[RFC PATCH v4] ARM: uprobes xol write directly to userspace
victor.kamensky at linaro.org
Tue Apr 15 22:31:36 PDT 2014
Here is my understanding of Dave's and Russell's suggestion on 
to use direct write of xol slot instructions to user space. Now
posting patch through 'git send-email' since, as it was noted, my
mailer corrupts patches otherwise.
Note default case with __copy_to_user is NOT tested. It addresses
Personally, I am very concerned about this patch because it creates
writable and executable page in traced process. The way how uprobes
is implemented such page will stay in process even if all uprobes
are detached from process. IMHO it may create possible attack hole.
I would prefer to see any executable memory read-only all the time.
On top of that, at least in ARM case xol page address is not even
randomized, which was perfectly fine with current nowrite/noread,
just execute permissions.
Patch follows this cover letter.
Victor Kamensky (1):
ARM: uprobes xol write directly to userspace
arch/arm/kernel/uprobes.c | 8 ++++++++
include/linux/uprobes.h | 3 +++
kernel/events/uprobes.c | 28 +++++++++++++++++++---------
3 files changed, 30 insertions(+), 9 deletions(-)
More information about the linux-arm-kernel