<div dir="ltr"><div> 62 #ifdef LTTNG_CONFIG_PPC64_ELF_ABI_V2<br> 63 /* Substract 4 bytes to get what we originally want */<br> 64 addr = (unsigned long)(((char *)probe.addr) - 4);<br> 65 #elif defined<b>(LTTNG_</b>CONFIG_PPC64_ELF_ABI_V1) << incorrect MACRO to used in gerrit review. this is the correct one.<br> 66 /*<br> 67 * Build a function descriptor from the address of<br></div><div><br></div>/lttng-module-2.13.8/src/wrapper/kallsyms.c:72:32: error: invalid use of undefined type 'struct func_desc'<br>| 72 | kallsyms_lookup_name_func_desc.addr = (unsigned long)probe.addr;<br><div>/lttng-module-2.13.8/src/wrapper/kallsyms.c:73:32: error: invalid use of undefined type 'struct func_desc'<br>| 73 | kallsyms_lookup_name_func_desc.toc = ((struct func_desc *) &sprint_symbol)->toc;<br></div><div><br></div><div>you either want to use func_descr_t </div><div><a href="https://elixir.bootlin.com/linux/v5.15.104/source/arch/powerpc/include/asm/types.h#L30">https://elixir.bootlin.com/linux/v5.15.104/source/arch/powerpc/include/asm/types.h#L30</a><br></div><div>or<br></div><div>struct ppc64_opd_entry</div><div><a href="https://elixir.bootlin.com/linux/v5.17.15/source/arch/powerpc/include/uapi/asm/elf.h#L293">https://elixir.bootlin.com/linux/v5.17.15/source/arch/powerpc/include/uapi/asm/elf.h#L293</a> <br></div><div><br></div><div>both of which are discontinued from 5.18<br><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Mar 27, 2023 at 5:56 PM Mathieu Desnoyers <<a href="mailto:mathieu.desnoyers@efficios.com">mathieu.desnoyers@efficios.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 2023-03-26 11:00, yashvardhan kukreti wrote:<br>
> <br>
> Hi Mathew,<br>
> <br>
> I have a question about this patch for lttng-modules and the use of<br>
> register_kprobe() to fetch the function ptr.<br>
> The question in this regard is especially from PPC64 ELF_ABI_v1<br>
> perspective.<br>
> <br>
> The functions on PPC64 are accessed via the Function descriptor<br>
> while what register_kprobes returns is the entry point of the function.<br>
> Hence using the return pointer tends to interpret the addr as the<br>
> address of the function descriptor and dereferences the ppc_inst as<br>
> the function entry point and crashes<br>
> <br>
> [ 4145.483594] kernel tried to execute exec-protected page<br>
> (7c0802a6fb81ffe0) - exploit attempt? (uid: 0)<br>
> here 7c0802a6 is the mfspr instruction from the code text section of<br>
> the kallsyms_lookup_name()<br>
> <br>
> note for PPC_ELF_ABI_v1 the register_kprobes() searches for the dot<br>
> variant of the symbol and only in case if cannot find the dot<br>
> variant looks for the normal symbol.<br>
> register_kprobe() -> kprobe_addr() -> kprobe_lookup_name() [arch<br>
> variant replaces weak symbol]<br>
> <a href="https://elixir.bootlin.com/linux/v5.10.174/C/ident/kprobe_lookup_name" rel="noreferrer" target="_blank">https://elixir.bootlin.com/linux/v5.10.174/C/ident/kprobe_lookup_name</a> <<a href="https://elixir.bootlin.com/linux/v5.10.174/C/ident/kprobe_lookup_name" rel="noreferrer" target="_blank">https://elixir.bootlin.com/linux/v5.10.174/C/ident/kprobe_lookup_name</a>><br>
> <br>
> Please let me know if i make sense or that i may have missed something.<br>
> <br>
> I have looked at the code of 2.12.8 as well and 2.12.3 verstion of<br>
> lttng-modules.<br>
<br>
Please have a look at commits (from stable-2.12 branch of lttng-modules):<br>
<br>
commit 53772db24facd84f1f3ddcf21a1ef5f162608721<br>
Author: He Zhe <<a href="mailto:zhe.he@windriver.com" target="_blank">zhe.he@windriver.com</a>><br>
Date: Tue Sep 27 15:59:42 2022 +0800<br>
<br>
wrapper: powerpc64: fix kernel crash caused by do_get_kallsyms<br>
<br>
commit 8fe888d86ccad4226b05a536efb73d71bb091062<br>
Author: Michael Jeanson <<a href="mailto:mjeanson@efficios.com" target="_blank">mjeanson@efficios.com</a>><br>
Date: Thu Nov 24 14:25:33 2022 -0500<br>
<br>
fix: kallsyms wrapper on ppc64el<br>
<br>
I suspect you'll also need this change currently in review:<br>
<br>
<a href="https://review.lttng.org/c/lttng-modules/+/9113" rel="noreferrer" target="_blank">https://review.lttng.org/c/lttng-modules/+/9113</a><br>
<br>
Please let us know if especially this last change fixes things on your side.<br>
<br>
Thanks,<br>
<br>
Mathieu<br>
<br>
<br>
> <br>
> Regards,<br>
> Shashank<br>
> <br>
<br>
-- <br>
Mathieu Desnoyers<br>
EfficiOS Inc.<br>
<a href="https://www.efficios.com" rel="noreferrer" target="_blank">https://www.efficios.com</a><br>
<br>
</blockquote></div>