[PATCH 01/12] powerpc/52xx: Blacklist functions running with MMU disabled for kprobe

[PATCH 01/12] powerpc/52xx: Blacklist functions running with MMU disabled for kprobe

[Christophe Leroy]

kprobe does not handle events happening in real mode, all
functions running with MMU disabled have to be blacklisted.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/platforms/52xx/lite5200_sleep.S | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/powerpc/platforms/52xx/lite5200_sleep.S b/arch/powerpc/platforms/52xx/lite5200_sleep.S
index 3a9969c429b3..70083649c9ea 100644
--- a/arch/powerpc/platforms/52xx/lite5200_sleep.S
+++ b/arch/powerpc/platforms/52xx/lite5200_sleep.S
@@ -248,6 +248,7 @@ mmu_on:
 
 
 	blr
+_ASM_NOKPROBE_SYMBOL(lite5200_wakeup)
 
 
 /* ---------------------------------------------------------------------- */
@@ -391,6 +392,7 @@ restore_regs:
 	LOAD_SPRN(TBWU,  0x5b);
 
 	blr
+_ASM_NOKPROBE_SYMBOL(restore_regs)
 
 
 
-- 
2.25.0

[PATCH 02/12] powerpc/82xx: Blacklist pq2_restart() for kprobe

[Christophe Leroy]

kprobe does not handle events happening in real mode, all
functions running with MMU disabled have to be blacklisted.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/platforms/82xx/pq2.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/powerpc/platforms/82xx/pq2.c b/arch/powerpc/platforms/82xx/pq2.c
index 1cdd5ed9d896..3b5cb39a564c 100644
--- a/arch/powerpc/platforms/82xx/pq2.c
+++ b/arch/powerpc/platforms/82xx/pq2.c
@@ -10,6 +10,8 @@
  * Copyright (c) 2006 MontaVista Software, Inc.
  */
 
+#include <linux/kprobes.h>
+
 #include <asm/cpm2.h>
 #include <asm/io.h>
 #include <asm/pci-bridge.h>
@@ -29,6 +31,7 @@ void __noreturn pq2_restart(char *cmd)
 
 	panic("Restart failed\n");
 }
+NOKPROBE_SYMBOL(pq2_restart)
 
 #ifdef CONFIG_PCI
 static int pq2_pci_exclude_device(struct pci_controller *hose,
-- 
2.25.0

[PATCH 03/12] powerpc/83xx: Blacklist mpc83xx_deep_resume() for kprobe

[Christophe Leroy]

kprobe does not handle events happening in real mode, all
functions running with MMU disabled have to be blacklisted.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/platforms/83xx/suspend-asm.S | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/powerpc/platforms/83xx/suspend-asm.S b/arch/powerpc/platforms/83xx/suspend-asm.S
index 3acd7470dc5e..bc6bd4d0ae96 100644
--- a/arch/powerpc/platforms/83xx/suspend-asm.S
+++ b/arch/powerpc/platforms/83xx/suspend-asm.S
@@ -548,3 +548,4 @@ mpc83xx_deep_resume:
 	mtdec	r0
 
 	rfi
+_ASM_NOKPROBE_SYMBOL(mpc83xx_deep_resume)
-- 
2.25.0

[PATCH 04/12] powerpc/powermac: Blacklist functions running with MMU disabled for kprobe

[Christophe Leroy]

kprobe does not handle events happening in real mode, all
functions running with MMU disabled have to be blacklisted.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/platforms/powermac/cache.S | 2 ++
 arch/powerpc/platforms/powermac/sleep.S | 5 ++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/platforms/powermac/cache.S b/arch/powerpc/platforms/powermac/cache.S
index da69e0fcb4f1..ced225415486 100644
--- a/arch/powerpc/platforms/powermac/cache.S
+++ b/arch/powerpc/platforms/powermac/cache.S
@@ -184,6 +184,7 @@ END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
 
 	mtlr	r10
 	blr
+_ASM_NOKPROBE_SYMBOL(flush_disable_75x)
 
