From: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
To: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Linux-Arch <linux-arch@vger.kernel.org>,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
"David S. Miller" <davem@davemloft.net>,
Peter Zijlstra <peterz@infradead.org>,
Frederic Weisbecker <fweisbec@gmail.com>,
the arch/x86 maintainers <x86@kernel.org>,
lkml <linux-kernel@vger.kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
virtualization@lists.linux-foundation.org,
Ingo Molnar <mingo@redhat.com>, Al Viro <viro@zeniv.linux.org.uk>,
"H. Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Seiji Aguchi <seiji.aguchi@hds.com>,
Ingo Molnar <mingo@kernel.org>
Subject: Re: Re: [PATCH -tip RFC v2 01/22] kprobes: Prohibit probing on .entry.text code
Date: Sun, 17 Nov 2013 16:21:27 +0900 [thread overview]
Message-ID: <52886E77.1000707@hitachi.com> (raw)
In-Reply-To: <CAMuHMdXw+WGKiQuquQL7XOkbRLNOC_SPddY1irRGQwpvDHLMwA@mail.gmail.com>
(2013/11/16 2:46), Geert Uytterhoeven wrote:
> On Fri, Nov 15, 2013 at 5:43 PM, Steven Rostedt <rostedt@goodmis.org> wrote:
>> On Fri, 15 Nov 2013 04:53:18 +0000
>> Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com> wrote:
>>
>>> .entry.text is a code area which is used for interrupt/syscall
>>> entries, and there are many sensitive codes.
>>> Thus, it is better to prohibit probing on all of such codes
>>> instead of a part of that.
>>> Since some symbols are already registered on kprobe blacklist,
>>> this also removes them from the blacklist.
>>
>> This change only works with x86. On other archs, I get this:
>>
>> kernel/built-in.o: In function `register_kprobe':
>> (.kprobes.text+0x9f4): undefined reference to `__entry_text_start'
>> kernel/built-in.o: In function `register_kprobe':
>> (.kprobes.text+0x9f8): undefined reference to `__entry_text_end'
>> make[1]: *** [vmlinux] Error 1
>> make: *** [sub-make] Error 2
>
> X86 is the sole architecture that has ENTRY_TEXT in its
> arch/*/kernel/vmlinux.lds.S.
Ah, thanks! I'll fix that.
BTW, should I add CONFIG_HAVE_ENTRY_TEXT for x86 and use it
or just use CONFIG_X86 to detect it?
Thank you,
--
Masami HIRAMATSU
IT Management Research Dept. Linux Technology Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@hitachi.com
WARNING: multiple messages have this Message-ID (diff)
From: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
To: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Steven Rostedt <rostedt@goodmis.org>,
Ingo Molnar <mingo@kernel.org>,
Linux-Arch <linux-arch@vger.kernel.org>,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
Peter Zijlstra <peterz@infradead.org>,
Frederic Weisbecker <fweisbec@gmail.com>,
the arch/x86 maintainers <x86@kernel.org>,
lkml <linux-kernel@vger.kernel.org>,
virtualization@lists.linux-foundation.org,
Ingo Molnar <mingo@redhat.com>, Al Viro <viro@zeniv.linux.org.uk>,
"H. Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Seiji Aguchi <seiji.aguchi@hds.com>,
"David S. Miller" <davem@davemloft.net>
Subject: Re: Re: [PATCH -tip RFC v2 01/22] kprobes: Prohibit probing on .entry.text code
Date: Sun, 17 Nov 2013 16:21:27 +0900 [thread overview]
Message-ID: <52886E77.1000707@hitachi.com> (raw)
Message-ID: <20131117072127.LgGBhFeK1-qaoJRswGoxVf3v5poxzBu1EJ9qImCyCW0@z> (raw)
In-Reply-To: <CAMuHMdXw+WGKiQuquQL7XOkbRLNOC_SPddY1irRGQwpvDHLMwA@mail.gmail.com>
(2013/11/16 2:46), Geert Uytterhoeven wrote:
> On Fri, Nov 15, 2013 at 5:43 PM, Steven Rostedt <rostedt@goodmis.org> wrote:
>> On Fri, 15 Nov 2013 04:53:18 +0000
>> Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com> wrote:
>>
>>> .entry.text is a code area which is used for interrupt/syscall
>>> entries, and there are many sensitive codes.
>>> Thus, it is better to prohibit probing on all of such codes
>>> instead of a part of that.
>>> Since some symbols are already registered on kprobe blacklist,
>>> this also removes them from the blacklist.
>>
>> This change only works with x86. On other archs, I get this:
>>
>> kernel/built-in.o: In function `register_kprobe':
>> (.kprobes.text+0x9f4): undefined reference to `__entry_text_start'
>> kernel/built-in.o: In function `register_kprobe':
>> (.kprobes.text+0x9f8): undefined reference to `__entry_text_end'
>> make[1]: *** [vmlinux] Error 1
>> make: *** [sub-make] Error 2
>
> X86 is the sole architecture that has ENTRY_TEXT in its
> arch/*/kernel/vmlinux.lds.S.
