[PATCH v2 0/3] kgdb: Honour the kprobe blacklist when setting breakpoints

[Daniel Thompson <daniel.thompson@linaro.org>]

kgdb has traditionally adopted a no safety rails approach to breakpoint
placement. If the debugger is commanded to place a breakpoint at an
address then it will do so even if that breakpoint results in kgdb
becoming inoperable.

A stop-the-world debugger with memory peek/poke intrinsically provides
its operator with the means to hose their system in all manner of
exciting ways (not least because stopping-the-world is already a DoS
attack ;-) ). Nevertheless the current no safety rail approach is
difficult to defend, especially given kprobes can provide us with plenty
of machinery to mark the parts of the kernel where breakpointing is
discouraged.

This patchset introduces some safety rails by using the existing kprobes
infrastructure and ensures this will be enabled by default on
architectures that implement kprobes. At present it does not cover
absolutely all locations where breakpoints can cause trouble but it will
block off several avenues, including the architecture specific parts
that are handled by arch_within_kprobe_blacklist().


Daniel Thompson (3):
  kgdb: Honour the kprobe blocklist when setting breakpoints
  kgdb: Use the kprobe blocklist to limit single stepping
  kgdb: Add NOKPROBE labels on the trap handler functions

 include/linux/kgdb.h        | 19 +++++++++++++++++++
 kernel/debug/debug_core.c   | 25 +++++++++++++++++++++++++
 kernel/debug/gdbstub.c      | 10 +++++++++-
 kernel/debug/kdb/kdb_bp.c   | 17 +++++++++++------
 kernel/debug/kdb/kdb_main.c | 10 ++++++++--
 lib/Kconfig.kgdb            | 14 ++++++++++++++
 6 files changed, 86 insertions(+), 9 deletions(-)

--
2.25.4