From: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
To: Ingo Molnar <mingo@kernel.org>
Cc: Pratyush Anand <panand@redhat.com>,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
"David S. Miller" <davem@davemloft.net>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>
Subject: [PATCH tip/master 3/3] kprobes/x86: Use kprobe_blacklist for .kprobes.text and .entry.text
Date: Thu, 16 Jul 2015 16:10:59 +0900 [thread overview]
Message-ID: <20150716071059.14218.60408.stgit@localhost.localdomain> (raw)
In-Reply-To: <20150716071053.14218.82072.stgit@localhost.localdomain>
Use kprobe_blackpoint for blacklisting .entry.text and .kprobees.text
instead of arch_within_kprobe_blacklist. This also makes them visible
via (debugfs)/kprobes/blacklist.
Signed-off-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ananth N Mavinakayanahalli <ananth@in.ibm.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
---
arch/x86/kernel/kprobes/core.c | 11 +------
include/linux/kprobes.h | 1 +
kernel/kprobes.c | 64 ++++++++++++++++++++++++++++------------
3 files changed, 48 insertions(+), 28 deletions(-)
diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c
index 1deffe6..8496f84 100644
--- a/arch/x86/kernel/kprobes/core.c
+++ b/arch/x86/kernel/kprobes/core.c
@@ -1112,17 +1112,10 @@ int longjmp_break_handler(struct kprobe *p, struct pt_regs *regs)
}
NOKPROBE_SYMBOL(longjmp_break_handler);
-bool arch_within_kprobe_blacklist(unsigned long addr)
-{
- return (addr >= (unsigned long)__kprobes_text_start &&
- addr < (unsigned long)__kprobes_text_end) ||
- (addr >= (unsigned long)__entry_text_start &&
- addr < (unsigned long)__entry_text_end);
-}
-
int __init arch_init_kprobes(void)
{
- return 0;
+ return kprobe_blacklist_add_range((unsigned long)__entry_text_start,
+ (unsigned long) __entry_text_end);
}
int arch_trampoline_kprobe(struct kprobe *p)
diff --git a/include/linux/kprobes.h b/include/linux/kprobes.h
index 1ab5475..a2eb53e 100644
--- a/include/linux/kprobes.h
+++ b/include/linux/kprobes.h
@@ -266,6 +266,7 @@ extern int arch_init_kprobes(void);
extern void show_registers(struct pt_regs *regs);
extern void kprobes_inc_nmissed_count(struct kprobe *p);
extern bool arch_within_kprobe_blacklist(unsigned long addr);
+extern int kprobe_blacklist_add_range(unsigned long start, unsigned long end);
struct kprobe_insn_cache {
struct mutex mutex;
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 53951c3..e164a04 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -1326,13 +1326,6 @@ out:
return ret;
}
-bool __weak arch_within_kprobe_blacklist(unsigned long addr)
-{
- /* The __kprobes marked functions and entry code must not be probed */
- return addr >= (unsigned long)__kprobes_text_start &&
- addr < (unsigned long)__kprobes_text_end;
-}
-
static struct kprobe_blacklist_entry *find_blacklist_entry(unsigned long addr)
{
struct kprobe_blacklist_entry *ent;
@@ -1347,8 +1340,6 @@ static struct kprobe_blacklist_entry *find_blacklist_entry(unsigned long addr)
static bool within_kprobe_blacklist(unsigned long addr)
{
- if (arch_within_kprobe_blacklist(addr))
- return true;
/*
* If there exists a kprobe_blacklist, verify and
* fail any probe registration in the prohibited area
@@ -2055,6 +2046,40 @@ void dump_kprobe(struct kprobe *kp)
}
NOKPROBE_SYMBOL(dump_kprobe);
+static int __kprobe_blacklist_add(unsigned long start, unsigned long end)
+{
+ struct kprobe_blacklist_entry *ent;
+
+ ent = kmalloc(sizeof(*ent), GFP_KERNEL);
+ if (!ent)
+ return -ENOMEM;
+
+ ent->start_addr = start;
+ ent->end_addr = end;
+ INIT_LIST_HEAD(&ent->list);
+ list_add_tail(&ent->list, &kprobe_blacklist);
+ return 0;
+}
+
+int kprobe_blacklist_add_range(unsigned long start, unsigned long end)
+{
+ unsigned long offset = 0, size = 0;
+ int err = 0;
+
+ mutex_lock(&kprobe_blacklist_mutex);
+ while (!err && start < end) {
+ if (!kallsyms_lookup_size_offset(start, &size, &offset) ||
+ size == 0) {
+ err = -ENOENT;
+ break;
+ }
+ err = __kprobe_blacklist_add(start, start + size);
+ start += size;
+ }
+ mutex_unlock(&kprobe_blacklist_mutex);
+ return err;
+}
+
/*
* Lookup and populate the kprobe_blacklist.
*
@@ -2066,8 +2091,8 @@ NOKPROBE_SYMBOL(dump_kprobe);
static int populate_kprobe_blacklist(unsigned long *start, unsigned long *end)
{
unsigned long *iter;
- struct kprobe_blacklist_entry *ent;
unsigned long entry, offset = 0, size = 0;
+ int ret;
mutex_lock(&kprobe_blacklist_mutex);
for (iter = start; iter < end; iter++) {
@@ -2079,14 +2104,7 @@ static int populate_kprobe_blacklist(unsigned long *start, unsigned long *end)
(void *)entry);
continue;
}
-
- ent = kmalloc(sizeof(*ent), GFP_KERNEL);
- if (!ent)
- return -ENOMEM;
- ent->start_addr = entry;
- ent->end_addr = entry + size;
- INIT_LIST_HEAD(&ent->list);
- list_add_tail(&ent->list, &kprobe_blacklist);
+ ret = __kprobe_blacklist_add(entry, entry - offset + size);
}
mutex_unlock(&kprobe_blacklist_mutex);
@@ -2181,7 +2199,15 @@ static int __init init_kprobes(void)
err = populate_kprobe_blacklist(__start_kprobe_blacklist,
__stop_kprobe_blacklist);
- if (err) {
+
+ if (err >= 0 && __kprobes_text_start != __kprobes_text_end) {
+ /* The __kprobes marked functions must not be probed */
+ err = kprobe_blacklist_add_range(
+ (unsigned long)__kprobes_text_start,
+ (unsigned long)__kprobes_text_end);
+ }
+
+ if (err < 0) {
pr_err("kprobes: failed to populate blacklist: %d\n", err);
pr_err("Please take care of using kprobes.\n");
}
prev parent reply other threads:[~2015-07-16 7:15 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-16 7:10 [PATCH tip/master 0/3] kprobes blacklist enhancement Masami Hiramatsu
2015-07-16 7:10 ` [PATCH tip/master 1/3] kprobes: Support blacklist functions in module Masami Hiramatsu
2015-07-16 11:34 ` Rusty Russell
2015-07-17 12:10 ` Ingo Molnar
2015-07-19 3:15 ` Masami Hiramatsu
2015-07-21 7:48 ` Ingo Molnar
2015-07-21 10:19 ` Masami Hiramatsu
2015-07-16 7:10 ` [PATCH tip/master 2/3] kprobes: Use NOKPROBE_SYMBOL() in sample modules Masami Hiramatsu
2015-07-16 7:10 ` Masami Hiramatsu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150716071059.14218.60408.stgit@localhost.localdomain \
--to=masami.hiramatsu.pt@hitachi.com \
--cc=akpm@linux-foundation.org \
--cc=ananth@in.ibm.com \
--cc=davem@davemloft.net \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=panand@redhat.com \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.