Mapper]

  Powered by Linux