[page fault tracepoint 2/2] x86:Instruments page fault trace event
Signed-off-by: Francis Deslauriers
Reviewed-by: Raphaël Beamonte
---
arch/x86/mm/fault.c | 11 +++
mm/memory.c |5 +
2 files changed, 16 insertions(+)
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index 654be4a..e227828 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -20,6 +20,9 @@
#include /* kmemcheck_*(), ... */
#include /* VSYSCALL_START
*/
+#define CREATE_TRACE_POINTS
+#include /* trace_page_fault_*(), ...
*/
+
/*
* Page fault error code bits:
*
@@ -756,12 +759,18 @@ __bad_area_nosemaphore(struct pt_regs *regs, unsigned
long error_code,
if (likely(show_unhandled_signals))
show_signal_msg(regs, error_code, address, tsk);
+ trace_page_fault_entry(regs, address, error_code & PF_WRITE);
tsk->thread.cr2 = address;
tsk->thread.error_code = error_code;
tsk->thread.trap_nr = X86_TRAP_PF;
force_sig_info_fault(SIGSEGV, si_code, address, tsk, 0);
+ /*
+* Using -1 here, since there is no VM_FAULT flag to identify
+* user accesses triggering SIGSEGV.
+*/
+ trace_page_fault_exit(-1);
return;
}
@@ -1185,7 +1194,9 @@ good_area:
* make sure we exit gracefully rather than endlessly redo
* the fault:
*/
+ trace_page_fault_entry(regs, address, write);
fault = handle_mm_fault(mm, vma, address, flags);
+ trace_page_fault_exit(fault);
if (unlikely(fault & (VM_FAULT_RETRY|VM_FAULT_ERROR))) {
if (mm_fault_error(regs, error_code, address, fault))
diff --git a/mm/memory.c b/mm/memory.c
index 6dc1882..0bd86f8 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -67,6 +67,8 @@
#include
#include
+#include
+
#include "internal.h"
#ifdef LAST_NID_NOT_IN_PAGE_FLAGS
@@ -1829,8 +1831,11 @@ long __get_user_pages(struct task_struct *tsk, struct
mm_struct *mm,
if (foll_flags & FOLL_NOWAIT)
fault_flags |= (FAULT_FLAG_ALLOW_RETRY
| FAULT_FLAG_RETRY_NOWAIT);
+ trace_page_fault_entry(0, start,
+ foll_flags & FOLL_WRITE);
ret = handle_mm_fault(mm, vma, start,
fault_flags);
+ trace_page_fault_exit(ret);
if (ret & VM_FAULT_ERROR) {
if (ret & VM_FAULT_OOM)
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Tracing Summit 2019 - Videos
Hi all, The videos of the Tracing Summit 2019 talks are now available on Youtube [1]. [1]: https://www.youtube.com/playlist?list=PLuo4E47p5_7ZeRpUZEUyF2kWyA6KzTTkI. See you all next year! -- Francis Deslauriers Computer Engineer EfficiOS inc.
[CFP] Call For Presentations reminder and registration for Tracing Summit 2018 on Oct 25th in Edinburgh, UK
Hi all, This is a friendly reminder that the deadline for submitting talk proposals for Tracing Summit 2018[1] is coming up soon (Sept 1st). Submit you talk today using submiss...@tracingsummit.org and don't forget to include the following: - Talk title, - Talk abstract (900 characters maximum), - Description of the targeted audience (900 characters maximum), - Short biography (900 characters maximum). The Tracing Summit 2018 will be held in Edinburgh, UK on October 25th, 2018, at the Edinburgh International Conference Centre, co-located with the Open Source Summit & Embedded Linux Conference 2018. You can register right now either through the Open Source Summit Europe registration page[2] by adding the free Tracing Summit addon or by registering specifically for the Tracing Summit using this registration form[3]. Thank you, On behalf of the Diagnostic and Monitoring Workgroup, Francis Deslauriers [1] https://tracingsummit.org/wiki/TracingSummit2018 [2] https://www.regonline.com/OSSEU2018 [3] https://regonline.com/tracingsummit18
Re: [PATCH 2/2] kprobe: fix: Add ftrace_ops_assist_func to kprobe blacklist
Hi Steven,
I tested it and it prevents the kernel crash I am witnessing.
As for the side-effect that Masami mentioned regarding not being able to probe
function inside the trace_kprobe.c file, I suggest we move the target
function in
its own separate compile unit so it can be compiled with the ftrace cflags.
See patch below.
Thanks
Francis
>From d5a3645bd0046f28275d6b60207958f2751c1f47 Mon Sep 17 00:00:00 2001
From: Francis Deslauriers
Date: Wed, 11 Jul 2018 12:34:22 -0400
Subject: [PATCH] selftest/ftrace: Move kprobe selftest function to separate
compile unit
Move selftest function to its own compile unit so it can be compiled
with the ftrace cflags (CC_FLAGS_FTRACE) allowing it to be probed
during the ftrace startup tests.
Signed-off-by: Francis Deslauriers
---
kernel/trace/Makefile| 5 +
kernel/trace/trace_kprobe.c | 12 +---
kernel/trace/trace_kprobe_selftest.c | 10 ++
kernel/trace/trace_kprobe_selftest.h | 7 +++
4 files changed, 23 insertions(+), 11 deletions(-)
create mode 100644 kernel/trace/trace_kprobe_selftest.c
create mode 100644 kernel/trace/trace_kprobe_selftest.h
diff --git a/kernel/trace/Makefile b/kernel/trace/Makefile
index e2538c7..e38771e 100644
--- a/kernel/trace/Makefile
+++ b/kernel/trace/Makefile
@@ -13,6 +13,11 @@ obj-y += trace_selftest_dynamic.o
endif
endif
+ifdef CONFIG_FTRACE_STARTUP_TEST
+CFLAGS_trace_kprobe_selftest.o = $(CC_FLAGS_FTRACE)
+obj-$(CONFIG_KPROBE_EVENTS) += trace_kprobe_selftest.o
+endif
+
# If unlikely tracing is enabled, do not trace these files
ifdef CONFIG_TRACING_BRANCHES
KBUILD_CFLAGS += -DDISABLE_BRANCH_PROFILING
diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
index 952dc2a..3fe966f 100644
--- a/kernel/trace/trace_kprobe.c
+++ b/kernel/trace/trace_kprobe.c
@@ -24,6 +24,7 @@
#include
#include "trace_probe.h"
+#include "trace_kprobe_selftest.h"
#define KPROBE_EVENT_SYSTEM "kprobes"
#define KRETPROBE_MAXACTIVE_MAX 4096
@@ -1560,17 +1561,6 @@ fs_initcall(init_kprobe_trace);
#ifdef CONFIG_FTRACE_STARTUP_TEST
-/*
- * The "__used" keeps gcc from removing the function symbol
- * from the kallsyms table. 'noinline' makes sure that there
- * isn't an inlined version used by the test method below
- */
-static __used __init noinline int
-kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int a5, int a6)
-{
- return a1 + a2 + a3 + a4 + a5 + a6;
-}
-
static __init struct trace_event_file *
find_trace_probe_file(struct trace_kprobe *tk, struct trace_array *tr)
{
diff --git a/kernel/trace/trace_kprobe_selftest.c
b/kernel/trace/trace_kprobe_selftest.c
new file mode 100644
index 000..a3d2090
--- /dev/null
+++ b/kernel/trace/trace_kprobe_selftest.c
@@ -0,0 +1,10 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Function used during the kprobe self test. This function is in a seperate
+ * compile unit so it can be compile with CC_FLAGS_FTRACE to ensure that it
+ * can be probed by the selftests.