 /* This code is for 745x processors */
 flush_disable_745x:
@@ -351,4 +352,5 @@ END_FTR_SECTION_IFSET(CPU_FTR_L3CR)
 	mtmsr	r11		/* restore DR and EE */
 	isync
 	blr
+_ASM_NOKPROBE_SYMBOL(flush_disable_745x)
 #endif	/* CONFIG_PPC_BOOK3S_32 */
diff --git a/arch/powerpc/platforms/powermac/sleep.S b/arch/powerpc/platforms/powermac/sleep.S
index bd6085b470b7..f9a680fdd9c4 100644
--- a/arch/powerpc/platforms/powermac/sleep.S
+++ b/arch/powerpc/platforms/powermac/sleep.S
@@ -244,7 +244,7 @@ END_FTR_SECTION_IFSET(CPU_FTR_SPEC7450)
 	mtmsr	r2
 	isync
 	b	1b
-
+_ASM_NOKPROBE_SYMBOL(low_cpu_die)
 /*
  * Here is the resume code.
  */
@@ -282,6 +282,7 @@ _GLOBAL(core99_wake_up)
 	lwz	r1,0(r3)
 
 	/* Pass thru to older resume code ... */
+_ASM_NOKPROBE_SYMBOL(core99_wake_up)
 /*
  * Here is the resume code for older machines.
  * r1 has the physical address of SL_PC(sp).
@@ -429,6 +430,7 @@ END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
 	lwz	r0,4(r1)
 	mtlr	r0
 	blr
+_ASM_NOKPROBE_SYMBOL(grackle_wake_up)
 
 turn_on_mmu:
 	mflr	r4
@@ -438,6 +440,7 @@ turn_on_mmu:
 	sync
 	isync
 	rfi
+_ASM_NOKPROBE_SYMBOL(turn_on_mmu)
 
 #endif /* defined(CONFIG_PM) || defined(CONFIG_CPU_FREQ) */
 
-- 
2.25.0

[PATCH 05/12] powerpc/mem: Blacklist flush_dcache_icache_phys() for kprobe

[Christophe Leroy]

kprobe does not handle events happening in real mode, all
functions running with MMU disabled have to be blacklisted.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/mm/mem.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/powerpc/mm/mem.c b/arch/powerpc/mm/mem.c
index 9b4f5fb719e0..bcb6af6ba29a 100644
--- a/arch/powerpc/mm/mem.c
+++ b/arch/powerpc/mm/mem.c
@@ -32,6 +32,7 @@
 #include <linux/vmalloc.h>
 #include <linux/memremap.h>
 #include <linux/dma-direct.h>
+#include <linux/kprobes.h>
 
 #include <asm/pgalloc.h>
 #include <asm/prom.h>
@@ -466,6 +467,7 @@ static void flush_dcache_icache_phys(unsigned long physaddr)
 		: "r" (nb), "r" (msr), "i" (bytes), "r" (msr0)
 		: "ctr", "memory");
 }
+NOKPROBE_SYMBOL(flush_dcache_icache_phys)
 #endif // !defined(CONFIG_PPC_8xx) && !defined(CONFIG_PPC64)
 
 /*
-- 
2.25.0

[PATCH 06/12] powerpc/32s: Make local symbols non visible in hash_low.

[Christophe Leroy]

In hash_low.S, a lot of named local symbols are used instead of
numbers to ease code lisibility. However, they don't need to be
visible.

