arm64: Blacklist non-kprobe-able symbol

Pratyush Anand · ctmarinas · commit 44b53f67c99d · 2016-07-19T15:03:20.000+01:00
Add all function symbols which are called from do_debug_exception under
NOKPROBE_SYMBOL, as they can not kprobed.

Signed-off-by: Pratyush Anand &lt;panand@redhat.com&gt;
Acked-by: Masami Hiramatsu &lt;mhiramat@kernel.org&gt;
Signed-off-by: Catalin Marinas &lt;catalin.marinas@arm.com&gt;
diff --git a/arch/arm64/kernel/arm64ksyms.c b/arch/arm64/kernel/arm64ksyms.c
@@ -27,6 +27,7 @@
 #include <linux/uaccess.h>
 #include <linux/io.h>
 #include <linux/arm-smccc.h>
+#include <linux/kprobes.h>
 
 #include <asm/checksum.h>
 
@@ -68,6 +69,7 @@ EXPORT_SYMBOL(test_and_change_bit);
 
 #ifdef CONFIG_FUNCTION_TRACER
 EXPORT_SYMBOL(_mcount);
+NOKPROBE_SYMBOL(_mcount);
 #endif
 
 	/* arm-smccc */
diff --git a/arch/arm64/kernel/debug-monitors.c b/arch/arm64/kernel/debug-monitors.c
@@ -49,13 +49,15 @@ static void mdscr_write(u32 mdscr)
 	asm volatile("msr mdscr_el1, %0" :: "r" (mdscr));
 	local_dbg_restore(flags);
 }
+NOKPROBE_SYMBOL(mdscr_write);
 
 static u32 mdscr_read(void)
 {
 	u32 mdscr;
 	asm volatile("mrs %0, mdscr_el1" : "=r" (mdscr));
 	return mdscr;
 }
+NOKPROBE_SYMBOL(mdscr_read);
 
 /*
  * Allow root to disable self-hosted debug from userspace.
@@ -104,6 +106,7 @@ void enable_debug_monitors(enum dbg_active_el el)
 		mdscr_write(mdscr);
 	}
 }
+NOKPROBE_SYMBOL(enable_debug_monitors);
 
 void disable_debug_monitors(enum dbg_active_el el)
 {
@@ -124,6 +127,7 @@ void disable_debug_monitors(enum dbg_active_el el)
 		mdscr_write(mdscr);
 	}
 }
+NOKPROBE_SYMBOL(disable_debug_monitors);
 
 /*
  * OS lock clearing.
@@ -174,6 +178,7 @@ static void set_regs_spsr_ss(struct pt_regs *regs)
 	spsr |= DBG_SPSR_SS;
 	regs->pstate = spsr;
 }
+NOKPROBE_SYMBOL(set_regs_spsr_ss);
 
 static void clear_regs_spsr_ss(struct pt_regs *regs)
 {
@@ -183,6 +188,7 @@ static void clear_regs_spsr_ss(struct pt_regs *regs)
 	spsr &= ~DBG_SPSR_SS;
 	regs->pstate = spsr;
 }
+NOKPROBE_SYMBOL(clear_regs_spsr_ss);
 
 /* EL1 Single Step Handler hooks */
 static LIST_HEAD(step_hook);
@@ -226,6 +232,7 @@ static int call_step_hook(struct pt_regs *regs, unsigned int esr)
 
 	return retval;
 }
+NOKPROBE_SYMBOL(call_step_hook);
 
 static void send_user_sigtrap(int si_code)
 {
@@ -284,6 +291,7 @@ static int single_step_handler(unsigned long addr, unsigned int esr,
 
 	return 0;
 }
+NOKPROBE_SYMBOL(single_step_handler);
 