+ */
+int kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int
a5, int a6)
+{
+ return a1 + a2 + a3 + a4 + a5 + a6;
+}
diff --git a/kernel/trace/trace_kprobe_selftest.h
b/kernel/trace/trace_kprobe_selftest.h
new file mode 100644
index 000..9243d4e
--- /dev/null
+++ b/kernel/trace/trace_kprobe_selftest.h
@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Function used during the kprobe self test. This function is in a seperate
+ * compile unit so it can be compile with CC_FLAGS_FTRACE to ensure that it
+ * can be probed by the selftests.
+ */
+int kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int
a5, int a6);
--
2.7.4
Le mar. 3 juill. 2018, à 18 h 31, Steven Rostedt a écrit :
>
> Mathieu and Francis,
>
> Looking back, this thread never got further. Would Masami's patch work
> for you?
>
> -- Steve
>
>
> On Sat, 17 Mar 2018 10:22:11 +0900
> Masami Hiramatsu wrote:
>
> > On Sat, 17 Mar 2018 09:13:34 +0900
> > Masami Hiramatsu wrote:
> >
> > > On Fri, 16 Mar 2018 13:53:01 -0400 (EDT)
> > > Mathieu Desnoyers wrote:
> > >
> > > > - On Mar 16, 2018, at 12:48 PM, rostedt rost...@goodmis.org wrote:
> > > >
> > > > > On Fri, 16 Mar 2018 12:41:34 -0400
> > > > > Steven Rostedt wrote:
> > > > >
> > > > >> Yes, kprobes are dangerous. I'm not saying it shouldn't be fixed, I'm
> > > > >> saying that I don't have time to fix it now, but would be happy to
> > > > >> accept patches if someone else does so.
> > > > >
> > > > > And looking at what I replied before for the original patch. It would
> > > > > probably be a good idea to blacklist directories. Like we do with
> > > > > function tra
Re: [PATCH 2/2] kprobe: fix: Add ftrace_ops_assist_func to kprobe blacklist
Le mer. 11 juill. 2018, à 15 h 56, Steven Rostedt
a écrit :
>
> On Wed, 11 Jul 2018 15:34:30 -0400
> Francis Deslauriers wrote:
>
> > Hi Steven,
> > I tested it and it prevents the kernel crash I am witnessing.
> > As for the side-effect that Masami mentioned regarding not being able to
> > probe
> > function inside the trace_kprobe.c file, I suggest we move the target
> > function in
> > its own separate compile unit so it can be compiled with the ftrace cflags.
> > See patch below.
> >
>
> The patch below looks fine and so does Masami's. But there's too many
> patches within emails (not separated out). I have no idea what to
> apply. I'm not going to apply anything that is not sent as a proper
> patch (ie. any patch within a separate thread, like the patch below).
>
I will put together a proper patch set with both commits.
Masami, you mentioned: "So anyway we still need to mark those functions
NOKPROBE_SYMBOL." in a reply. What functions were you talking about?
ftrace_ops_assist_func? Aren't those functions covered by your
within_notrace_func check?
Thank you,
Francis
> -- Steve
>
>
> > Thanks
> > Francis
> >
> > >From d5a3645bd0046f28275d6b60207958f2751c1f47 Mon Sep 17 00:00:00 2001
> > From: Francis Deslauriers
> > Date: Wed, 11 Jul 2018 12:34:22 -0400
> > Subject: [PATCH] selftest/ftrace: Move kprobe selftest function to separate
> > compile unit
> >
> > Move selftest function to its own compile unit so it can be compiled
> > with the ftrace cflags (CC_FLAGS_FTRACE) allowing it to be probed
> > during the ftrace startup tests.
> >
> > Signed-off-by: Francis Deslauriers
> > ---
> > kernel/trace/Makefile| 5 +
> > kernel/trace/trace_kprobe.c | 12 +---
> > kernel/trace/trace_kprobe_selftest.c | 10 ++
> > kernel/trace/trace_kprobe_selftest.h | 7 +++
> > 4 files changed, 23 insertions(+), 11 deletions(-)
> > create mode 100644 kernel/trace/trace_kprobe_selftest.c
> > create mode 100644 kernel/trace/trace_kprobe_selftest.h
> >
> > diff --git a/kernel/trace/Makefile b/kernel/trace/Makefile
> > index e2538c7..e38771e 100644
> > --- a/kernel/trace/Makefile
> > +++ b/kernel/trace/Makefile
> > @@ -13,6 +13,11 @@ obj-y += trace_selftest_dynamic.o
> > endif
> > endif
> >
> > +ifdef CONFIG_FTRACE_STARTUP_TEST
> > +CFLAGS_trace_kprobe_selftest.o = $(CC_FLAGS_FTRACE)
> > +obj-$(CONFIG_KPROBE_EVENTS) += trace_kprobe_selftest.o
> > +endif
> > +
> > # If unlikely tracing is enabled, do not trace these files
> > ifdef CONFIG_TRACING_BRANCHES
> > KBUILD_CFLAGS += -DDISABLE_BRANCH_PROFILING
> > diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
> > index 952dc2a..3fe966f 100644
> > --- a/kernel/trace/trace_kprobe.c
> > +++ b/kernel/trace/trace_kprobe.c
> > @@ -24,6 +24,7 @@
> > #include
> >
> > #include "trace_probe.h"
> > +#include "trace_kprobe_selftest.h"
> >
> > #define KPROBE_EVENT_SYSTEM "kprobes"
> > #define KRETPROBE_MAXACTIVE_MAX 4096
> > @@ -1560,17 +1561,6 @@ fs_initcall(init_kprobe_trace);
> >
> >
> > #ifdef CONFIG_FTRACE_STARTUP_TEST
> > -/*
> > - * The "__used" keeps gcc from removing the function symbol
> > - * from the kallsyms table. 'noinline' makes sure that there
> > - * isn't an inlined version used by the test method below
> > - */
> > -static __used __init noinline int
> > -kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int a5, int
> > a6)
> > -{
> > - return a1 + a2 + a3 + a4 + a5 + a6;
> > -}
> > -
> > static __init struct trace_event_file *
> > find_trace_probe_file(struct trace_kprobe *tk, struct trace_array *tr)
> > {
> > diff --git a/kernel/trace/trace_kprobe_selftest.c
> > b/kernel/trace/trace_kprobe_selftest.c
> > new file mode 100644
> > index 000..a3d2090
> > --- /dev/null
> > +++ b/kernel/trace/trace_kprobe_selftest.c
> > @@ -0,0 +1,10 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Function used during the kprobe self test. This function is in a
> > seperate
> > + * compile unit so it can be compile with CC_FLAGS_FTRACE to ensure that it
> > + * can be probed by the selftests.