In order to ease blacklisting of functions running with MMU
disabled for kprobe, rename the symbols to .Lsymbols in order
to hide them as if they were numbered labels.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/mm/book3s32/hash_low.S | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/arch/powerpc/mm/book3s32/hash_low.S b/arch/powerpc/mm/book3s32/hash_low.S
index 6d236080cb1a..2afa3fa2012d 100644
--- a/arch/powerpc/mm/book3s32/hash_low.S
+++ b/arch/powerpc/mm/book3s32/hash_low.S
@@ -81,7 +81,7 @@ _GLOBAL(hash_page)
 	rlwinm.	r8,r8,0,0,20		/* extract pt base address */
 #endif
 #ifdef CONFIG_SMP
-	beq-	hash_page_out		/* return if no mapping */
+	beq-	.Lhash_page_out		/* return if no mapping */
 #else
 	/* XXX it seems like the 601 will give a machine fault on the
 	   rfi if its alignment is wrong (bottom 4 bits of address are
@@ -109,11 +109,11 @@ _GLOBAL(hash_page)
 #if (PTE_FLAGS_OFFSET != 0)
 	addi	r8,r8,PTE_FLAGS_OFFSET
 #endif
-retry:
+.Lretry:
 	lwarx	r6,0,r8			/* get linux-style pte, flag word */
 	andc.	r5,r3,r6		/* check access & ~permission */
 #ifdef CONFIG_SMP
-	bne-	hash_page_out		/* return if access not permitted */
+	bne-	.Lhash_page_out		/* return if access not permitted */
 #else
 	bnelr-
 #endif
@@ -128,7 +128,7 @@ retry:
 #endif /* CONFIG_SMP */
 #endif /* CONFIG_PTE_64BIT */
 	stwcx.	r5,0,r8			/* attempt to update PTE */
-	bne-	retry			/* retry if someone got there first */
+	bne-	.Lretry			/* retry if someone got there first */
 
 	mfsrin	r3,r4			/* get segment reg for segment */
 #ifndef CONFIG_VMAP_STACK
@@ -156,7 +156,7 @@ retry:
 #endif
 
 #ifdef CONFIG_SMP
-hash_page_out:
+.Lhash_page_out:
 	eieio
 	lis	r8, (mmu_hash_lock - PAGE_OFFSET)@ha
 	li	r0,0
@@ -358,7 +358,7 @@ END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
 1:	LDPTEu	r6,HPTE_SIZE(r4)	/* get next PTE */
 	CMPPTE	0,r6,r5
 	bdnzf	2,1b			/* loop while ctr != 0 && !cr0.eq */
-	beq+	found_slot
+	beq+	.Lfound_slot
 
 	patch_site	0f, patch__hash_page_B
 	/* Search the secondary PTEG for a matching PTE */
@@ -370,7 +370,7 @@ END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
 2:	LDPTEu	r6,HPTE_SIZE(r4)
 	CMPPTE	0,r6,r5
 	bdnzf	2,2b
-	beq+	found_slot
+	beq+	.Lfound_slot
 	xori	r5,r5,PTE_H		/* clear H bit again */
 
 	/* Search the primary PTEG for an empty slot */
@@ -379,7 +379,7 @@ END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
 1:	LDPTEu	r6,HPTE_SIZE(r4)	/* get next PTE */
 	TST_V(r6)			/* test valid bit */
 	bdnzf	2,1b			/* loop while ctr != 0 && !cr0.eq */
-	beq+	found_empty
+	beq+	.Lfound_empty
 
 	/* update counter of times that the primary PTEG is full */
 	lis	r4, (primary_pteg_full - PAGE_OFFSET)@ha
@@ -397,7 +397,7 @@ END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
 2:	LDPTEu	r6,HPTE_SIZE(r4)
 	TST_V(r6)
 	bdnzf	2,2b
-	beq+	found_empty
+	beq+	.Lfound_empty
 	xori	r5,r5,PTE_H		/* clear H bit again */
 
 	/*
@@ -435,9 +435,9 @@ END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
 
 #ifndef CONFIG_SMP
 	/* Store PTE in PTEG */
-found_empty:
+.Lfound_empty:
 	STPTE	r5,0(r4)
-found_slot:
+.Lfound_slot:
 	STPTE	r8,HPTE_SIZE/2(r4)
 
