On Thu, 14 Feb 2019 14:10:44 +0000 Changbin Du changbin.du@gmail.com wrote:
No I didn't have the fix. I was running an older kernel actually. One before commit 9da3f2b74054406f87dff7101a569217ffceb29b was added. There's nothing actually wrong with that code, since kprobes is allowed to poke at anything. But that commit considers the kernel using copy from user to poke kernel address space is a security bug.
Glade to know that. And I wonder wether all such cases have been disclosed. I noticed the uprobe code also uses some usercopy functions.
Well, uprobe shouldn't be poking at kernel addresses ;-)
-- Steve