> > + */
> > +int kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int
> > a5, int a6)
> > +{
> > + return a1 + a2 + a3 + a4 + a5 + a6;
> > +}
> > diff --git a/kernel/trace/trace_kprobe_selftest.h
> > b/kernel/trace/trace_kprobe_selftest.h
> > new file mode 100644
> > index 000..9243d4e
> > --- /dev/null
> > +++ b/kernel/trace/trace_kprobe_selftest.h
> > @@ -0,0 +1,7 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Function used during the kprobe self test. This function is in a
> > seperate
> > + * compile unit so it can be compile with CC_FLAGS_FTRACE to ensure that it
> > + * can be probed by the selftests.
> > + */
> > +int kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int
> > a5, int a6);
>
--
Francis Deslauriers
Software developer
EfficiOS inc.
Re: [PATCH v5 0/3] tracing: kprobes: Prohibit probing on notrace functions
Hi Masami, I just tested the patch-set and it still prevents the crash I was witnessing. You can add my tested-by. Tested-by: Francis Deslauriers Thank you for pushing this forward! Francis Le lun. 30 juill. 2018, à 06 h 20, Masami Hiramatsu a écrit : > > Hi, > > This is the 5th version of the series to prohibit kprobe > on notrace functions. > > This fixes a build error when CONFIG_FUNCTION_TRACER=y but > DYNAMIC_FTRACE=n. Finally I decided to recover the approach > in the 1st version, made it depends on CONFIG_KPROBES_ON_FTRACE=y. > It is the simplest and enough to prohibiting kernel crash. > > So, in summary, if CONFIG_KPROBES_ON_FTRACE=y (which depends > on CONFIG_DYNAMIC_FTRACE=y, so ftrace_location_range must be > there) && CONFIG_KPROBE_EVENTS_ON_NOTRACE=n (default), > kprobe events can not be defined on notrace function. > Otherwides (means CONFIG_KPROBES_ON_FTRACE=n or > CONFIG_KPROBE_EVENTS_ON_NOTRACE=y), we can put kprobe events > on notrace functions. > > Francis, I dropped your tested-by because I got many kbuild > errors and fixed it. If you can, could you test it again? > > Thank you, > > --- > > Francis Deslauriers (1): > selftest/ftrace: Move kprobe selftest function to separate compile unit > > Masami Hiramatsu (2): > tracing: kprobes: Prohibit probing on notrace function > selftests/ftrace: Fix kprobe string testcase to not probe notrace > function > > > kernel/trace/Kconfig | 20 +++ > kernel/trace/Makefile |5 ++ > kernel/trace/trace_kprobe.c| 59 > +--- > kernel/trace/trace_kprobe_selftest.c | 10 +++ > kernel/trace/trace_kprobe_selftest.h |7 ++ > .../ftrace/test.d/kprobe/kprobe_args_string.tc | 30 -- > .../selftests/ftrace/test.d/kprobe/probepoint.tc |2 - > 7 files changed, 94 insertions(+), 39 deletions(-) > create mode 100644 kernel/trace/trace_kprobe_selftest.c > create mode 100644 kernel/trace/trace_kprobe_selftest.h > > -- > Masami Hiramatsu (Linaro) -- Francis Deslauriers Software developer EfficiOS inc.
Tracing Summit 2018 Schedule Released
Hi all, We're happy to announce the schedule for the Tracing Summit 2018 is now available. We're going to have an amazing conference with diverse topics such as trace analysis, hardware tracing, and distributed systems tracing. Check out the schedule and talk abstracts on the Tracing Summit wiki. [1] Tracing Summit 2018 will be held in Edinburgh, UK on October 25th, 2018, Don't forget to register for the summit, it's free! [2] See you in October! [1]: https://tracingsummit.org/wiki/TracingSummit2018#Schedule [2]: https://tracingsummit.org/wiki/TracingSummit2018#Registration -- Francis Deslauriers Software developer EfficiOS inc.
[PATCH 0/2] tracing: kprobes: Prohibit probing on notrace functions
Kprobe code has a mecanism protecting against triggering kprobe during the handling of an event. If a kprobe is placed between the kprobe handling entry point and the activation of this protection, the user can cause an infinite kprobe recursion leading to a kernel crash. To avoid this, prevent kprobes from being placed in notrace functions. Also, move the kprobe selftest target function in its own compile unit so it's not marked as notrace and can thus be used in the ftrace startup tests. Francis Deslauriers (1): selftest/ftrace: Move kprobe selftest function to separate compile unit Masami Hiramatsu (1): tracing: kprobes: Prohibit probing on notrace functions kernel/trace/Makefile| 5 + kernel/trace/trace_kprobe.c | 35 --- kernel/trace/trace_kprobe_selftest.c | 10 ++ kernel/trace/trace_kprobe_selftest.h | 7 +++ 4 files changed, 46 insertions(+), 11 deletions(-) create mode 100644 kernel/trace/trace_kprobe_selftest.c create mode 100644 kernel/trace/trace_kprobe_selftest.h -- 2.7.4
[PATCH 2/2] selftest/ftrace: Move kprobe selftest function to separate compile unit
Move selftest function to its own compile unit so it can be compiled
with the ftrace cflags (CC_FLAGS_FTRACE) allowing it to be probed
during the ftrace startup tests.