 #else /* CONFIG_SMP */
@@ -458,8 +458,8 @@ found_slot:
  * We do however have to make sure that the PTE is never in an invalid
  * state with the V bit set.
  */
-found_empty:
-found_slot:
+.Lfound_empty:
+.Lfound_slot:
 	CLR_V(r5,r0)		/* clear V (valid) bit in PTE */
 	STPTE	r5,0(r4)
 	sync
-- 
2.25.0

[PATCH 07/12] powerpc/32s: Blacklist functions running with MMU disabled for kprobe

[Christophe Leroy]

kprobe does not handle events happening in real mode, all
functions running with MMU disabled have to be blacklisted.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/mm/book3s32/hash_low.S | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/arch/powerpc/mm/book3s32/hash_low.S b/arch/powerpc/mm/book3s32/hash_low.S
index 2afa3fa2012d..f5f836477009 100644
--- a/arch/powerpc/mm/book3s32/hash_low.S
+++ b/arch/powerpc/mm/book3s32/hash_low.S
@@ -163,6 +163,7 @@ _GLOBAL(hash_page)
 	stw	r0, (mmu_hash_lock - PAGE_OFFSET)@l(r8)
 	blr
 #endif /* CONFIG_SMP */
+_ASM_NOKPROBE_SYMBOL(hash_page)
 
 /*
  * Add an entry for a particular page to the hash table.
@@ -267,6 +268,7 @@ _GLOBAL(add_hash_page)
 	lwz	r0,4(r1)
 	mtlr	r0
 	blr
+_ASM_NOKPROBE_SYMBOL(add_hash_page)
 
 /*
  * This routine adds a hardware PTE to the hash table.
@@ -472,6 +474,7 @@ END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
 
 	sync		/* make sure pte updates get to memory */
 	blr
+_ASM_NOKPROBE_SYMBOL(create_hpte)
 
 	.section .bss
 	.align	2
@@ -628,6 +631,7 @@ _GLOBAL(flush_hash_pages)
 	isync
 	blr
 EXPORT_SYMBOL(flush_hash_pages)
+_ASM_NOKPROBE_SYMBOL(flush_hash_pages)
 
 /*
  * Flush an entry from the TLB
@@ -665,6 +669,7 @@ _GLOBAL(_tlbie)
 	sync
 #endif /* CONFIG_SMP */
 	blr
+_ASM_NOKPROBE_SYMBOL(_tlbie)
 
 /*
  * Flush the entire TLB. 603/603e only
@@ -706,3 +711,4 @@ _GLOBAL(_tlbia)
 	isync
 #endif /* CONFIG_SMP */
 	blr
+_ASM_NOKPROBE_SYMBOL(_tlbia)
-- 
2.25.0

[PATCH 08/12] powerpc/rtas: Remove machine_check_in_rtas()

[Christophe Leroy]

machine_check_in_rtas() is just a trap.

Do the trap directly in the machine check exception handler.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/kernel/entry_32.S | 6 ------
 arch/powerpc/kernel/head_32.S  | 2 +-
 2 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
index a6371fb8f761..e652f6506888 100644
--- a/arch/powerpc/kernel/entry_32.S
+++ b/arch/powerpc/kernel/entry_32.S
@@ -1391,10 +1391,4 @@ _GLOBAL(enter_rtas)
 	mtspr	SPRN_SRR0,r8
 	mtspr	SPRN_SRR1,r9
 	RFI			/* return to caller */
-
-	.globl	machine_check_in_rtas
-machine_check_in_rtas:
-	twi	31,0,0
-	/* XXX load up BATs and panic */
-
 #endif /* CONFIG_PPC_RTAS */
diff --git a/arch/powerpc/kernel/head_32.S b/arch/powerpc/kernel/head_32.S
index daaa153950c2..cbd30cac2496 100644
--- a/arch/powerpc/kernel/head_32.S
+++ b/arch/powerpc/kernel/head_32.S
@@ -297,7 +297,7 @@ MachineCheck:
 	cmpwi	cr1, r4, 0
 #endif
 	beq	cr1, machine_check_tramp
-	b	machine_check_in_rtas
+	twi	31, 0, 0
 #else
 	b	machine_check_tramp
 #endif
-- 
2.25.0

