7 May
2019
7 May
'19
12:27 p.m.
On Tue, 7 May 2019 11:27:31 +0200 Peter Zijlstra peterz@infradead.org wrote:
FWIW, both these trampolines assume a kprobe will not int3_emulate_{push/call}(), for both bitnesses.
But then; I'm thinking kprobes should be inspection only and not modify things. So that might just be good enough.
I believe there are kprobe calls that do modify things. Note, they can modify regs->ip. Kprobes sets the FTRACE_OPS_FL_IPMODIFY flag, thus they can never be put at the same location that is being live patched.
-- Steve