Signed-off-by: Francis Deslauriers
Acked-by: Masami Hiramatsu
---
kernel/trace/Makefile| 5 +
kernel/trace/trace_kprobe.c | 12 +---
kernel/trace/trace_kprobe_selftest.c | 10 ++
kernel/trace/trace_kprobe_selftest.h | 7 +++
4 files changed, 23 insertions(+), 11 deletions(-)
create mode 100644 kernel/trace/trace_kprobe_selftest.c
create mode 100644 kernel/trace/trace_kprobe_selftest.h
diff --git a/kernel/trace/Makefile b/kernel/trace/Makefile
index e2538c7..e38771e 100644
--- a/kernel/trace/Makefile
+++ b/kernel/trace/Makefile
@@ -13,6 +13,11 @@ obj-y += trace_selftest_dynamic.o
endif
endif
+ifdef CONFIG_FTRACE_STARTUP_TEST
+CFLAGS_trace_kprobe_selftest.o = $(CC_FLAGS_FTRACE)
+obj-$(CONFIG_KPROBE_EVENTS) += trace_kprobe_selftest.o
+endif
+
# If unlikely tracing is enabled, do not trace these files
ifdef CONFIG_TRACING_BRANCHES
KBUILD_CFLAGS += -DDISABLE_BRANCH_PROFILING
diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
index 952dc2a..d12be53 100644
--- a/kernel/trace/trace_kprobe.c
+++ b/kernel/trace/trace_kprobe.c
@@ -23,6 +23,7 @@
#include
#include
+#include "trace_kprobe_selftest.h"
#include "trace_probe.h"
#define KPROBE_EVENT_SYSTEM "kprobes"
@@ -1560,17 +1561,6 @@ fs_initcall(init_kprobe_trace);
#ifdef CONFIG_FTRACE_STARTUP_TEST
-/*
- * The "__used" keeps gcc from removing the function symbol
- * from the kallsyms table. 'noinline' makes sure that there
- * isn't an inlined version used by the test method below
- */
-static __used __init noinline int
-kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int a5, int a6)
-{
- return a1 + a2 + a3 + a4 + a5 + a6;
-}
-
static __init struct trace_event_file *
find_trace_probe_file(struct trace_kprobe *tk, struct trace_array *tr)
{
diff --git a/kernel/trace/trace_kprobe_selftest.c
b/kernel/trace/trace_kprobe_selftest.c
new file mode 100644
index 000..16548ee
--- /dev/null
+++ b/kernel/trace/trace_kprobe_selftest.c
@@ -0,0 +1,10 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Function used during the kprobe self test. This function is in a separate
+ * compile unit so it can be compile with CC_FLAGS_FTRACE to ensure that it
+ * can be probed by the selftests.
+ */
+int kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int a5, int
a6)
+{
+ return a1 + a2 + a3 + a4 + a5 + a6;
+}
diff --git a/kernel/trace/trace_kprobe_selftest.h
b/kernel/trace/trace_kprobe_selftest.h
new file mode 100644
index 000..4e10ec4
--- /dev/null
+++ b/kernel/trace/trace_kprobe_selftest.h
@@ -0,0 +1,7 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Function used during the kprobe self test. This function is in a separate
+ * compile unit so it can be compile with CC_FLAGS_FTRACE to ensure that it
+ * can be probed by the selftests.
+ */
+int kprobe_trace_selftest_target(int a1, int a2, int a3, int a4, int a5, int
a6);
--
2.7.4
[PATCH 1/2] tracing: kprobes: Prohibit probing on notrace functions
From: Masami Hiramatsu
Prohibit kprobe-events probing on notrace function.
Since probing on the notrace function can cause recursive
event call. In most case those are just skipped, but
in some case it falls into infinite recursive call.
Signed-off-by: Masami Hiramatsu
Tested-by: Francis Deslauriers
---
kernel/trace/trace_kprobe.c | 23 +++
1 file changed, 23 insertions(+)
diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
index daa8157..952dc2a 100644
--- a/kernel/trace/trace_kprobe.c
+++ b/kernel/trace/trace_kprobe.c
@@ -487,6 +487,23 @@ disable_trace_kprobe(struct trace_kprobe *tk, struct
trace_event_file *file)
return ret;
}
+#ifdef CONFIG_KPROBES_ON_FTRACE
+static bool within_notrace_func(struct trace_kprobe *tk)
+{
+ unsigned long offset, size, addr;
+
+ addr = kallsyms_lookup_name(trace_kprobe_symbol(tk));
+ addr += trace_kprobe_offset(tk);
+
+ if (!kallsyms_lookup_size_offset(addr, &size, &offset))
+ return true;/* Out of range. */
+
+ return !ftrace_location_range(addr - offset, addr - offset + size);
+}
+#else
+#define within_notrace_func(tk)(false)
+#endif
+
/* Internal register function - just handle k*probes and flags */
static int __register_trace_kprobe(struct trace_kprobe *tk)
{
@@ -495,6 +512,12 @@ static int __register_trace_kprobe(struct trace_kprobe *tk)
if (trace_probe_is_registered(&tk->tp))
return -EINVAL;
+ if (within_notrace_func(tk)) {
+ pr_warn("Could not probe notrace function %s\n",
+ trace_kprobe_symbol(tk));
+ return -EINVAL;
+ }
+
for (i = 0; i < tk->tp.nr_args; i++)
traceprobe_update_arg(&tk->tp.args[i]);
--
2.7.4
Re: Kernel BUG_ON in stable 4.8