[PATCH 09/12] powerpc/32: Blacklist functions running with MMU disabled for kprobe

[Christophe Leroy]

kprobe does not handle events happening in real mode, all
functions running with MMU disabled have to be blacklisted.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/kernel/cpu_setup_6xx.S | 2 ++
 arch/powerpc/kernel/entry_32.S      | 3 +++
 arch/powerpc/kernel/fpu.S           | 1 +
 arch/powerpc/kernel/idle_6xx.S      | 1 +
 arch/powerpc/kernel/idle_e500.S     | 1 +
 arch/powerpc/kernel/l2cr_6xx.S      | 1 +
 arch/powerpc/kernel/misc.S          | 2 ++
 arch/powerpc/kernel/misc_32.S       | 2 ++
 arch/powerpc/kernel/swsusp_32.S     | 2 ++
 arch/powerpc/kernel/vector.S        | 1 +
 10 files changed, 16 insertions(+)

diff --git a/arch/powerpc/kernel/cpu_setup_6xx.S b/arch/powerpc/kernel/cpu_setup_6xx.S
index f6517f67265a..f8b5ff64b604 100644
--- a/arch/powerpc/kernel/cpu_setup_6xx.S
+++ b/arch/powerpc/kernel/cpu_setup_6xx.S
@@ -288,6 +288,7 @@ _GLOBAL(__init_fpu_registers)
 	mtmsr	r10
 	isync
 	blr
+_ASM_NOKPROBE_SYMBOL(__init_fpu_registers)
 
 
 /* Definitions for the table use to save CPU states */
@@ -483,4 +484,5 @@ _GLOBAL(__restore_cpu_setup)
 1:
 	mtcr	r7
 	blr
+_ASM_NOKPROBE_SYMBOL(__restore_cpu_setup)
 
diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
index e652f6506888..94f78c03cb79 100644
--- a/arch/powerpc/kernel/entry_32.S
+++ b/arch/powerpc/kernel/entry_32.S
@@ -313,6 +313,7 @@ stack_ovf:
 	mtspr	SPRN_SRR1,r10
 	SYNC
 	RFI
+_ASM_NOKPROBE_SYMBOL(stack_ovf)
 #endif
 
 #ifdef CONFIG_TRACE_IRQFLAGS
@@ -1337,6 +1338,7 @@ nonrecoverable:
 	bl	unrecoverable_exception
 	/* shouldn't return */
 	b	4b
+_ASM_NOKPROBE_SYMBOL(nonrecoverable)
 
 	.section .bss
 	.align	2
@@ -1391,4 +1393,5 @@ _GLOBAL(enter_rtas)
 	mtspr	SPRN_SRR0,r8
 	mtspr	SPRN_SRR1,r9
 	RFI			/* return to caller */
+_ASM_NOKPROBE_SYMBOL(enter_rtas)
 #endif /* CONFIG_PPC_RTAS */
diff --git a/arch/powerpc/kernel/fpu.S b/arch/powerpc/kernel/fpu.S
index 3235a8da6af7..1dfccf58fbb1 100644
--- a/arch/powerpc/kernel/fpu.S
+++ b/arch/powerpc/kernel/fpu.S
@@ -119,6 +119,7 @@ END_FTR_SECTION_IFSET(CPU_FTR_VSX)
 	/* restore registers and return */
 	/* we haven't used ctr or xer or lr */
 	blr
+_ASM_NOKPROBE_SYMBOL(load_up_fpu)
 
