Hi Steve, Steven Rostedt <rostedt@xxxxxxxxxxx> writes: > From: Steven Rostedt <rostedt@xxxxxxxxxxx> > > Pingfan reported that the following causes a fault: > > echo "filename ~ \"cpu\"" > events/syscalls/sys_enter_openat/filter > echo 1 > events/syscalls/sys_enter_at/enable > [..] > +static __always_inline char *test_string(char *str) > +{ > + struct ustring_buffer *ubuf; > + char __user *ustr; > + char *kstr; > + > + if (!ustring_per_cpu) > + return NULL; > + > + ubuf = this_cpu_ptr(ustring_per_cpu); > + kstr = ubuf->buffer; > + > + if (likely((unsigned long)str >= TASK_SIZE)) { I think that would not work on architectures where addresses for kernel and user space could overlap, i.e. with different address spaces? > + /* For safety, do not trust the string pointer */ > + if (!strncpy_from_kernel_nofault(kstr, str, USTRING_BUF_SIZE)) > + return NULL; > + } else { > + /* user space address? */ > + ustr = str; > + if (!strncpy_from_user_nofault(kstr, ustr, USTRING_BUF_SIZE)) > + return NULL; > + } > + return kstr; > +}