kprobes: Enable stacktrace from pt_regs in kretprobe handler

Since the ORC unwinder from pt_regs requires setting up regs->ip
correctly, set the correct return address to the regs->ip before
calling user kretprobe handler.

This allows the kretrprobe handler to trace stack from the
kretprobe's pt_regs by stack_trace_save_regs() (eBPF will do
this), instead of stack tracing from the handler context by
stack_trace_save() (ftrace will do this).

Link: https://lkml.kernel.org/r/163163053237.489837.4272653874525136832.stgit@devnote2
Suggested-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Tested-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>

diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 833f07f331150e8197aba23944c3d078f708c292..ebc587b9a34659619668397c1af8afad58a292e1 100644 (file)
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -1937,6 +1937,13 @@ unsigned long __kretprobe_trampoline_handler(struct pt_regs *regs,
                BUG_ON(1);
        }
 
+       /*
+        * Set the return address as the instruction pointer, because if the
+        * user handler calls stack_trace_save_regs() with this 'regs',
+        * the stack trace will start from the instruction pointer.
+        */
+       instruction_pointer_set(regs, (unsigned long)correct_ret_addr);
+
        /* Run the user handler of the nodes. */
        first = current->kretprobe_instances.first;
        while (first) {