On 03/22, Anton Arapov wrote:
>
> +arch_uretprobe_hijack_return_addr(unsigned long trampoline_vaddr, struct
> pt_regs *regs)
> +{
> + int rasize, ncopied;
> + unsigned long orig_ret_vaddr = 0; /* clear high bits for 32-bit apps */
> +
> + rasize = is_ia32_task() ? 4 : 8;
Hmm.. I guess you need is_compat_task() here.
> + ncopied = copy_from_user(&orig_ret_vaddr, (void __user *)regs->sp,
> rasize);
> + if (unlikely(ncopied))
> + return -1;
> +
> + /* check whether address has been already hijacked */
> + if (orig_ret_vaddr == trampoline_vaddr)
> + return orig_ret_vaddr;
> +
> + ncopied = copy_to_user((void __user *)regs->sp, &trampoline_vaddr,
> rasize);
> + if (unlikely(ncopied)) {
> + if (ncopied != rasize) {
> + printk(KERN_ERR "uprobe: return address clobbered: "
Cosmetic, but we have pr_err().
> + "pid=%d, %%sp=%#lx, %%ip=%#lx\n",
> + current->pid, regs->sp, regs->ip);
> + /* kill task immediately */
> + send_sig(SIGSEGV, current, 0);
probably force_sig_info() makes more sense, but this is minor
> + }
You need to retun -1 here.
Cosmetic again, but since this function should be updated anyway,
I'd suggest
ncopied = copy_to_user(...);
if (likely(!ncopied))
return orig_ret_vaddr;
if (ncopied != rasize) {
...
}
return -1;
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
