All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] arm64: kprobes: Drop ID map text from kprobes blacklist
@ 2023-02-04 10:18 Ard Biesheuvel
  2023-02-05 18:37 ` Nathan Chancellor
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Ard Biesheuvel @ 2023-02-04 10:18 UTC (permalink / raw)
  To: linux-arm-kernel; +Cc: catalin.marinas, will, Ard Biesheuvel, Nathan Chancellor

The ID mapped text region is never accessed via the normal kernel
mapping of text, and so it was moved into .rodata instead. This means it
is no longer considered as a suitable place for kprobes by default, and
the explicit blacklist is unnecessary, and actually results in an error
message at boot:

  kprobes: Failed to populate blacklist (error -22), kprobes not restricted, be careful using them!

So stop blacklisting the ID map text explicitly.

Fixes: af7249b317e4d0b3d ("arm64: kernel: move identity map out of .text mapping")
Reported-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/kernel/probes/kprobes.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c
index f35d059a9a366fa6..70b91a8c6bb3f358 100644
--- a/arch/arm64/kernel/probes/kprobes.c
+++ b/arch/arm64/kernel/probes/kprobes.c
@@ -387,10 +387,6 @@ int __init arch_populate_kprobe_blacklist(void)
 					(unsigned long)__irqentry_text_end);
 	if (ret)
 		return ret;
-	ret = kprobe_add_area_blacklist((unsigned long)__idmap_text_start,
-					(unsigned long)__idmap_text_end);
-	if (ret)
-		return ret;
 	ret = kprobe_add_area_blacklist((unsigned long)__hyp_text_start,
 					(unsigned long)__hyp_text_end);
 	if (ret || is_kernel_in_hyp_mode())
-- 
2.39.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: kprobes: Drop ID map text from kprobes blacklist
  2023-02-04 10:18 [PATCH] arm64: kprobes: Drop ID map text from kprobes blacklist Ard Biesheuvel
@ 2023-02-05 18:37 ` Nathan Chancellor
  2023-02-07 10:15 ` Mark Rutland
  2023-02-07 18:54 ` Catalin Marinas
  2 siblings, 0 replies; 4+ messages in thread
From: Nathan Chancellor @ 2023-02-05 18:37 UTC (permalink / raw)
  To: Ard Biesheuvel; +Cc: linux-arm-kernel, catalin.marinas, will

On Sat, Feb 04, 2023 at 11:18:07AM +0100, Ard Biesheuvel wrote:
> The ID mapped text region is never accessed via the normal kernel
> mapping of text, and so it was moved into .rodata instead. This means it
> is no longer considered as a suitable place for kprobes by default, and
> the explicit blacklist is unnecessary, and actually results in an error
> message at boot:
> 
>   kprobes: Failed to populate blacklist (error -22), kprobes not restricted, be careful using them!
> 
> So stop blacklisting the ID map text explicitly.
> 
> Fixes: af7249b317e4d0b3d ("arm64: kernel: move identity map out of .text mapping")
> Reported-by: Nathan Chancellor <nathan@kernel.org>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

Thank you for the quick fix!

Tested-by: Nathan Chancellor <nathan@kernel.org>

> ---
>  arch/arm64/kernel/probes/kprobes.c | 4 ----
>  1 file changed, 4 deletions(-)
> 
> diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c
> index f35d059a9a366fa6..70b91a8c6bb3f358 100644
> --- a/arch/arm64/kernel/probes/kprobes.c
> +++ b/arch/arm64/kernel/probes/kprobes.c
> @@ -387,10 +387,6 @@ int __init arch_populate_kprobe_blacklist(void)
>  					(unsigned long)__irqentry_text_end);
>  	if (ret)
>  		return ret;
> -	ret = kprobe_add_area_blacklist((unsigned long)__idmap_text_start,
> -					(unsigned long)__idmap_text_end);
> -	if (ret)
> -		return ret;
>  	ret = kprobe_add_area_blacklist((unsigned long)__hyp_text_start,
>  					(unsigned long)__hyp_text_end);
>  	if (ret || is_kernel_in_hyp_mode())
> -- 
> 2.39.1
> 

