On Wed, 3 Jun 2026 18:31:42 +0300 Eva Kurchatova <[email protected]> wrote:
> When multiple callbacks are registered on the same tracepoint, > callbacks will be indirectly called via traceiter helper. > > Pointers to __probestub_* callbacks reside in __tracepoints section, > which is excluded from ENDBR checks in objtool, causing objtool to > assume those functions are never indirectly called. > > Registering multiple callbacks using sched_wakeup test will result > in #CP exception due to missing ENDBR in __probestub_sched_wakeup > on a CFI-enabled machine. > > Fix this by adding CFI_NOSEAL annotation to probestub declaration. I took this but rewrote the change log as it is still incorrect. It has nothing to do with multiple callbacks attached to the probe. It has to do with how tprobes works. I updated with this: From: Eva Kurchatova <[email protected]> Subject: [PATCH] tracing: Fix CFI violation in probestub being called by tprobes The probestub is a function to allow tprobes to hook to a tracepoint to gain access to its parameters. The function itself is only referenced by the tracepoint structure which lives in the __tracepoint section. objtool explicitly ignores that section and when processing functions in the kernel, if it detects one that has no references it will seal it to have its ENDBR stripped on boot up. This means when a tprobe is attached to the sched_wakeup tracepoint, when it is triggered it will call __probestub_sched_wakeup and due to the missing ENDBR on a CFI-enabled machine it will take a #CP exception. Fix this by adding CFI_NOSEAL annotation to probestub declaration. Cc: [email protected] Acked-by: Masami Hiramatsu (Google) <[email protected]> Link: https://patch.msgid.link/[email protected] Fixes: d5173f753750 ("objtool: Exclude __tracepoints data from ENDBR checks") Signed-off-by: Eva Kurchatova <[email protected]> [ Updated change log ] Signed-off-by: Steven Rostedt <[email protected]> --- include/linux/tracepoint.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/linux/tracepoint.h b/include/linux/tracepoint.h index 763eea4d80d8..2d2b9f8cdda4 100644 --- a/include/linux/tracepoint.h +++ b/include/linux/tracepoint.h @@ -20,6 +20,7 @@ #include <linux/rcupdate_trace.h> #include <linux/tracepoint-defs.h> #include <linux/static_call.h> +#include <linux/cfi.h> struct module; struct tracepoint; @@ -389,6 +390,13 @@ static inline struct tracepoint *tracepoint_ptr_deref(tracepoint_ptr_t *p) void __probestub_##_name(void *__data, proto) \ { \ } \ + /* \ + * Annotate the probestub 'CFI_NOSEAL' to stop objtool from \ + * requesting the kernel remove the ENDBR, because the only \ + * references to the function are in the __tracepoint section, \ + * that objtool doesn't scan. \ + */ \ + CFI_NOSEAL(__probestub_##_name); \ DEFINE_STATIC_CALL(tp_func_##_name, __traceiter_##_name); \ DEFINE_RUST_DO_TRACE(_name, TP_PROTO(proto), TP_ARGS(args)) -- 2.53.0
