[PATCH 3.2 070/104] kprobes/x86: Blacklist indirect thunk functions for kprobes

Sun, 11 Mar 2018 20:50:20 -0700 

3.2.101-rc1 review patch.  If anyone has any objections, please let me know.

------------------

From: Masami Hiramatsu <mhira...@kernel.org>

commit c1804a236894ecc942da7dc6c5abe209e56cba93 upstream.

Mark __x86_indirect_thunk_* functions as blacklist for kprobes
because those functions can be called from anywhere in the kernel
including blacklist functions of kprobes.

Signed-off-by: Masami Hiramatsu <mhira...@kernel.org>
Signed-off-by: Thomas Gleixner <t...@linutronix.de>
Acked-by: David Woodhouse <d...@amazon.co.uk>
Cc: Andi Kleen <a...@linux.intel.com>
Cc: Peter Zijlstra <pet...@infradead.org>
Cc: Ananth N Mavinakayanahalli <ana...@linux.vnet.ibm.com>
Cc: Arjan van de Ven <ar...@linux.intel.com>
Cc: Greg Kroah-Hartman <gre...@linux-foundation.org>
Link: 
https://lkml.kernel.org/r/151629209111.10241.5444852823378068683.stgit@devbox
[bwh: Backported to 3.2: We don't have _ASM_NOKPROBE etc., so add indirect
 thunks to the built-in blacklist]
Signed-off-by: Ben Hutchings <b...@decadent.org.uk>
---
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -53,6 +53,9 @@
 #include <asm/cacheflush.h>
 #include <asm/errno.h>
 #include <asm/uaccess.h>
+#ifdef CONFIG_RETPOLINE
+#include <asm/nospec-branch.h>
+#endif
 
 #define KPROBE_HASH_BITS 6
 #define KPROBE_TABLE_SIZE (1 << KPROBE_HASH_BITS)
@@ -99,6 +102,11 @@ static struct kprobe_blackpoint kprobe_b
        {"irq_entries_start",},
        {"common_interrupt",},
        {"mcount",},    /* mcount can be called from everywhere */
+#ifdef CONFIG_RETPOLINE
+       {"__indirect_thunk_start",
+        /* Linker scripts can't set symbol sizes */
+        .range = (size_t)__indirect_thunk_size},
+#endif
        {NULL}    /* Terminator */
 };
 
@@ -1986,7 +1994,7 @@ static int __init init_kprobes(void)
                                &size, &offset, &modname, namebuf);
                if (!symbol_name)
                        kb->range = 0;
-               else
+               else if (size)
                        kb->range = size;
        }
 
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -173,6 +173,7 @@ enum spectre_v2_mitigation {
 
 extern char __indirect_thunk_start[];
 extern char __indirect_thunk_end[];
+extern char __indirect_thunk_size[];
 
 /*
  * On VMEXIT we must ensure that no RSB predictions learned in the guest
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -112,6 +112,7 @@ SECTIONS
                __indirect_thunk_start = .;
                *(.text.__x86.indirect_thunk)
                __indirect_thunk_end = .;
+               __indirect_thunk_size = __indirect_thunk_end - 
__indirect_thunk_start;
 #endif
 
                /* End of text section */

Reply via email to