 /*
  * Breakpoint handler is re-entrant as another breakpoint can
@@ -321,6 +329,7 @@ static int call_break_hook(struct pt_regs *regs, unsigned int esr)
 
 	return fn ? fn(regs, esr) : DBG_HOOK_ERROR;
 }
+NOKPROBE_SYMBOL(call_break_hook);
 
 static int brk_handler(unsigned long addr, unsigned int esr,
 		       struct pt_regs *regs)
@@ -341,6 +350,7 @@ static int brk_handler(unsigned long addr, unsigned int esr,
 
 	return 0;
 }
+NOKPROBE_SYMBOL(brk_handler);
 
 int aarch32_break_handler(struct pt_regs *regs)
 {
@@ -377,6 +387,7 @@ int aarch32_break_handler(struct pt_regs *regs)
 	send_user_sigtrap(TRAP_BRKPT);
 	return 0;
 }
+NOKPROBE_SYMBOL(aarch32_break_handler);
 
 static int __init debug_traps_init(void)
 {
@@ -398,6 +409,7 @@ void user_rewind_single_step(struct task_struct *task)
 	if (test_ti_thread_flag(task_thread_info(task), TIF_SINGLESTEP))
 		set_regs_spsr_ss(task_pt_regs(task));
 }
+NOKPROBE_SYMBOL(user_rewind_single_step);
 
 void user_fastforward_single_step(struct task_struct *task)
 {
@@ -413,28 +425,33 @@ void kernel_enable_single_step(struct pt_regs *regs)
 	mdscr_write(mdscr_read() | DBG_MDSCR_SS);
 	enable_debug_monitors(DBG_ACTIVE_EL1);
 }
+NOKPROBE_SYMBOL(kernel_enable_single_step);
 
 void kernel_disable_single_step(void)
 {
 	WARN_ON(!irqs_disabled());
 	mdscr_write(mdscr_read() & ~DBG_MDSCR_SS);
 	disable_debug_monitors(DBG_ACTIVE_EL1);
 }
+NOKPROBE_SYMBOL(kernel_disable_single_step);
 
 int kernel_active_single_step(void)
 {
 	WARN_ON(!irqs_disabled());
 	return mdscr_read() & DBG_MDSCR_SS;
 }
+NOKPROBE_SYMBOL(kernel_active_single_step);
 
 /* ptrace API */
 void user_enable_single_step(struct task_struct *task)
 {
 	set_ti_thread_flag(task_thread_info(task), TIF_SINGLESTEP);
 	set_regs_spsr_ss(task_pt_regs(task));
 }
+NOKPROBE_SYMBOL(user_enable_single_step);
 
 void user_disable_single_step(struct task_struct *task)
 {
 	clear_ti_thread_flag(task_thread_info(task), TIF_SINGLESTEP);
 }
+NOKPROBE_SYMBOL(user_disable_single_step);
diff --git a/arch/arm64/kernel/hw_breakpoint.c b/arch/arm64/kernel/hw_breakpoint.c
@@ -24,6 +24,7 @@
 #include <linux/cpu_pm.h>
 #include <linux/errno.h>
 #include <linux/hw_breakpoint.h>
+#include <linux/kprobes.h>
 #include <linux/perf_event.h>
 #include <linux/ptrace.h>
 #include <linux/smp.h>
@@ -127,6 +128,7 @@ static u64 read_wb_reg(int reg, int n)
 
 	return val;
 }
+NOKPROBE_SYMBOL(read_wb_reg);
 
 static void write_wb_reg(int reg, int n, u64 val)
 {
@@ -140,6 +142,7 @@ static void write_wb_reg(int reg, int n, u64 val)
 	}
 	isb();
 }
+NOKPROBE_SYMBOL(write_wb_reg);
 
 /*
  * Convert a breakpoint privilege level to the corresponding exception
@@ -157,6 +160,7 @@ static enum dbg_active_el debug_exception_level(int privilege)
 		return -EINVAL;
 	}
 }
+NOKPROBE_SYMBOL(debug_exception_level);
 
 enum hw_breakpoint_ops {
 	HW_BREAKPOINT_INSTALL,
@@ -575,6 +579,7 @@ static void toggle_bp_registers(int reg, enum dbg_active_el el, int enable)
 		write_wb_reg(reg, i, ctrl);
 	}
 }
+NOKPROBE_SYMBOL(toggle_bp_registers);
 
