Hi Steve, On Wed, 20 Feb 2019 09:49:26 -0500 Steven Rostedt <rostedt@xxxxxxxxxxx> wrote: > On Wed, 20 Feb 2019 17:10:19 +0900 > Masami Hiramatsu <mhiramat@xxxxxxxxxx> wrote: > > > Let me ensure what you want. So you want to access a "string" in user-space, > > not a data structure? In that case, it is very easy to me. It is enough to > > add a "ustring" type to kprobe events. For example, do_sys_opsn's path > > variable is one example. That will be +0(+0(%si)):ustring, and fetcher > > finally copy the string using strncpy_from_user() instead of > > strncpy_from_unsafe(). (*) > > ustring would be good. I've tried to implement ustring and u-offsets, but I got some issues. - access_ok() warns if it is called in IRQ context (kprobes is.) - copy_from_user uses access_ok(), so it is not designed for irq handler. Moreover, if we have different kernel/user address spaces, we have to assign target user-pages to kernel vma. Can we do that (doesn't it involve mutex locks)? If not, I think what we can do "in kprobes" is only probe_kernel_read() and strncpy_from_unsafe(). This means, on the architechture whoes kernel address space doesn't map user space, we can not support user-space data fetching in kprobe evevnts. Thank you, -- Masami Hiramatsu <mhiramat@xxxxxxxxxx>
