Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 376e2424 authored by Masami Hiramatsu's avatar Masami Hiramatsu Committed by Ingo Molnar
Browse files

kprobes: Introduce NOKPROBE_SYMBOL() macro to maintain kprobes blacklist 



Introduce NOKPROBE_SYMBOL() macro which builds a kprobes
blacklist at kernel build time.

The usage of this macro is similar to EXPORT_SYMBOL(),
placed after the function definition:

  NOKPROBE_SYMBOL(function);

Since this macro will inhibit inlining of static/inline
functions, this patch also introduces a nokprobe_inline macro
for static/inline functions. In this case, we must use
NOKPROBE_SYMBOL() for the inline function caller.

When CONFIG_KPROBES=y, the macro stores the given function
address in the "_kprobe_blacklist" section.

Since the data structures are not fully initialized by the
macro (because there is no "size" information),  those
are re-initialized at boot time by using kallsyms.

Signed-off-by: default avatarMasami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Link: http://lkml.kernel.org/r/20140417081705.26341.96719.stgit@ltc230.yrl.intra.hitachi.co.jp


Cc: Alok Kataria <akataria@vmware.com>
Cc: Ananth N Mavinakayanahalli <ananth@in.ibm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Christopher Li <sparse@chrisli.org>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: David S. Miller <davem@davemloft.net>
Cc: Jan-Simon Möller <dl9pf@gmx.de>
Cc: Jeremy Fitzhardinge <jeremy@goop.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: linux-arch@vger.kernel.org
Cc: linux-doc@vger.kernel.org
Cc: linux-sparse@vger.kernel.org
Cc: virtualization@lists.linux-foundation.org
Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
parent be8f2743

Documentation/kprobes.txt

+15 −1
Original line number Diff line number Diff line
@@ -22,8 +22,9 @@ Appendix B: The kprobes sysctl interface 


Kprobes enables you to dynamically break into any kernel routine and

collect debugging and performance information non-disruptively. You

can trap at almost any kernel code address, specifying a handler

can trap at almost any kernel code address(*), specifying a handler

routine to be invoked when the breakpoint is hit.

(*: some parts of the kernel code can not be trapped, see 1.5 Blacklist)



There are currently three types of probes: kprobes, jprobes, and

kretprobes (also called return probes).  A kprobe can be inserted
@@ -273,6 +274,19 @@ using one of the following techniques: 
 or

- Execute 'sysctl -w debug.kprobes_optimization=n'



1.5 Blacklist



Kprobes can probe most of the kernel except itself. This means

that there are some functions where kprobes cannot probe. Probing

(trapping) such functions can cause a recursive trap (e.g. double

fault) or the nested probe handler may never be called.

Kprobes manages such functions as a blacklist.

If you want to add a function into the blacklist, you just need

to (1) include linux/kprobes.h and (2) use NOKPROBE_SYMBOL() macro

to specify a blacklisted function.

Kprobes checks the given probe address against the blacklist and

rejects registering it, if the given address is in the blacklist.



2. Architectures Supported



Kprobes, jprobes, and return probes are implemented on the following

arch/x86/include/asm/asm.h

+7 −0
Original line number Diff line number Diff line
@@ -57,6 +57,12 @@ 
	.long (from) - . ;					\

	.long (to) - . + 0x7ffffff0 ;				\

	.popsection



# define _ASM_NOKPROBE(entry)					\

	.pushsection "_kprobe_blacklist","aw" ;			\

	_ASM_ALIGN ;						\

	_ASM_PTR (entry);					\

	.popsection

#else

# define _ASM_EXTABLE(from,to)					\

	" .pushsection \"__ex_table\",\"a\"\n"			\
@@ -71,6 +77,7 @@ 
	" .long (" #from ") - .\n"				\

	" .long (" #to ") - . + 0x7ffffff0\n"			\

	" .popsection\n"

/* For C file, we already have NOKPROBE_SYMBOL macro */

#endif



#endif /* _ASM_X86_ASM_H */

arch/x86/kernel/paravirt.c

+4 −0
Original line number Diff line number Diff line
@@ -23,6 +23,7 @@ 
#include <linux/efi.h>

#include <linux/bcd.h>

#include <linux/highmem.h>

#include <linux/kprobes.h>



#include <asm/bug.h>

#include <asm/paravirt.h>
@@ -389,6 +390,9 @@ __visible struct pv_cpu_ops pv_cpu_ops = { 
	.end_context_switch = paravirt_nop,

};



/* At this point, native_get_debugreg has a real function entry */

NOKPROBE_SYMBOL(native_get_debugreg);



struct pv_apic_ops pv_apic_ops = {

#ifdef CONFIG_X86_LOCAL_APIC

	.startup_ipi_hook = paravirt_nop,

include/asm-generic/vmlinux.lds.h

+9 −0
Original line number Diff line number Diff line
@@ -109,6 +109,14 @@ 
#define BRANCH_PROFILE()

#endif



#ifdef CONFIG_KPROBES

#define KPROBE_BLACKLIST()	VMLINUX_SYMBOL(__start_kprobe_blacklist) = .; \

				*(_kprobe_blacklist)			      \

				VMLINUX_SYMBOL(__stop_kprobe_blacklist) = .;

#else

#define KPROBE_BLACKLIST()

#endif



#ifdef CONFIG_EVENT_TRACING

#define FTRACE_EVENTS()	. = ALIGN(8);					\

			VMLINUX_SYMBOL(__start_ftrace_events) = .;	\
@@ -507,6 +515,7 @@ 
	*(.init.rodata)							\

	FTRACE_EVENTS()							\

	TRACE_SYSCALLS()						\

	KPROBE_BLACKLIST()						\

	MEM_DISCARD(init.rodata)					\

	CLK_OF_TABLES()							\

	RESERVEDMEM_OF_TABLES()						\

include/linux/compiler.h

+2 −0
Original line number Diff line number Diff line
@@ -374,7 +374,9 @@ void ftrace_likely_update(struct ftrace_branch_data *f, int val, int expect); 
/* Ignore/forbid kprobes attach on very low level functions marked by this attribute: */

#ifdef CONFIG_KPROBES

# define __kprobes	__attribute__((__section__(".kprobes.text")))

# define nokprobe_inline	__always_inline

#else

# define __kprobes

# define nokprobe_inline	inline

#endif

#endif /* __LINUX_COMPILER_H */