 /*
  * Debug exception handlers.
@@ -654,6 +659,7 @@ static int breakpoint_handler(unsigned long unused, unsigned int esr,
 
 	return 0;
 }
+NOKPROBE_SYMBOL(breakpoint_handler);
 
 static int watchpoint_handler(unsigned long addr, unsigned int esr,
 			      struct pt_regs *regs)
@@ -756,6 +762,7 @@ static int watchpoint_handler(unsigned long addr, unsigned int esr,
 
 	return 0;
 }
+NOKPROBE_SYMBOL(watchpoint_handler);
 
 /*
  * Handle single-step exception.
@@ -813,6 +820,7 @@ int reinstall_suspended_bps(struct pt_regs *regs)
 
 	return !handled_exception;
 }
+NOKPROBE_SYMBOL(reinstall_suspended_bps);
 
 /*
  * Context-switcher for restoring suspended breakpoints.
diff --git a/arch/arm64/kernel/kgdb.c b/arch/arm64/kernel/kgdb.c
@@ -22,6 +22,7 @@
 #include <linux/irq.h>
 #include <linux/kdebug.h>
 #include <linux/kgdb.h>
+#include <linux/kprobes.h>
 #include <asm/traps.h>
 
 struct dbg_reg_def_t dbg_reg_def[DBG_MAX_REG_NUM] = {
@@ -230,6 +231,7 @@ static int kgdb_brk_fn(struct pt_regs *regs, unsigned int esr)
 	kgdb_handle_exception(1, SIGTRAP, 0, regs);
 	return 0;
 }
+NOKPROBE_SYMBOL(kgdb_brk_fn)
 
 static int kgdb_compiled_brk_fn(struct pt_regs *regs, unsigned int esr)
 {
@@ -238,12 +240,14 @@ static int kgdb_compiled_brk_fn(struct pt_regs *regs, unsigned int esr)
 
 	return 0;
 }
+NOKPROBE_SYMBOL(kgdb_compiled_brk_fn);
 
 static int kgdb_step_brk_fn(struct pt_regs *regs, unsigned int esr)
 {
 	kgdb_handle_exception(1, SIGTRAP, 0, regs);
 	return 0;
 }
+NOKPROBE_SYMBOL(kgdb_step_brk_fn);
 
 static struct break_hook kgdb_brkpt_hook = {
 	.esr_mask	= 0xffffffff,

Original file line number	Diff line number	Diff line change
`@@ -49,13 +49,15 @@ static void mdscr_write(u32 mdscr)`
`49`	`49`	`asm volatile("msr mdscr_el1, %0" :: "r" (mdscr));`
`50`	`50`	`local_dbg_restore(flags);`
`51`	`51`	`}`
	`52`	`+NOKPROBE_SYMBOL(mdscr_write);`
`52`	`53`
`53`	`54`	`static u32 mdscr_read(void)`
`54`	`55`	`{`
`55`	`56`	`u32 mdscr;`
`56`	`57`	`asm volatile("mrs %0, mdscr_el1" : "=r" (mdscr));`
`57`	`58`	`return mdscr;`
`58`	`59`	`}`
	`60`	`+NOKPROBE_SYMBOL(mdscr_read);`
`59`	`61`
`60`	`62`	`/*`
`61`	`63`	`* Allow root to disable self-hosted debug from userspace.`
`@@ -104,6 +106,7 @@ void enable_debug_monitors(enum dbg_active_el el)`
`104`	`106`	`mdscr_write(mdscr);`
`105`	`107`	`}`
`106`	`108`	`}`
	`109`	`+NOKPROBE_SYMBOL(enable_debug_monitors);`
`107`	`110`
`108`	`111`	`void disable_debug_monitors(enum dbg_active_el el)`
`109`	`112`	`{`
`@@ -124,6 +127,7 @@ void disable_debug_monitors(enum dbg_active_el el)`
`124`	`127`	`mdscr_write(mdscr);`
`125`	`128`	`}`
`126`	`129`	`}`
	`130`	`+NOKPROBE_SYMBOL(disable_debug_monitors);`
`127`	`131`
`128`	`132`	`/*`
`129`	`133`	`* OS lock clearing.`
`@@ -174,6 +178,7 @@ static void set_regs_spsr_ss(struct pt_regs *regs)`
`174`	`178`	`spsr \|= DBG_SPSR_SS;`
`175`	`179`	`regs->pstate = spsr;`
`176`	`180`	`}`
	`181`	`+NOKPROBE_SYMBOL(set_regs_spsr_ss);`
`177`	`182`
`178`	`183`	`static void clear_regs_spsr_ss(struct pt_regs *regs)`
`179`	`184`	`{`
`@@ -183,6 +188,7 @@ static void clear_regs_spsr_ss(struct pt_regs *regs)`
`183`	`188`	`spsr &= ~DBG_SPSR_SS;`
`184`	`189`	`regs->pstate = spsr;`
`185`	`190`	`}`
	`191`	`+NOKPROBE_SYMBOL(clear_regs_spsr_ss);`
`186`	`192`
`187`	`193`	`/* EL1 Single Step Handler hooks */`
`188`	`194`	`static LIST_HEAD(step_hook);`
`@@ -226,6 +232,7 @@ static int call_step_hook(struct pt_regs *regs, unsigned int esr)`
`226`	`232`
`227`	`233`	`return retval;`
`228`	`234`	`}`
	`235`	`+NOKPROBE_SYMBOL(call_step_hook);`
`229`	`236`
`230`	`237`	`static void send_user_sigtrap(int si_code)`
`231`	`238`	`{`
`@@ -284,6 +291,7 @@ static int single_step_handler(unsigned long addr, unsigned int esr,`
`284`	`291`
`285`	`292`	`return 0;`
`286`	`293`	`}`
	`294`	`+NOKPROBE_SYMBOL(single_step_handler);`
`287`	`295`
`288`	`296`	`/*`
`289`	`297`	`* Breakpoint handler is re-entrant as another breakpoint can`
`@@ -321,6 +329,7 @@ static int call_break_hook(struct pt_regs *regs, unsigned int esr)`
`321`	`329`
`322`	`330`	`return fn ? fn(regs, esr) : DBG_HOOK_ERROR;`
`323`	`331`	`}`
	`332`	`+NOKPROBE_SYMBOL(call_break_hook);`
`324`	`333`
`325`	`334`	`static int brk_handler(unsigned long addr, unsigned int esr,`
`326`	`335`	`struct pt_regs *regs)`
`@@ -341,6 +350,7 @@ static int brk_handler(unsigned long addr, unsigned int esr,`
`341`	`350`
`342`	`351`	`return 0;`
`343`	`352`	`}`
	`353`	`+NOKPROBE_SYMBOL(brk_handler);`
`344`	`354`
`345`	`355`	`int aarch32_break_handler(struct pt_regs *regs)`
`346`	`356`	`{`
`@@ -377,6 +387,7 @@ int aarch32_break_handler(struct pt_regs *regs)`
`377`	`387`	`send_user_sigtrap(TRAP_BRKPT);`
`378`	`388`	`return 0;`
`379`	`389`	`}`
	`390`	`+NOKPROBE_SYMBOL(aarch32_break_handler);`
`380`	`391`
`381`	`392`	`static int __init debug_traps_init(void)`
`382`	`393`	`{`
`@@ -398,6 +409,7 @@ void user_rewind_single_step(struct task_struct *task)`
`398`	`409`	`if (test_ti_thread_flag(task_thread_info(task), TIF_SINGLESTEP))`
`399`	`410`	`set_regs_spsr_ss(task_pt_regs(task));`
`400`	`411`	`}`
	`412`	`+NOKPROBE_SYMBOL(user_rewind_single_step);`
`401`	`413`
`402`	`414`	`void user_fastforward_single_step(struct task_struct *task)`
`403`	`415`	`{`
`@@ -413,28 +425,33 @@ void kernel_enable_single_step(struct pt_regs *regs)`
`413`	`425`	`mdscr_write(mdscr_read() \| DBG_MDSCR_SS);`
`414`	`426`	`enable_debug_monitors(DBG_ACTIVE_EL1);`
`415`	`427`	`}`
	`428`	`+NOKPROBE_SYMBOL(kernel_enable_single_step);`
`416`	`429`
`417`	`430`	`void kernel_disable_single_step(void)`
`418`	`431`	`{`
`419`	`432`	`WARN_ON(!irqs_disabled());`
`420`	`433`	`mdscr_write(mdscr_read() & ~DBG_MDSCR_SS);`
`421`	`434`	`disable_debug_monitors(DBG_ACTIVE_EL1);`
`422`	`435`	`}`
	`436`	`+NOKPROBE_SYMBOL(kernel_disable_single_step);`
`423`	`437`
`424`	`438`	`int kernel_active_single_step(void)`
`425`	`439`	`{`
`426`	`440`	`WARN_ON(!irqs_disabled());`
`427`	`441`	`return mdscr_read() & DBG_MDSCR_SS;`
`428`	`442`	`}`
	`443`	`+NOKPROBE_SYMBOL(kernel_active_single_step);`
`429`	`444`
`430`	`445`	`/* ptrace API */`
`431`	`446`	`void user_enable_single_step(struct task_struct *task)`
`432`	`447`	`{`
`433`	`448`	`set_ti_thread_flag(task_thread_info(task), TIF_SINGLESTEP);`
`434`	`449`	`set_regs_spsr_ss(task_pt_regs(task));`
`435`	`450`	`}`
	`451`	`+NOKPROBE_SYMBOL(user_enable_single_step);`
`436`	`452`
`437`	`453`	`void user_disable_single_step(struct task_struct *task)`
`438`	`454`	`{`
`439`	`455`	`clear_ti_thread_flag(task_thread_info(task), TIF_SINGLESTEP);`
`440`	`456`	`}`
	`457`	`+NOKPROBE_SYMBOL(user_disable_single_step);`
Original file line number	Diff line number	Diff line change
`@@ -24,6 +24,7 @@`
`24`	`24`	`#include <linux/cpu_pm.h>`
`25`	`25`	`#include <linux/errno.h>`
`26`	`26`	`#include <linux/hw_breakpoint.h>`
	`27`	`+#include <linux/kprobes.h>`
`27`	`28`	`#include <linux/perf_event.h>`
`28`	`29`	`#include <linux/ptrace.h>`
`29`	`30`	`#include <linux/smp.h>`
`@@ -127,6 +128,7 @@ static u64 read_wb_reg(int reg, int n)`
`127`	`128`
`128`	`129`	`return val;`
`129`	`130`	`}`
	`131`	`+NOKPROBE_SYMBOL(read_wb_reg);`
`130`	`132`
`131`	`133`	`static void write_wb_reg(int reg, int n, u64 val)`
`132`	`134`	`{`
`@@ -140,6 +142,7 @@ static void write_wb_reg(int reg, int n, u64 val)`
`140`	`142`	`}`
`141`	`143`	`isb();`
`142`	`144`	`}`
	`145`	`+NOKPROBE_SYMBOL(write_wb_reg);`
`143`	`146`
`144`	`147`	`/*`
`145`	`148`	`* Convert a breakpoint privilege level to the corresponding exception`
`@@ -157,6 +160,7 @@ static enum dbg_active_el debug_exception_level(int privilege)`
`157`	`160`	`return -EINVAL;`
`158`	`161`	`}`
`159`	`162`	`}`
	`163`	`+NOKPROBE_SYMBOL(debug_exception_level);`
`160`	`164`
`161`	`165`	`enum hw_breakpoint_ops {`
`162`	`166`	`HW_BREAKPOINT_INSTALL,`
`@@ -575,6 +579,7 @@ static void toggle_bp_registers(int reg, enum dbg_active_el el, int enable)`
`575`	`579`	`write_wb_reg(reg, i, ctrl);`
`576`	`580`	`}`
`577`	`581`	`}`
	`582`	`+NOKPROBE_SYMBOL(toggle_bp_registers);`
`578`	`583`
`579`	`584`	`/*`
`580`	`585`	`* Debug exception handlers.`
`@@ -654,6 +659,7 @@ static int breakpoint_handler(unsigned long unused, unsigned int esr,`
`654`	`659`
`655`	`660`	`return 0;`
`656`	`661`	`}`
	`662`	`+NOKPROBE_SYMBOL(breakpoint_handler);`
`657`	`663`
`658`	`664`	`static int watchpoint_handler(unsigned long addr, unsigned int esr,`
`659`	`665`	`struct pt_regs *regs)`
`@@ -756,6 +762,7 @@ static int watchpoint_handler(unsigned long addr, unsigned int esr,`
`756`	`762`
`757`	`763`	`return 0;`
`758`	`764`	`}`
	`765`	`+NOKPROBE_SYMBOL(watchpoint_handler);`
`759`	`766`
`760`	`767`	`/*`
`761`	`768`	`* Handle single-step exception.`
`@@ -813,6 +820,7 @@ int reinstall_suspended_bps(struct pt_regs *regs)`
`813`	`820`
`814`	`821`	`return !handled_exception;`
`815`	`822`	`}`
	`823`	`+NOKPROBE_SYMBOL(reinstall_suspended_bps);`
`816`	`824`
`817`	`825`	`/*`
`818`	`826`	`* Context-switcher for restoring suspended breakpoints.`
Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@`
`22`	`22`	`#include <linux/irq.h>`
`23`	`23`	`#include <linux/kdebug.h>`
`24`	`24`	`#include <linux/kgdb.h>`
	`25`	`+#include <linux/kprobes.h>`
`25`	`26`	`#include <asm/traps.h>`
`26`	`27`
`27`	`28`	`struct dbg_reg_def_t dbg_reg_def[DBG_MAX_REG_NUM] = {`
`@@ -230,6 +231,7 @@ static int kgdb_brk_fn(struct pt_regs *regs, unsigned int esr)`
`230`	`231`	`kgdb_handle_exception(1, SIGTRAP, 0, regs);`
`231`	`232`	`return 0;`
`232`	`233`	`}`
	`234`	`+NOKPROBE_SYMBOL(kgdb_brk_fn)`
`233`	`235`
`234`	`236`	`static int kgdb_compiled_brk_fn(struct pt_regs *regs, unsigned int esr)`
`235`	`237`	`{`
`@@ -238,12 +240,14 @@ static int kgdb_compiled_brk_fn(struct pt_regs *regs, unsigned int esr)`
`238`	`240`
`239`	`241`	`return 0;`
`240`	`242`	`}`
	`243`	`+NOKPROBE_SYMBOL(kgdb_compiled_brk_fn);`
`241`	`244`
`242`	`245`	`static int kgdb_step_brk_fn(struct pt_regs *regs, unsigned int esr)`
`243`	`246`	`{`
`244`	`247`	`kgdb_handle_exception(1, SIGTRAP, 0, regs);`
`245`	`248`	`return 0;`
`246`	`249`	`}`
	`250`	`+NOKPROBE_SYMBOL(kgdb_step_brk_fn);`
`247`	`251`
`248`	`252`	`static struct break_hook kgdb_brkpt_hook = {`
`249`	`253`	`.esr_mask = 0xffffffff,`