Ah, thanks! I'll fix that.
BTW, should I add CONFIG_HAVE_ENTRY_TEXT for x86 and use it
or just use CONFIG_X86 to detect it?
Thank you,
--
Masami HIRAMATSU
IT Management Research Dept. Linux Technology Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@hitachi.com
next prev parent reply other threads:[~2013-11-17 7:21 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-15 4:53 [PATCH -tip RFC v2 00/22] kprobes: introduce NOKPROBE_SYMBOL() and general cleaning of kprobe blacklist Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 01/22] kprobes: Prohibit probing on .entry.text code Masami Hiramatsu
2013-11-15 16:43 ` Steven Rostedt
2013-11-15 16:43 ` Steven Rostedt
2013-11-15 17:46 ` Geert Uytterhoeven
2013-11-17 7:21 ` Masami Hiramatsu [this message]
2013-11-17 7:21 ` Masami Hiramatsu
2013-11-15 17:46 ` Geert Uytterhoeven
2013-11-15 4:53 ` [PATCH -tip RFC v2 02/22] kprobes: Introduce NOKPROBE_SYMBOL() macro for blacklist Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 03/22] kprobes: Show blacklist entries via debugfs Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 04/22] kprobes: Support blacklist functions in module Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 05/22] kprobes: Use NOKPROBE_SYMBOL() in sample modules Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 06/22] kprobes/x86: Allow probe on some kprobe preparation functions Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 07/22] kprobes/x86: Use NOKPROBE_SYMBOL instead of __kprobes Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 08/22] kprobes: Allow probe on some kprobe functions Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 09/22] kprobes: Use NOKPROBE_SYMBOL macro instead of __kprobes Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 10/22] ftrace/kprobes: Allow probing on some preparation functions Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 11/22] ftrace/kprobes: Use NOKPROBE_SYMBOL macro in ftrace Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 12/22] x86/hw_breakpoint: Use NOKPROBE_SYMBOL macro in hw_breakpoint Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 13/22] x86/trap: Use NOKPROBE_SYMBOL macro in trap.c Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:53 ` [PATCH -tip RFC v2 14/22] x86/fault: Use NOKPROBE_SYMBOL macro in fault.c Masami Hiramatsu
2013-11-15 4:53 ` Masami Hiramatsu
2013-11-15 4:54 ` [PATCH -tip RFC v2 15/22] x86/alternative: Use NOKPROBE_SYMBOL macro in alternative.c Masami Hiramatsu
2013-11-15 4:54 ` [PATCH -tip RFC v2 16/22] x86/nmi: Use NOKPROBE_SYMBOL macro for nmi handlers Masami Hiramatsu
2013-11-15 4:54 ` Masami Hiramatsu
2013-11-15 4:54 ` [PATCH -tip RFC v2 17/22] x86/kvm: Use NOKPROBE_SYMBOL macro in kvm.c Masami Hiramatsu
2013-11-15 4:54 ` Masami Hiramatsu
2013-11-15 4:54 ` [PATCH -tip RFC v2 18/22] x86/dumpstack: Use NOKPROBE_SYMBOL macro in dumpstack.c Masami Hiramatsu
2013-11-15 4:54 ` Masami Hiramatsu
2013-11-15 4:54 ` [PATCH -tip RFC v2 19/22] [BUGFIX] kprobes/x86: Prohibit probing on debug_stack_* Masami Hiramatsu
2013-11-15 4:54 ` Masami Hiramatsu
2013-11-15 4:54 ` [PATCH -tip RFC v2 20/22] [BUGFIX] kprobes: Prohibit probing on func_ptr_is_kernel_text Masami Hiramatsu
2013-11-15 4:54 ` Masami Hiramatsu
2013-11-15 4:54 ` [PATCH -tip RFC v2 21/22] notifier: Use NOKPROBE_SYMBOL macro in notifier Masami Hiramatsu
2013-11-15 4:54 ` Masami Hiramatsu
2013-11-15 4:54 ` [PATCH -tip RFC v2 22/22] sched: Use NOKPROBE_SYMBOL macro in sched Masami Hiramatsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52886E77.1000707@hitachi.com \
--to=masami.hiramatsu.pt@hitachi.com \
--cc=ananth@in.ibm.com \
--cc=davem@davemloft.net \
--cc=fweisbec@gmail.com \
--cc=geert@linux-m68k.org \
--cc=hpa@zytor.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=seiji.aguchi@hds.com \
--cc=tglx@linutronix.de \
--cc=viro@zeniv.linux.org.uk \
--cc=virtualization@lists.linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.