[PATCH 3.2 070/104] kprobes/x86: Blacklist indirect thunk functions for kprobes

2018-03-11 Thread Ben Hutchings 
3.2.101-rc1 review patch.  If anyone has any objections, please let me know.

--

From: Masami Hiramatsu 

commit c1804a236894ecc942da7dc6c5abe209e56cba93 upstream.

Mark __x86_indirect_thunk_* functions as blacklist for kprobes
because those functions can be called from anywhere in the kernel
including blacklist functions of kprobes.

Signed-off-by: Masami Hiramatsu 
Signed-off-by: Thomas Gleixner 
Acked-by: David Woodhouse 
Cc: Andi Kleen 
Cc: Peter Zijlstra 
Cc: Ananth N Mavinakayanahalli 
Cc: Arjan van de Ven 
Cc: Greg Kroah-Hartman 
Link: 
https://lkml.kernel.org/r/151629209111.10241.5444852823378068683.stgit@devbox
[bwh: Backported to 3.2: We don't have _ASM_NOKPROBE etc., so add indirect
 thunks to the built-in blacklist]
Signed-off-by: Ben Hutchings 
---
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -53,6 +53,9 @@
 #include 
 #include 
 #include 
+#ifdef CONFIG_RETPOLINE
+#include 
+#endif
 
 #define KPROBE_HASH_BITS 6
 #define KPROBE_TABLE_SIZE (1 << KPROBE_HASH_BITS)
@@ -99,6 +102,11 @@ static struct kprobe_blackpoint kprobe_b
{"irq_entries_start",},
{"common_interrupt",},
{"mcount",},/* mcount can be called from everywhere */
+#ifdef CONFIG_RETPOLINE
+   {"__indirect_thunk_start",
+/* Linker scripts can't set symbol sizes */
+.range = (size_t)__indirect_thunk_size},
+#endif
{NULL}/* Terminator */
 };
 
@@ -1986,7 +1994,7 @@ static int __init init_kprobes(void)
, , , namebuf);
if (!symbol_name)
kb->range = 0;
-   else
+   else if (size)
kb->range = size;
}
 
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -173,6 +173,7 @@ enum spectre_v2_mitigation {
 
 extern char __indirect_thunk_start[];
 extern char __indirect_thunk_end[];
+extern char __indirect_thunk_size[];
 
 /*
  * On VMEXIT we must ensure that no RSB predictions learned in the guest
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -112,6 +112,7 @@ SECTIONS
__indirect_thunk_start = .;
*(.text.__x86.indirect_thunk)
__indirect_thunk_end = .;
+   __indirect_thunk_size = __indirect_thunk_end - 
__indirect_thunk_start;
 #endif
 
/* End of text section */

[PATCH 3.2 070/104] kprobes/x86: Blacklist indirect thunk functions for kprobes

2018-03-11 Thread Ben Hutchings 
3.2.101-rc1 review patch.  If anyone has any objections, please let me know.

--

From: Masami Hiramatsu 

commit c1804a236894ecc942da7dc6c5abe209e56cba93 upstream.

Mark __x86_indirect_thunk_* functions as blacklist for kprobes
because those functions can be called from anywhere in the kernel
including blacklist functions of kprobes.

Signed-off-by: Masami Hiramatsu 
Signed-off-by: Thomas Gleixner 
Acked-by: David Woodhouse 
Cc: Andi Kleen 
Cc: Peter Zijlstra 
Cc: Ananth N Mavinakayanahalli 
Cc: Arjan van de Ven 
Cc: Greg Kroah-Hartman 
Link: 
https://lkml.kernel.org/r/151629209111.10241.5444852823378068683.stgit@devbox
[bwh: Backported to 3.2: We don't have _ASM_NOKPROBE etc., so add indirect
 thunks to the built-in blacklist]
Signed-off-by: Ben Hutchings 
---
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -53,6 +53,9 @@
 #include 
 #include 
 #include 
+#ifdef CONFIG_RETPOLINE
+#include 
+#endif
 
 #define KPROBE_HASH_BITS 6
 #define KPROBE_TABLE_SIZE (1 << KPROBE_HASH_BITS)
@@ -99,6 +102,11 @@ static struct kprobe_blackpoint kprobe_b
{"irq_entries_start",},
{"common_interrupt",},
{"mcount",},/* mcount can be called from everywhere */
+#ifdef CONFIG_RETPOLINE
+   {"__indirect_thunk_start",
+/* Linker scripts can't set symbol sizes */
+.range = (size_t)__indirect_thunk_size},
+#endif
{NULL}/* Terminator */
 };
 
@@ -1986,7 +1994,7 @@ static int __init init_kprobes(void)
, , , namebuf);
if (!symbol_name)
kb->range = 0;
-   else
+   else if (size)
kb->range = size;
}
 
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -173,6 +173,7 @@ enum spectre_v2_mitigation {
 
 extern char __indirect_thunk_start[];
 extern char __indirect_thunk_end[];
+extern char __indirect_thunk_size[];
 
 /*
  * On VMEXIT we must ensure that no RSB predictions learned in the guest
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -112,6 +112,7 @@ SECTIONS
__indirect_thunk_start = .;
*(.text.__x86.indirect_thunk)
__indirect_thunk_end = .;
+   __indirect_thunk_size = __indirect_thunk_end - 
__indirect_thunk_start;
 #endif
 
/* End of text section */