This patch fixes our issue on v4.8.10. Thank you! 2016-11-22 14:22 GMT-05:00 Eric Dumazet : > On Tue, Nov 22, 2016 at 9:57 AM, Eric Dumazet wrote: >> On Tue, Nov 22, 2016 at 9:44 AM, Mathieu Desnoyers >> wrote: >>> - On Nov 22, 2016, at 12:01 PM, Francis Deslauriers >>> francis.deslauri...@efficios.com wrote: >>> >>>> Hi Mathieu, >>>> >>>> Here is a description of the kernel BUG_ON I have encountered. This bug was >>>> triggered by our continuous integration system tracking the stable >>>> branches. I >>>> was only able to reproduce it on our Lava baremetal x86_64 worker. Running >>>> the >>>> same kernel image on our KVM worker did not trigger the bug. >>>> >>>> The bug occurs at boot time and I believe it's during the configuration of >>>> one >>>> of the network cards. >>>> >>>> See attached the .config used. >>>> See attached the dmesg output of the crash containing the kernel panic >>>> output(around line 885 of dmesg.txt) >>> >>> Hi guys, >>> >>> Upstream commit 34fad54c2 "net: __skb_flow_dissect() must cap its return >>> value" >>> triggers this BUG_ON at boot up on our testing machines. We have observed >>> the >>> BUG_ON on v4.9-rc6, as well as stable kernels v4.8.10 and v4.4.34. >>> >>> Relevant bits: >>> >>> [ 16.841793] kernel BUG at ./include/linux/skbuff.h:1927! >>> [ 16.847101] invalid opcode: [#1] SMP >>> [ 16.851101] Modules linked in: >>> [ 16.854172] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.8.10 #1 >>> [ 16.860081] Hardware name: Supermicro SYS-6018R-TDW/X10DDW-i, BIOS 1.0a >>> 01/14/2015 >>> [ 16.867637] task: 8220d500 task.stack: 8220 >>> [ 16.873550] RIP: 0010:[] [] >>> eth_type_trans+0xc9/0x110 >>> [ 16.881826] RSP: :88103fc03df0 EFLAGS: 00010297 >>> [ 16.887130] RAX: 0148 RBX: 881037b2b5c0 RCX: >>> 1073 >>> [ 16.894254] RDX: 88103221fdc0 RSI: 881038358000 RDI: >>> 881037c5bb00 >>> [ 16.901377] RBP: 88103fc03df8 R08: 0001 R09: >>> 0800 >>> [ 16.908503] R10: 88103221fec0 R11: ea0040de7780 R12: >>> 881037c5bb00 >>> [ 16.915625] R13: 881037458000 R14: 0156 R15: >>> 881038358000 >>> [ 16.922751] FS: () GS:88103fc0() >>> knlGS: >>> [ 16.930829] CS: 0010 DS: ES: CR0: 80050033 >>> [ 16.936565] CR2: 88207000 CR3: 02206000 CR4: >>> 001406f0 >>> [ 16.943689] Stack: >>> [ 16.945702] 815c098f 88103fc03e90 8181c651 >>> 88103fc0dc20 >>> [ 16.953153] 0020 0002 >>> 88103fc03e38 >>> [ 16.960607] ea0040de7780 ea08 0001 >>> ea0040de7780 >>> [ 16.968061] Call Trace: >>> [ 16.970507] >>> [ 16.972432] [] ? >>> swiotlb_sync_single_for_device+0xf/0x20 >>> [ 16.979575] [] igb_poll+0x691/0xe60 >>> [ 16.984714] [] net_rx_action+0x1bb/0x2f0 >>> [ 16.990291] [] __do_softirq+0xf6/0x280 >>> [ 16.995689] [] irq_exit+0xdc/0xf0 >>> [ 17.000648] [] do_IRQ+0x54/0xd0 >>> [ 17.005433] [] common_interrupt+0x8c/0x8c >>> [ 17.011083] >>> [ 17.013014] [] ? mwait_idle+0x76/0x170 >>> [ 17.018596] [] arch_cpu_idle+0xf/0x20 >>> [ 17.023907] [] default_idle_call+0x2a/0x40 >>> [ 17.029648] [] cpu_startup_entry+0x29a/0x300 >>> [ 17.035561] [] rest_init+0x77/0x80 >>> [ 17.040608] [] start_kernel+0x40b/0x418 >>> [ 17.046091] [] ? early_idt_handler_array+0x120/0x120 >>> [ 17.052702] [] x86_64_start_reservations+0x2a/0x2c >>> [ 17.059132] [] x86_64_start_kernel+0x13b/0x14a >>> [ 17.065215] Code: 00 04 00 00 c9 c3 48 33 86 58 03 00 00 48 c1 e0 10 48 >>> 85 c0 0f b6 87 80 00 00 00 75 25 83 e0 f8 83 c8 01 88 87 80 00 00 00 eb 9c >>> <0f> 0b 0f b6 87 80 00 00 00 83 e0 f8 83 c8 03 88 87 80 00 00 00 >>> [ 17.085165] RIP [] eth_type_trans+0xc9/0x110 >>> [ 17.091094] RSP >>> [ 17.094586] ---[ end trace e233c88f3b369632 ]--- >>> [ 17.101432] Kernel panic - not syncing: Fatal exception in interrupt >>> [ 17.107790] Kernel Offset: disabled >>> [ 17.113484] ---[ end Kernel panic - not syncing: Fatal exception in >>> interrupt >>> >>> Do you have clues on what is going on ? >>> >>> Thanks, >>> >>> Mathieu >>> >>> >> >> Under investigation. Look around other threads. Thanks. > > Probable fix is : https://patchwork.ozlabs.org/patch/697891/ -- Francis Deslauriers Software developer EfficiOS inc.
[PATCH 1/1] x86/kprobes: Prohibit probing of .entry_trampoline code
.entry_trampoline is a code area that is used to ensure page table
isolation between userspace and kernelspace.
At the beginning of the execution of the trampoline, we load the
kernel's CR3 register. This has the effect of enabling the translation
of the kernel virtual addresses to physical addresses. Before this
happens most kernel addresses can not be translated because the running
process' CR3 is still used.
If a kprobe is placed on the trampoline code before that change of the
CR3 register happens the kernel crashes because int3 handling pages are
not accessible.
To fix this, add the .entry_trampoline section to the kprobe blacklist
to prohibit the probing of code before all the kernel pages are
accessible.
Signed-off-by: Francis Deslauriers
---
arch/x86/include/asm/sections.h | 1 +
arch/x86/kernel/kprobes/core.c | 10 +-
arch/x86/kernel/vmlinux.lds.S | 2 ++
3 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/sections.h b/arch/x86/include/asm/sections.h
index d6baf23..5c019d2 100644
--- a/arch/x86/include/asm/sections.h
+++ b/arch/x86/include/asm/sections.h
@@ -10,6 +10,7 @@ extern struct exception_table_entry __stop___ex_table[];
#if defined(CONFIG_X86_64)
extern char __end_rodata_hpage_align[];
+extern char __entry_trampoline_start[], __entry_trampoline_end[];
#endif
#endif /* _ASM_X86_SECTIONS_H */
diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c
index bd36f3c..0715f82 100644
--- a/arch/x86/kernel/kprobes/core.c
+++ b/arch/x86/kernel/kprobes/core.c
@@ -1168,10 +1168,18 @@ NOKPROBE_SYMBOL(longjmp_break_handler);
bool arch_within_kprobe_blacklist(unsigned long addr)
{
+ bool is_in_entry_trampoline_section = false;
+
+#ifdef CONFIG_X86_64
+ is_in_entry_trampoline_section =
+ (addr >= (unsigned long)__entry_trampoline_start &&
+addr < (unsigned long)__entry_trampoline_end);
+#endif
return (addr >= (unsigned long)__kprobes_text_start &&
addr < (unsigned long)__kprobes_text_end) ||
(addr >= (unsigned long)__entry_text_start &&
-addr < (unsigned long)__entry_text_end);
+addr < (unsigned long)__entry_text_end) ||
+ is_in_entry_trampoline_section;
}
int __init arch_init_kprobes(void)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 9b138a0..b854ebf 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -118,9 +118,11 @@ SECTIONS
#ifdef CONFIG_X86_64
. = ALIGN(PAGE_SIZE);
+ VMLINUX_SYMBOL(__entry_trampoline_start) = .;
_entry_trampoline = .;
*(.entry_trampoline)
. = ALIGN(PAGE_SIZE);
+ VMLINUX_SYMBOL(__entry_trampoline_end) = .;
ASSERT(. - _entry_trampoline == PAGE_SIZE, "entry trampoline is
too big");
#endif
--
2.7.4
[PATCH 0/1] x86/kprobes: Prohibit probing of .entry_trampoline code
Hi all, While fuzzing the Perf kprobe interface, I found that adding a probe on the 'entry_SYSCALL_64_trampoline' symbol will crash my 4.16-rc4 kernel(661e50bc853209e41a5c14a290ca4decc43cbfd1) on a x86_64 Qemu VM. How to reproduce: echo 'p:event1 entry_SYSCALL_64_trampoline' > ./kprobe_events echo 1 > events/kprobes/enable Crash log:[1] My understanding is that the userspace CR3 register has not yet been replaced by the kernel's CR3, when the kprobe is triggered. This means that the kernel addresses can not be translated, thus making the handling of the kprobe impossible. This can be fixed by blacklisting the .entry_trampoline section. See patch[1/1]. Here is the config I am using[2]. Thanks, Francis Deslauriers EfficiOS inc. 1:http://paste.ubuntu.com/p/djnpZCzQKv/ 2:http://paste.ubuntu.com/p/3jrFYt6XQB/ Francis Deslauriers (1): x86/kprobes: Prohibit probing of .entry_trampoline code arch/x86/include/asm/sections.h | 1 + arch/x86/kernel/kprobes/core.c | 10 +- arch/x86/kernel/vmlinux.lds.S | 2 ++ 3 files changed, 12 insertions(+), 1 deletion(-) -- 2.7.4
Re: [PATCH 2/2] kprobe: fix: Add ftrace_ops_assist_func to kprobe blacklist
Hi Steven, I completely forgot about this issue until recently when I encountered it again. Instrumenting the ftrace_ops_assist_func symbol and some other symbol seems to be causing problems. Placing kretprobes like in the following configuration crashes my kernel (4.16.0-rc5) on a Qemu/KVM virtual machine: config 1: echo "r:event_1 __fdget" >> kprobe_events echo "r:event_2 ftrace_ops_assist_func" >> kprobe_events config 2: echo "r:event_1 __fdget_pos" >> kprobe_events echo "r:event_2 ftrace_ops_assist_func" >> kprobe_events config 3: echo 'r:event_1 arch_dup_task_struct' >> kprobe_events echo 'r:event_2 ftrace_ops_assist_func' >> kprobe_events config 4: echo 'r:event_1 sys_open' >> kprobe_events echo 'r:event_2 ftrace_ops_assist_func' >> kprobe_events Here is my kernel config [1]: In a previous email [2], you mentioned that you would like to add the ftrace-related symbols to a section to un-blacklist them all at once on demand but wanted to discuss it at Linux Plumbers. Do you still think that it's the right approach? I can easily test any patch regarding this issue. [1] http://paste.ubuntu.com/p/BJWvgMnW8z/ [2] https://lkml.org/lkml/2017/7/14/568 Thank you, 2017-07-14 14:29 GMT-04:00 Steven Rostedt : > On Fri, 14 Jul 2017 10:58:35 -0400 > Francis Deslauriers wrote: > >> This function is called when a kprobe is hit. Thus it should be >> blacklisted to prevent kprobe to be triggered by kprobes. >> >> Signed-off-by: Francis Deslauriers >> --- >> kernel/trace/ftrace.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c >> index b308be3..c473d9b 100644 >> --- a/kernel/trace/ftrace.c >> +++ b/kernel/trace/ftrace.c >> @@ -36,6 +36,7 @@ >> >> #include >> >> +#include >> #include >> #include >> >> @@ -5739,6 +5740,7 @@ static void ftrace_ops_assist_func(unsigned long ip, >> unsigned long parent_ip, >> preempt_enable_notrace(); >> trace_clear_recursion(bit); >> } >> +NOKPROBE_SYMBOL(ftrace_ops_assist_func); > > Continuing from what I said in the other email, this is fixing a > symptom and not the problem. The real fix will be much more involved. I > have a good idea on how to accomplish it too. > > -- Steve > > >> >> /** >> * ftrace_ops_get_func - get the function a trampoline should call > -- Francis Deslauriers Software developer EfficiOS inc.
[PATCH 0/2] kprobe: Fix: add symbols to kprobe blacklist
Hi all, While fuzzing the Perf kprobe and kretprobe interfaces, I found some inputs that trigger crashes of a 4.12 kernel(6f7da290413ba713f0cdd9ff1a2a9bb129ef4f6c) on a x86-64 VM. I know that K(ret)probes can crash the kernel in multiple ways but should Perf be allowed to do it? To do this analysis, I used the symbols reported by /proc/kallsyms in conjonction with the Perf debugfs interface. Using this technique, I was able to find two instrumentation configurations that could crash the kernel. I am suggesting changes that fixed both issues for me by blacklisting the symbols in question. Kprobe on apic_timer_interrupt: I believe that this is caused by the fact that kprobe adds a INT3 in a apic interrupt routine. How to reproduce: echo 'p:event1 apic_timer_interrupt ' > kprobe_events Crash log:[1] This can be fixed by blacklisting the apicinterrupt3 symbols directly in the assembly macro. See patch[1/2]. I am not sure that blacklisting all apicinterrupt symbols is the right solution. Kretprobe on ftrace_ops_assist_func and another function: Those crashes are triggered when hooking a kretprobe on the ftrace_ops_assist_func symbol and some other functions to make the this first function reacheable. From my understanding, ftrace_ops_assist_func is the function called directly when the kprobe is hit. Thus it should be marked with NOKPROBE_SYMBOL. Here are some configurations that can easily reproduce this bug. Those other functions are called during the fork of a process so they are easy to control. Enable the following kprobes and launch a process to trigger a fork to see the kernel crash. Conf #1 echo 'r:event1 ftrace_ops_assist_func' > kprobe_events echo 'r:event2 clear_all_latency_tracing' > kprobe_events Crash log:[2] Conf #2 echo 'r:event1 ftrace_ops_assist_func' > kprobe_events echo 'r:event2 acct_clear_integrals' > kprobe_events Crash log:[3] Conf #3 echo 'r:event1 ftrace_ops_assist_func' > kprobe_events echo 'r:event2 arch_dup_task_struct' > kprobe_events Crash log:[4] The ftrace_ops_assist_func should be included in the kprobe blacklist using NOKPROBE_SYMBOL. See patch [2/2]. Since those were found using fuzzing, it's not an exhaustive analysis. Here is the .config I am using[5]. Thanks, Francis Deslauriers EfficiOS inc. [1]: https://pastebin.com/Mpp9Yzqb [2]: https://pastebin.com/CtsfzUwG [3]: https://pastebin.com/txxuJXrz [4]: https://pastebin.com/8qrJvzD3 [5]: https://pastebin.com/x5q0sgyK Francis Deslauriers (2): kprobe: fix: Add _ASM_NOKPROBE to x86 apic interrupt macro kprobe: fix: Add ftrace_ops_assist_func to kprobe blacklist arch/x86/entry/entry_64.S | 1 + kernel/trace/ftrace.c | 2 ++ 2 files changed, 3 insertions(+) -- 2.7.4
[PATCH 1/2] kprobe: fix: Add _ASM_NOKPROBE to x86 apic interrupt macro
Adding a Kprobe on the apic_timer_interrupt symbol can lead to a kernel crash. This symbol is defined by the apicinterrupt3 macro and adding the symbol to the kprobe blacklist in this macro prevents this issue. Signed-off-by: Francis Deslauriers --- arch/x86/entry/entry_64.S | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index 4a4c083..67cf702 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -659,6 +659,7 @@ ENTRY(\sym) interrupt \do_sym jmp ret_from_intr END(\sym) +_ASM_NOKPROBE(\sym) .endm #ifdef CONFIG_TRACING -- 2.7.4
[PATCH 2/2] kprobe: fix: Add ftrace_ops_assist_func to kprobe blacklist
This function is called when a kprobe is hit. Thus it should be blacklisted to prevent kprobe to be triggered by kprobes. Signed-off-by: Francis Deslauriers --- kernel/trace/ftrace.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index b308be3..c473d9b 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -36,6 +36,7 @@ #include +#include #include #include @@ -5739,6 +5740,7 @@ static void ftrace_ops_assist_func(unsigned long ip, unsigned long parent_ip, preempt_enable_notrace(); trace_clear_recursion(bit); } +NOKPROBE_SYMBOL(ftrace_ops_assist_func); /** * ftrace_ops_get_func - get the function a trampoline should call -- 2.7.4
Re: [PATCH 0/2] kprobe: Fix: add symbols to kprobe blacklist
2017-07-16 11:46 GMT-04:00 Masami Hiramatsu :
>
> On Sun, 16 Jul 2017 23:37:44 +0900
> Masami Hiramatsu wrote:
>
> > So, the story what the stack said,
> >
> > - optimized_callback() calls get_kprobe_ctlblk(), and
> > this_cpu_ptr(&kprobe_ctlblk) caused a page fault (in apic_timer_interrupt,
> > does it cause any problem?)
> > - and following call-chain occured
> > async_page_fault -> error_entry -> trace_hardirqs_off_thunk ->
> > trace_hardirqs_off_caller
> > - "mov%gs:0xc400,%rdx" caused async_page_fault() again.
> >
> > Since trace_hardirqs_off_thunk() stores general registers on
> > the stack, there are some noises.
> >
> > [ 114.429637] FS: 021e7880() GS:88001fd4()
> > knlGS:
> >
> > So, the problem seems that cpu can not access to per-cpu pages.
>
> OK, I got the root cause of this issue. Since at the irqentry code,
> segment registers are not prepared for kernel yet (e.g. interrupted
> in user-mode), so we must not optimize it.
> I found we had already checked that by checking __entry_text_start/end,
> but that is not enough, we need irqentry_text check too.
>
> Here I made another patch, please try it.
Hi,
This patch fixes the apic_timer_interrupt crash I was seeing. Thank you!
Tested-by: Francis Deslauriers
>
> -
> kprobes/x86: Do not jump-optimize kprobes on irq entry code
>
> From: Masami Hiramatsu
>
> Since the segment registers are not prepared for kernel
> in the irq-entry code, if a kprobe on such code is
> jump-optimized, accessing per-cpu variables may cause
> kernel panic.
> However, if the kprobe is not optimized, it kicks int3
> exception and set segment registers correctly.
>
> This checks probe-address and if it is in irq-entry code,
> it prohibits optimizing such kprobes. This means we can
> continuously probing such interrupt handlers by kprobes
> but it is not optimized anymore.
>
> Signed-off-by: Masami Hiramatsu
> Reported-by: Francis Deslauriers
> ---
> arch/x86/entry/entry_64.S |2 +-
> arch/x86/include/asm/unwind.h |1 +
> arch/x86/kernel/kprobes/opt.c |4 ++--
> arch/x86/kernel/unwind_frame.c |4 ++--
> 4 files changed, 6 insertions(+), 5 deletions(-)
>
> diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
> index a9a8027..95bca8b 100644
> --- a/arch/x86/entry/entry_64.S
> +++ b/arch/x86/entry/entry_64.S
> @@ -675,7 +675,7 @@ apicinterrupt3 \num trace(\sym) smp_trace(\sym)
> #endif
>
> /* Make sure APIC interrupt handlers end up in the irqentry section: */
> -#if defined(CONFIG_FUNCTION_GRAPH_TRACER) || defined(CONFIG_KASAN)
> +#if defined(CONFIG_FUNCTION_GRAPH_TRACER) || defined(CONFIG_KASAN) ||
> defined(CONFIG_KPROBES)
> # define PUSH_SECTION_IRQENTRY .pushsection .irqentry.text, "ax"
> # define POP_SECTION_IRQENTRY .popsection
> #else
> diff --git a/arch/x86/include/asm/unwind.h b/arch/x86/include/asm/unwind.h
> index e667649..a9896fb9 100644
> --- a/arch/x86/include/asm/unwind.h
> +++ b/arch/x86/include/asm/unwind.h
> @@ -28,6 +28,7 @@ void __unwind_start(struct unwind_state *state, struct
> task_struct *task,
> bool unwind_next_frame(struct unwind_state *state);
>
> unsigned long unwind_get_return_address(struct unwind_state *state);
> +bool in_entry_code(unsigned long ip);
>
> static inline bool unwind_done(struct unwind_state *state)
> {
> diff --git a/arch/x86/kernel/kprobes/opt.c b/arch/x86/kernel/kprobes/opt.c
> index 69ea0bc..a51c144 100644
> --- a/arch/x86/kernel/kprobes/opt.c
> +++ b/arch/x86/kernel/kprobes/opt.c
> @@ -39,6 +39,7 @@
> #include
> #include
> #include
> +#include
>
> #include "common.h"
>
> @@ -253,8 +254,7 @@ static int can_optimize(unsigned long paddr)
> * Do not optimize in the entry code due to the unstable
> * stack handling.
