Re: [PATCH -tip] [BUGFIX] kprobes/x86: Do not jump-optimize kprobes on irq entry code

Mon, 24 Jul 2017 17:16:53 -0700 

On Mon, 24 Jul 2017 14:28:36 +0000 (UTC)
Mathieu Desnoyers <mathieu.desnoy...@efficios.com> wrote:

> ----- On Jul 24, 2017, at 9:50 AM, Masami Hiramatsu mhira...@kernel.org wrote:
> 
> > Since the kernel segment registers are not prepared at the
> > entry of irq-entry code, if a kprobe on such code is
> > jump-optimized, accessing per-cpu variables may cause
> > kernel panic.
> > However, if the kprobe is not optimized, it kicks int3
> > exception and set segment registers correctly.
> > 
> > This checks probe-address and if it is in irq-entry code,
> > it prohibits optimizing such kprobes. This means we can
> > continuously probing such interrupt handlers by kprobes
> > but it is not optimized anymore.
> > 
> > Signed-off-by: Masami Hiramatsu <mhira...@kernel.org>
> > Reported-by: Francis Deslauriers <francis.deslauri...@efficios.com>
> > Tested-by: Francis Deslauriers <francis.deslauri...@efficios.com>
> > ---
> > arch/x86/entry/entry_64.S      |    2 +-
> > arch/x86/include/asm/unwind.h  |    1 +
> > arch/x86/kernel/kprobes/opt.c  |    4 ++--
> > arch/x86/kernel/unwind_frame.c |    4 ++--
> > 4 files changed, 6 insertions(+), 5 deletions(-)
> > 
> > diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
> > index aa58155..9652c34 100644
> > --- a/arch/x86/entry/entry_64.S
> > +++ b/arch/x86/entry/entry_64.S
> > @@ -766,7 +766,7 @@ apicinterrupt3 \num trace(\sym) smp_trace(\sym)
> > #endif
> > 
> > /* Make sure APIC interrupt handlers end up in the irqentry section: */
> > -#if defined(CONFIG_FUNCTION_GRAPH_TRACER) || defined(CONFIG_KASAN)
> > +#if defined(CONFIG_FUNCTION_GRAPH_TRACER) || defined(CONFIG_KASAN) ||
> > defined(CONFIG_KPROBES)
> > # define PUSH_SECTION_IRQENTRY      .pushsection .irqentry.text, "ax"
> > # define POP_SECTION_IRQENTRY       .popsection
> > #else
> > diff --git a/arch/x86/include/asm/unwind.h b/arch/x86/include/asm/unwind.h
> > index e667649..a9896fb9 100644
> > --- a/arch/x86/include/asm/unwind.h
> > +++ b/arch/x86/include/asm/unwind.h
> > @@ -28,6 +28,7 @@ void __unwind_start(struct unwind_state *state, struct
> > task_struct *task,
> > bool unwind_next_frame(struct unwind_state *state);
> > 
> > unsigned long unwind_get_return_address(struct unwind_state *state);
> > +bool in_entry_code(unsigned long ip);
> > 
> > static inline bool unwind_done(struct unwind_state *state)
> > {
> > diff --git a/arch/x86/kernel/kprobes/opt.c b/arch/x86/kernel/kprobes/opt.c
> > index 69ea0bc..a51c144 100644
> > --- a/arch/x86/kernel/kprobes/opt.c
> > +++ b/arch/x86/kernel/kprobes/opt.c
> > @@ -39,6 +39,7 @@
> > #include <asm/insn.h>
> > #include <asm/debugreg.h>
> > #include <asm/set_memory.h>
> > +#include <asm/unwind.h>
> > 
> > #include "common.h"
> > 
> > @@ -253,8 +254,7 @@ static int can_optimize(unsigned long paddr)
> >      * Do not optimize in the entry code due to the unstable
> >      * stack handling.
> >      */
> > -   if ((paddr >= (unsigned long)__entry_text_start) &&
> > -       (paddr <  (unsigned long)__entry_text_end))
> > +   if (in_entry_code(paddr))
> >             return 0;
> > 
> >     /* Check there is enough space for a relative jump. */
> > diff --git a/arch/x86/kernel/unwind_frame.c b/arch/x86/kernel/unwind_frame.c
> > index b9389d7..95123ce 100644
> > --- a/arch/x86/kernel/unwind_frame.c
> > +++ b/arch/x86/kernel/unwind_frame.c
> > @@ -84,14 +84,14 @@ static size_t regs_size(struct pt_regs *regs)
> >     return sizeof(*regs);
> > }
> > 
> > -static bool in_entry_code(unsigned long ip)
> > +bool in_entry_code(unsigned long ip)
> > {
> >     char *addr = (char *)ip;
> > 
> >     if (addr >= __entry_text_start && addr < __entry_text_end)
> >             return true;
> > 
> > -#if defined(CONFIG_FUNCTION_GRAPH_TRACER) || defined(CONFIG_KASAN)
> > +#if defined(CONFIG_FUNCTION_GRAPH_TRACER) || defined(CONFIG_KASAN) ||
> > defined(CONFIG_KPROBES)
> 
> Hi Masami,
> 
> With this patch applied on top of v4.12.3, I can generate a configuration
> with CONFIG_KPROBES=y and CONFIG_FRAME_POINTER=n, which leads to:
> 
> arch/x86/built-in.o: In function `can_optimize':
> /home/efficios/git/linux/arch/x86/kernel/kprobes/opt.c:250: undefined 
> reference to `in_entry_code'
> 
> (see attached .config)

Oops, right.

> arch/x86/kernel/unwind_frame.c is only compiled when CONFIG_FRAME_POINTER
> is enabled, but CONFIG_KPROBES does not depend on it.
> 
> Is unwind_frame.c really where in_entry_code() should be implemented, now
> that its symbol becomes exposed to other compile units ?

At least kprobes needs it. (as far 
It seems we can move it in arch/x86/entry/common.c or 
somewhere in header. (arm has arch/arm/include/asm/traps.h for
that purpose)

Thanks,

> 
> Thanks,
> 
> Mathieu
> 
> 
> >     if (addr >= __irqentry_text_start && addr < __irqentry_text_end)
> >             return true;
> >  #endif
> 
> -- 
> Mathieu Desnoyers
> EfficiOS Inc.
> http://www.efficios.com


-- 
Masami Hiramatsu <mhira...@kernel.org>

Reply via email to