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: kprobes: Drop ID map text from kprobes blacklist
  2023-02-04 10:18 [PATCH] arm64: kprobes: Drop ID map text from kprobes blacklist Ard Biesheuvel
  2023-02-05 18:37 ` Nathan Chancellor
@ 2023-02-07 10:15 ` Mark Rutland
  2023-02-07 18:54 ` Catalin Marinas
  2 siblings, 0 replies; 4+ messages in thread
From: Mark Rutland @ 2023-02-07 10:15 UTC (permalink / raw)
  To: Ard Biesheuvel; +Cc: linux-arm-kernel, catalin.marinas, will, Nathan Chancellor

On Sat, Feb 04, 2023 at 11:18:07AM +0100, Ard Biesheuvel wrote:
> The ID mapped text region is never accessed via the normal kernel
> mapping of text, and so it was moved into .rodata instead. This means it
> is no longer considered as a suitable place for kprobes by default, and
> the explicit blacklist is unnecessary, and actually results in an error
> message at boot:
> 
>   kprobes: Failed to populate blacklist (error -22), kprobes not restricted, be careful using them!
> 
> So stop blacklisting the ID map text explicitly.
> 
> Fixes: af7249b317e4d0b3d ("arm64: kernel: move identity map out of .text mapping")
> Reported-by: Nathan Chancellor <nathan@kernel.org>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

Acked-by: Mark Rutland <mark.rutland@arm.com>

Mark.

> ---
>  arch/arm64/kernel/probes/kprobes.c | 4 ----
>  1 file changed, 4 deletions(-)
> 
> diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c
> index f35d059a9a366fa6..70b91a8c6bb3f358 100644
> --- a/arch/arm64/kernel/probes/kprobes.c
> +++ b/arch/arm64/kernel/probes/kprobes.c
> @@ -387,10 +387,6 @@ int __init arch_populate_kprobe_blacklist(void)
>  					(unsigned long)__irqentry_text_end);
>  	if (ret)
>  		return ret;
> -	ret = kprobe_add_area_blacklist((unsigned long)__idmap_text_start,
> -					(unsigned long)__idmap_text_end);
> -	if (ret)
> -		return ret;
>  	ret = kprobe_add_area_blacklist((unsigned long)__hyp_text_start,
>  					(unsigned long)__hyp_text_end);
>  	if (ret || is_kernel_in_hyp_mode())
> -- 
> 2.39.1
> 
> 
> _______________________________________________
> linux-arm-kernel mailing list
> linux-arm-kernel@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] arm64: kprobes: Drop ID map text from kprobes blacklist
  2023-02-04 10:18 [PATCH] arm64: kprobes: Drop ID map text from kprobes blacklist Ard Biesheuvel
  2023-02-05 18:37 ` Nathan Chancellor
  2023-02-07 10:15 ` Mark Rutland
@ 2023-02-07 18:54 ` Catalin Marinas
  2 siblings, 0 replies; 4+ messages in thread
From: Catalin Marinas @ 2023-02-07 18:54 UTC (permalink / raw)
  To: linux-arm-kernel, Ard Biesheuvel; +Cc: Will Deacon, Nathan Chancellor

On Sat, 04 Feb 2023 11:18:07 +0100, Ard Biesheuvel wrote:
> The ID mapped text region is never accessed via the normal kernel
> mapping of text, and so it was moved into .rodata instead. This means it
> is no longer considered as a suitable place for kprobes by default, and
> the explicit blacklist is unnecessary, and actually results in an error
> message at boot:
> 
>   kprobes: Failed to populate blacklist (error -22), kprobes not restricted, be careful using them!
> 
> [...]

Applied to arm64 (for-next/efi-boot-mmu-on), thanks!

[1/1] arm64: kprobes: Drop ID map text from kprobes blacklist
      https://git.kernel.org/arm64/c/a088cf8eee12

-- 
Catalin


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-02-07 18:55 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-02-04 10:18 [PATCH] arm64: kprobes: Drop ID map text from kprobes blacklist Ard Biesheuvel
2023-02-05 18:37 ` Nathan Chancellor
2023-02-07 10:15 ` Mark Rutland
2023-02-07 18:54 ` Catalin Marinas

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.