[PATCH -tip v3 23/23] kprobes/x86: Use kprobe_blacklist for .kprobes.text and .entry.text

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Use kprobe_blackpoint for blacklisting .entry.text and .kprobes.text
instead of arch_within_kprobe_blacklist. This also makes them visible
via (debugfs)/kprobes/blacklist.

Signed-off-by: Masami Hiramatsu <masami.hiramatsu.pt@xxxxxxxxxxx>
Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: "H. Peter Anvin" <hpa@xxxxxxxxx>
Cc: Ananth N Mavinakayanahalli <ananth@xxxxxxxxxx>
Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
Cc: Steven Rostedt <rostedt@xxxxxxxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
 arch/x86/kernel/kprobes/core.c |   14 +++++++-------
 include/linux/kprobes.h        |    1 +
 kernel/kprobes.c               |   40 +++++++++++++++++++++++++++++-----------
 3 files changed, 37 insertions(+), 18 deletions(-)

diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c
index 54ada0b..adb0e26 100644
--- a/arch/x86/kernel/kprobes/core.c
+++ b/arch/x86/kernel/kprobes/core.c
@@ -1087,16 +1087,16 @@ int longjmp_break_handler(struct kprobe *p, struct pt_regs *regs)
 }
 NOKPROBE_SYMBOL(longjmp_break_handler);
 
-bool arch_within_kprobe_blacklist(unsigned long addr)
-{
-	return ((addr >= (unsigned long)__kprobes_text_start &&
-		 addr < (unsigned long)__kprobes_text_end) ||
-		(addr >= (unsigned long)__entry_text_start &&
-		 addr < (unsigned long)__entry_text_end));
-}
+static struct kprobe_blackpoint kbp_entry_text = {
+	.name = ".entry.text",
+};
 
 int __init arch_init_kprobes(void)
 {
+	kbp_entry_text.start_addr = (unsigned long)__entry_text_start;
+	kbp_entry_text.range = (unsigned long)__entry_text_end -
+				(unsigned long)__entry_text_start;
+	add_kprobe_blacklist(&kbp_entry_text);
 	return 0;
 }
 
diff --git a/include/linux/kprobes.h b/include/linux/kprobes.h
index 641d009..19be202 100644
--- a/include/linux/kprobes.h
+++ b/include/linux/kprobes.h
@@ -267,6 +267,7 @@ extern int arch_init_kprobes(void);
 extern void show_registers(struct pt_regs *regs);
 extern void kprobes_inc_nmissed_count(struct kprobe *p);
 extern bool arch_within_kprobe_blacklist(unsigned long addr);
+extern void add_kprobe_blacklist(struct kprobe_blackpoint *bp);
 
 struct kprobe_insn_cache {
 	struct mutex mutex;
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 0a206ec..895cc8a 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -1325,19 +1325,10 @@ out:
 	return ret;
 }
 
-bool __weak arch_within_kprobe_blacklist(unsigned long addr)
-{
-	/* The __kprobes marked functions and entry code must not be probed */
-	return (addr >= (unsigned long)__kprobes_text_start &&
-		addr < (unsigned long)__kprobes_text_end);
-}
-
 static bool within_kprobe_blacklist(unsigned long addr)
 {
 	struct kprobe_blackpoint *bp;
 
-	if (arch_within_kprobe_blacklist(addr))
-		return true;
 	/*
 	 * If there exists a kprobe_blacklist, verify and
 	 * fail any probe registration in the prohibited area
@@ -2098,6 +2089,19 @@ static void shrink_kprobe_blacklist(struct kprobe_blackpoint **start,
 	mutex_unlock(&kprobe_blacklist_mutex);
 }
 
+static void __add_kprobe_blacklist(struct kprobe_blackpoint *bp)
+{
+	INIT_LIST_HEAD(&bp->list);
+	list_add_tail(&bp->list, &kprobe_blacklist);
+}
+
+void add_kprobe_blacklist(struct kprobe_blackpoint *bp)
+{
+	mutex_lock(&kprobe_blacklist_mutex);
+	__add_kprobe_blacklist(bp);
+	mutex_unlock(&kprobe_blacklist_mutex);
+}
+
 /*
  * Lookup and populate the kprobe_blacklist.
  *
@@ -2123,8 +2127,7 @@ static void populate_kprobe_blacklist(struct kprobe_blackpoint **start,
 			continue;
 
 		bp->range = size;
-		INIT_LIST_HEAD(&bp->list);
-		list_add_tail(&bp->list, &kprobe_blacklist);
+		__add_kprobe_blacklist(bp);
 	}
 	mutex_unlock(&kprobe_blacklist_mutex);
 }
@@ -2134,6 +2137,7 @@ extern struct kprobe_blackpoint *__stop_kprobe_blacklist[];
 
 static int __init init_kprobes(void)
 {
+	struct kprobe_blackpoint *bp;
 	int i, err = 0;
 
 	/* FIXME allocate the probe table, currently defined statically */
@@ -2147,6 +2151,20 @@ static int __init init_kprobes(void)
 	populate_kprobe_blacklist(__start_kprobe_blacklist,
 				  __stop_kprobe_blacklist);
 
+	if (__kprobes_text_start != __kprobes_text_end) {
+		/* The __kprobes marked functions must not be probed */
+		bp = kmalloc(sizeof(*bp), GFP_KERNEL);
+		if (!bp) {
+			pr_err("Kprobes: Failed to allocate memory\n");
+			return -ENOMEM;
+		}
+		bp->name = ".kprobes.text";
+		bp->start_addr = (unsigned long)__kprobes_text_start;
+		bp->range = (unsigned long)__kprobes_text_end -
+			    (unsigned long)__kprobes_text_start;
+		add_kprobe_blacklist(bp);
+	}
+
 	if (kretprobe_blacklist_size) {
 		/* lookup the function address from its name */
 		for (i = 0; kretprobe_blacklist[i].name != NULL; i++) {


_______________________________________________
Virtualization mailing list
Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
[Index of Archives]     [KVM Development]     [Libvirt Development]     [Libvirt Users]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux