From patchwork Fri Jun 5 13:21:26 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Thompson X-Patchwork-Id: 187506 Delivered-To: patches@linaro.org Received: by 2002:a92:cf06:0:0:0:0:0 with SMTP id c6csp2377923ilo; Fri, 5 Jun 2020 06:22:22 -0700 (PDT) X-Received: by 2002:a1c:46c3:: with SMTP id t186mr2615382wma.36.1591363342351; Fri, 05 Jun 2020 06:22:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591363342; cv=none; d=google.com; s=arc-20160816; b=Ol9m/qNJb4hLZvnALcdRe+2RaixSNES1rIjAUmWJlxG7wTVNHzqm+0bYvycwP3lUDB DaXB5U20WS3pP9dBMfKusGqqwomAY5ttGoWK0s8Yfm1Jhv6EYfS2Q+QwXvh61hw/QZFJ 38jFOFt2VFaKOahNwq4zntHvgaf4uHSvJCNpcXKiKdkrJLwMPQHJ46KS2AY+FDeaGs8s F9hrd2TtE0ROu8vJCIYVMEWBc1qFJz/7nNlBYK5bCc0wxYd4QuZ/wCxGpP9yBvHe6ZU0 BRPYBrbNHVFHJQtEbnBPFzBiJ02uw3YwBQXAjXtOGgZb+9j6dbnbajkkxcby5Ha9p8EO hXMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:dkim-signature; bh=AyRjljUpDkkPT0X2xA5gUgYnRQ59vhQhn5X65KNC7rQ=; b=bA2+v6INe/wZAv7bQzUwXhUxlXqBaBiuEnVSMSxMjbE3mjL7Gx9qr3uoRsTi7uLh+F +sIZtzqZjurE6Y/+5kkxYmQXIw3FCVoQDLEEwtbq/z6YIQUxnl2l6hAjGa+9ZnoMljSJ dTV+aLzppqCNqIWGZeXCzs2eVHYM+gkSs7pkT3DVSzrmFnQvc5ogA60aOwZEo7L1S2Hi zkKd192OyCOjFrlyalqEBhytbG5bZRvg19XMOxwgNIKJxN752e3cR0mYdDEM0U9frmbP zrydcaIAj3BYVWRiOTnTuPANEkslSa9wwQgdEZWoqimGvcEO6qY1j8BBakmb2NjN/19u FCgA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=tWAHvL8W; spf=pass (google.com: domain of daniel.thompson@linaro.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=daniel.thompson@linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id f125sor5404695wma.10.2020.06.05.06.22.22 for (Google Transport Security); Fri, 05 Jun 2020 06:22:22 -0700 (PDT) Received-SPF: pass (google.com: domain of daniel.thompson@linaro.org designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=tWAHvL8W; spf=pass (google.com: domain of daniel.thompson@linaro.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=daniel.thompson@linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=AyRjljUpDkkPT0X2xA5gUgYnRQ59vhQhn5X65KNC7rQ=; b=tWAHvL8W04kR4YL2QU/YKUyrSEk9ARg1cFFClA1ukhQB1s6XrqnCnldv3bY66c6cmT fa/LlGyHGZ8bH1ZalJoWS83dLtPEj8gr73UYnWhRarT38YUMwymJeXKXsaXKrBJIYtDL 2uixWuTe3XwlcDlztHuPlREun36iBUB284UEqkKAHiIKf/jylPAMA2W/VlC3d4lFk5bN NAcnJgstabA6TYJ5cvzp2Ix63m1A6/HRPXohHzICl39NxJah2FUqP6lGcTRoY4xfZ7UF kgzbf9f01FqsMV7mZCGkbYbjriWUm3LsJ6xspuLj0RNSagObE700+fa2wtc2gnfDMmDD lCZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=AyRjljUpDkkPT0X2xA5gUgYnRQ59vhQhn5X65KNC7rQ=; b=rb4ZJwmibUuKPagYn1OjTLMthifQIobE5ibBRUQlsxdahgu92hZnYF+YzsN+PPxQuQ R/ODK6IiZpXEGH7WfiWAWA/Wk0w4d757vgJtKawCZQ5aqXxTBUcI/GL4m0Ty4Jvg8o5F YlGnF4J/6rm23KI4r+hL5TEUJztt/yMzy56yyIdjKDQ5GFvRxKvKNVe91EaMgx/7iQqs +Oxrzpc37+G2OCay0tGnSiKXbeIOiadEJFCjHW9RM2Z9g3GgbHszjEX/hlncnl4+aN6x 7/6XSVQLPFUCd+TjeiJ5D5J7Y9UEw+O0iejKM+MqzOHpwLA5KGM0PIJDfQJhwlImSdA8 miLA== X-Gm-Message-State: AOAM531njGp5Fezua8woED3uFBfNFWOfsV7FYK9dh+1St4Axsg6mVZRi EZyYqnfxq5QQ92vHp5Hsu7uXwW6I X-Google-Smtp-Source: ABdhPJyD2N+8/KLPeltMYhSgqYV0q1j45k/hgbvLUvQmsugDxdxYuMfU7CHginJ5acv3Vmlk6qFVzw== X-Received: by 2002:a1c:7917:: with SMTP id l23mr2905652wme.117.1591363341962; Fri, 05 Jun 2020 06:22:21 -0700 (PDT) Return-Path: Received: from wychelm.lan (cpc141214-aztw34-2-0-cust773.18-1.cable.virginm.net. [86.9.19.6]) by smtp.gmail.com with ESMTPSA id 1sm11419211wmz.13.2020.06.05.06.22.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Jun 2020 06:22:21 -0700 (PDT) From: Daniel Thompson To: Jason Wessel , Douglas Anderson Cc: Daniel Thompson , Peter Zijlstra , sumit.garg@linaro.org, pmladek@suse.com, sergey.senozhatsky@gmail.com, will@kernel.org, kgdb-bugreport@lists.sourceforge.net, linux-kernel@vger.kernel.org, patches@linaro.org Subject: [RFC PATCH 0/4] kgdb: Honour the kprobe blacklist when setting breakpoints Date: Fri, 5 Jun 2020 14:21:26 +0100 Message-Id: <20200605132130.1411255-1-daniel.thompson@linaro.org> X-Mailer: git-send-email 2.25.4 MIME-Version: 1.0 kgdb has traditionally adopted a no safety rails approach to breakpoint placement. If the debugger is commanded to place a breakpoint at an address then it will do so even if that breakpoint results in kgdb becoming inoperable. A stop-the-world debugger with memory peek/poke does intrinsically provide its operator with the means to hose their system in all manner of exciting ways (not least because stopping-the-world is already a DoS attack ;-) ) but the current no safety rail approach is not easy to defend, especially given kprobes provides us with plenty of machinery to mark parts of the kernel where breakpointing is discouraged. This patchset introduces some safety rails by using the existing kprobes infrastructure. It does not cover all locations where breakpoints can cause trouble but it will definitely block off several avenues, including the architecture specific parts that are handled by arch_within_kprobe_blacklist(). This patch is an RFC because: 1. My workstation is still chugging through the compile testing. 2. Patch 4 needs more runtime testing. 3. The code to extract the kprobe blacklist code (patch 4 again) needs more review especially for its impact on arch specific code. To be clear I do plan to do the detailed review of the kprobe blacklist stuff but would like to check the direction of travel first since the change is already surprisingly big and maybe there's a better way to organise things. Daniel. Daniel Thompson (4): kgdb: Honour the kprobe blacklist when setting breakpoints kgdb: Use the kprobe blacklist to limit single stepping kgdb: Add NOKPROBE labels on the trap handler functions kprobes: Allow the kprobes blacklist to be compiled independently arch/Kconfig | 6 +- arch/arm/probes/kprobes/Makefile | 1 + arch/arm/probes/kprobes/blacklist.c | 37 ++++ arch/arm/probes/kprobes/core.c | 10 - arch/powerpc/kernel/Makefile | 1 + arch/powerpc/kernel/kprobes-blacklist.c | 34 ++++ arch/powerpc/kernel/kprobes.c | 8 - include/asm-generic/kprobes.h | 2 +- include/asm-generic/vmlinux.lds.h | 2 +- include/linux/kgdb.h | 1 + include/linux/kprobes.h | 29 ++- kernel/Makefile | 1 + kernel/debug/debug_core.c | 31 +++ kernel/debug/gdbstub.c | 10 +- kernel/debug/kdb/kdb_bp.c | 17 +- kernel/debug/kdb/kdb_main.c | 10 +- kernel/kprobes.c | 204 +------------------ kernel/kprobes_blacklist.c | 260 ++++++++++++++++++++++++ lib/Kconfig.kgdb | 1 + 19 files changed, 427 insertions(+), 238 deletions(-) create mode 100644 arch/arm/probes/kprobes/blacklist.c create mode 100644 arch/powerpc/kernel/kprobes-blacklist.c create mode 100644 kernel/kprobes_blacklist.c -- 2.25.4