> */
> - if ((paddr >= (unsigned long)__entry_text_start) &&
> - (paddr < (unsigned long)__entry_text_end))
> + if (in_entry_code(paddr))
> return 0;
>
> /* Check there is enough space for a relative jump. */
> diff --git a/arch/x86/kernel/unwind_frame.c b/arch/x86/kernel/unwind_frame.c
> index b9389d7..95123ce 100644
> --- a/arch/x86/kernel/unwind_frame.c
> +++ b/arch/x86/kernel/unwind_frame.c
> @@ -84,14 +84,14 @@ static size_t regs_size(struct pt_regs *regs)
> return sizeof(*regs);
> }
>
> -static bool in_entry_code(unsigned long ip)
> +bool in_entry_code(unsigned long ip)
> {
> char *addr = (char *)ip;
>
> if (addr >= __entry_text_start && addr < __entry_text_end)
> return true;
>
> -#if defined(CONFIG_FUNCTION_GRAPH_TRACER) || defined(CONFIG_KASAN)
> +#if defined(CONFIG_FUNCTION_GRAPH_TRACER) || defined(CONFIG_KASAN) ||
> defined(CONFIG_KPROBES)
> if (addr >= __irqentry_text_start && addr < __irqentry_text_end)
> return true;
> #endif
> --
> Masami Hiramatsu
--
Francis Deslauriers
Software developer
EfficiOS inc.
[tip:x86/pti] x86/kprobes: Fix kernel crash when probing .entry_trampoline code
Commit-ID: c07a8f8b08ba683ea24f3ac9159f37ae94daf47f
Gitweb: https://git.kernel.org/tip/c07a8f8b08ba683ea24f3ac9159f37ae94daf47f
Author: Francis Deslauriers
AuthorDate: Thu, 8 Mar 2018 22:18:12 -0500
Committer: Ingo Molnar
CommitDate: Fri, 9 Mar 2018 09:58:36 +0100
x86/kprobes: Fix kernel crash when probing .entry_trampoline code
Disable the kprobe probing of the entry trampoline:
.entry_trampoline is a code area that is used to ensure page table
isolation between userspace and kernelspace.
At the beginning of the execution of the trampoline, we load the
kernel's CR3 register. This has the effect of enabling the translation
of the kernel virtual addresses to physical addresses. Before this
happens most kernel addresses can not be translated because the running
process' CR3 is still used.
If a kprobe is placed on the trampoline code before that change of the
CR3 register happens the kernel crashes because int3 handling pages are
not accessible.
To fix this, add the .entry_trampoline section to the kprobe blacklist
to prohibit the probing of code before all the kernel pages are
accessible.
Signed-off-by: Francis Deslauriers
Reviewed-by: Thomas Gleixner
Cc: Andy Lutomirski
Cc: Borislav Petkov
Cc: Brian Gerst
Cc: Denys Vlasenko
Cc: H. Peter Anvin
Cc: Josh Poimboeuf
Cc: Linus Torvalds
Cc: Peter Zijlstra
Cc: mathieu.desnoy...@efficios.com
Cc: mhira...@kernel.org
Link:
http://lkml.kernel.org/r/1520565492-4637-2-git-send-email-francis.deslauri...@efficios.com
Signed-off-by: Ingo Molnar
---
arch/x86/include/asm/sections.h | 1 +
arch/x86/kernel/kprobes/core.c | 10 +-
arch/x86/kernel/vmlinux.lds.S | 2 ++
3 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/sections.h b/arch/x86/include/asm/sections.h
index d6baf23782bc..5c019d23d06b 100644
--- a/arch/x86/include/asm/sections.h
+++ b/arch/x86/include/asm/sections.h
@@ -10,6 +10,7 @@ extern struct exception_table_entry __stop___ex_table[];
#if defined(CONFIG_X86_64)
extern char __end_rodata_hpage_align[];
+extern char __entry_trampoline_start[], __entry_trampoline_end[];
#endif
#endif /* _ASM_X86_SECTIONS_H */
diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c
index bd36f3c33cd0..0715f827607c 100644
--- a/arch/x86/kernel/kprobes/core.c
+++ b/arch/x86/kernel/kprobes/core.c
@@ -1168,10 +1168,18 @@ NOKPROBE_SYMBOL(longjmp_break_handler);
bool arch_within_kprobe_blacklist(unsigned long addr)
{
+ bool is_in_entry_trampoline_section = false;
+
+#ifdef CONFIG_X86_64
+ is_in_entry_trampoline_section =
+ (addr >= (unsigned long)__entry_trampoline_start &&
+addr < (unsigned long)__entry_trampoline_end);
+#endif
return (addr >= (unsigned long)__kprobes_text_start &&
addr < (unsigned long)__kprobes_text_end) ||
(addr >= (unsigned long)__entry_text_start &&
-addr < (unsigned long)__entry_text_end);
+addr < (unsigned long)__entry_text_end) ||
+ is_in_entry_trampoline_section;
}
int __init arch_init_kprobes(void)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 9b138a06c1a4..b854ebf5851b 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -118,9 +118,11 @@ SECTIONS
#ifdef CONFIG_X86_64
. = ALIGN(PAGE_SIZE);
+ VMLINUX_SYMBOL(__entry_trampoline_start) = .;
_entry_trampoline = .;
*(.entry_trampoline)
. = ALIGN(PAGE_SIZE);
+ VMLINUX_SYMBOL(__entry_trampoline_end) = .;
ASSERT(. - _entry_trampoline == PAGE_SIZE, "entry trampoline is
too big");
#endif
