CVE-2022-49888 in Linux
Sumário
de VulDB • 27/05/2026
No such file or directory
### Explanation
The error `No such file or directory` when attempting to create a kprobe on `cortex_a76_erratum_1463225_debug_handler` occurs because **the function no longer exists as a separate, addressable symbol in the kernel image**.
#### Why this happens: 1. **Inlining**: The patch inlines `cortex_a76_erratum_1463225_debug_handler()` directly into `el1_dbg()`. This means the compiler merges the code of the erratum handler into the caller, eliminating the standalone function. 2. **No Symbol**: Since the function is inlined, there is no longer a distinct symbol named `cortex_a76_erratum_1463225_debug_handler` in the kernel’s symbol table. Kprobes rely on symbols or addresses to attach probes. If the symbol doesn’t exist, kprobes cannot find it. 3. **Kprobe Limitation**: Kprobes cannot probe into inlined functions because there is no entry point to hook into. The code is now part of `el1_dbg()`, and probing `el1_dbg()` would probe the entire function, not just the erratum-specific part.
#### Workarounds: - **Probe `el1_dbg()`**: If you need to trace the erratum handling, you can probe `el1_dbg()` instead, though this will trigger on all calls to `el1_dbg()`, not just those involving the erratum. - **Use ftrace**: Use ftrace’s function tracer to trace `el1_dbg()` or other relevant functions. - **Disable Inlining**: If you need to probe this specific handler, you could modify the patch to prevent inlining (e.g., by adding `__attribute__((noinline))`), but this may have performance or correctness implications.
#### Example: ```bash # Instead of probing the inlined function, probe the caller echo p el1_dbg > /sys/kernel/debug/tracing/kprobe_events ```
This limitation is a known consequence of inlining functions for performance or correctness reasons, and it restricts the ability to use kprobes on those specific code paths.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.