[PATCH v2] arm: print alloc free paths for address in registers
Maninder Singh
maninder1.s at samsung.com
Wed Mar 10 05:50:35 GMT 2021
Hi,
Any comments or updates?
>Sender : Maninder Singh <maninder1.s at samsung.com> Engineer/Platform S/W Group /SRI-Delhi/Samsung Electronics
>Date : 2021-02-25 13:57 (GMT+5:30)
>Title : [PATCH v2] arm: print alloc free paths for address in registers
>
>In case of "Use After Free" kernel OOPs, free path of object
>is required to debug futher.
>And in most of cases object address is present in one of registers.
>
>Thus check for register address and if it belongs to slab,
>print its alloc and free path.
>
>e.g. in below issue register r6 belongs to slab, and use after free issue
>occurred on one of its derefer values:
>
>[ 124.310386] (ptrval)
>[ 124.312647] 8<--- cut here ---
>[ 124.313761] Unable to handle kernel paging request at virtual address 6b6b6b6f
>[ 124.315972] pgd = (ptrval)
>...
>[ 124.328290] pc : [<c052fc0c>] lr : [<c052fc00>] psr: 60000013
>[ 124.330349] sp : c8993d28 ip : 0000bff4 fp : c8ae2020
>[ 124.332071] r10: 00000000 r9 : 00000001 r8 : c1804cc8
>[ 124.333803] r7 : 00000000 r6 : c8ae9180 r5 : c1804a80 r4 : c8ae2008
>[ 124.335936] r3 : 6b6b6b6b r2 : 315049d6 r1 : 2d867000 r0 : c1396584
>..
>[ 124.365233] register r6: c8ae9180 belongs to slab object
>[ 124.366364] INFO: Allocated in meminfo_proc_show+0x3c/0x500 age=1 cpu=0 pid=69
>[ 124.367545] meminfo_proc_show+0x3c/0x500
>[ 124.368271] seq_read_iter+0x10c/0x4bc
>[ 124.368994] proc_reg_read_iter+0x74/0xa8
>[ 124.369712] generic_file_splice_read+0xe8/0x178
>[ 124.370496] splice_direct_to_actor+0xe0/0x2b8
>[ 124.371261] do_splice_direct+0xa4/0xdc
>[ 124.371917] do_sendfile+0x1c4/0x3ec
>[ 124.372550] sys_sendfile64+0x128/0x130
>[ 124.373109] ret_fast_syscall+0x0/0x54
>[ 124.373664] 0xbe9a2de4
>[ 124.374081] INFO: Freed in meminfo_proc_show+0x5c/0x500 age=1 cpu=0 pid=69
>[ 124.374933] meminfo_proc_show+0x5c/0x500
>[ 124.375485] seq_read_iter+0x10c/0x4bc
>[ 124.376020] proc_reg_read_iter+0x74/0xa8
>[ 124.376643] generic_file_splice_read+0xe8/0x178
>[ 124.377331] splice_direct_to_actor+0xe0/0x2b8
>[ 124.378022] do_splice_direct+0xa4/0xdc
>[ 124.378633] do_sendfile+0x1c4/0x3ec
>[ 124.379220] sys_sendfile64+0x128/0x130
>[ 124.379822] ret_fast_syscall+0x0/0x54
>[ 124.380421] 0xbe9a2de4
>
>Co-developed-by: Vaneet Narang <v.narang at samsung.com>
>Signed-off-by: Vaneet Narang <v.narang at samsung.com>
>Signed-off-by: Maninder Singh <maninder1.s at samsung.com>
>---
>v1 -> v2: do address sanity with virt_addr_valid
>
> arch/arm/include/asm/bug.h | 1 +
> arch/arm/kernel/process.c | 18 ++++++++++++++++++
> arch/arm/kernel/traps.c | 1 +
> include/linux/slab.h | 14 ++++++++++++++
> mm/slab.h | 7 -------
> mm/slub.c | 18 ++++++++++++++++++
> 6 files changed, 52 insertions(+), 7 deletions(-)
Thanks,
Maninder Singh
More information about the linux-arm-kernel
mailing list