 /*
  * save_fpu(tsk)
diff --git a/arch/powerpc/kernel/idle_6xx.S b/arch/powerpc/kernel/idle_6xx.S
index 433d97bea1f3..69df840f7253 100644
--- a/arch/powerpc/kernel/idle_6xx.S
+++ b/arch/powerpc/kernel/idle_6xx.S
@@ -187,6 +187,7 @@ BEGIN_FTR_SECTION
 	mtspr	SPRN_HID1, r9
 END_FTR_SECTION_IFSET(CPU_FTR_DUAL_PLL_750FX)
 	b	transfer_to_handler_cont
+_ASM_NOKPROBE_SYMBOL(power_save_ppc32_restore)
 
 	.data
 
diff --git a/arch/powerpc/kernel/idle_e500.S b/arch/powerpc/kernel/idle_e500.S
index 308f499e146c..72c85b6f3898 100644
--- a/arch/powerpc/kernel/idle_e500.S
+++ b/arch/powerpc/kernel/idle_e500.S
@@ -90,3 +90,4 @@ _GLOBAL(power_save_ppc32_restore)
 #endif
 
 	b	transfer_to_handler_cont
+_ASM_NOKPROBE_SYMBOL(power_save_ppc32_restore)
diff --git a/arch/powerpc/kernel/l2cr_6xx.S b/arch/powerpc/kernel/l2cr_6xx.S
index 2020d255585f..5f07aa5e9851 100644
--- a/arch/powerpc/kernel/l2cr_6xx.S
+++ b/arch/powerpc/kernel/l2cr_6xx.S
@@ -455,5 +455,6 @@ _GLOBAL(__inval_enable_L1)
 	sync
 
  	blr
+_ASM_NOKPROBE_SYMBOL(__inval_enable_L1)
 
 
diff --git a/arch/powerpc/kernel/misc.S b/arch/powerpc/kernel/misc.S
index 65f9f731c229..5be96feccb55 100644
--- a/arch/powerpc/kernel/misc.S
+++ b/arch/powerpc/kernel/misc.S
@@ -36,6 +36,8 @@ _GLOBAL(add_reloc_offset)
 	add	r3,r3,r5
 	mtlr	r0
 	blr
+_ASM_NOKPROBE_SYMBOL(reloc_offset)
+_ASM_NOKPROBE_SYMBOL(add_reloc_offset)
 
 	.align	3
 2:	PPC_LONG 1b
diff --git a/arch/powerpc/kernel/misc_32.S b/arch/powerpc/kernel/misc_32.S
index d80212be8698..1edcc41e15fc 100644
--- a/arch/powerpc/kernel/misc_32.S
+++ b/arch/powerpc/kernel/misc_32.S
@@ -246,6 +246,7 @@ _GLOBAL(real_readb)
 	sync
 	isync
 	blr
+_ASM_NOKPROBE_SYMBOL(real_readb)
 
 	/*
  * Do an IO access in real mode
@@ -263,6 +264,7 @@ _GLOBAL(real_writeb)
 	sync
 	isync
 	blr
+_ASM_NOKPROBE_SYMBOL(real_writeb)
 
 #endif /* CONFIG_40x */
 
diff --git a/arch/powerpc/kernel/swsusp_32.S b/arch/powerpc/kernel/swsusp_32.S
index cbdf86228eaa..f73f4d72fea4 100644
--- a/arch/powerpc/kernel/swsusp_32.S
+++ b/arch/powerpc/kernel/swsusp_32.S
@@ -395,6 +395,7 @@ END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
 
 	li	r3,0
 	blr
+_ASM_NOKPROBE_SYMBOL(swsusp_arch_resume)
 
 /* FIXME:This construct is actually not useful since we don't shut
  * down the instruction MMU, we could just flip back MSR-DR on.
@@ -406,4 +407,5 @@ turn_on_mmu:
 	sync
 	isync
 	rfi
+_ASM_NOKPROBE_SYMBOL(turn_on_mmu)
 
diff --git a/arch/powerpc/kernel/vector.S b/arch/powerpc/kernel/vector.S
index 25c14a0981bf..403ab2c32dc8 100644
--- a/arch/powerpc/kernel/vector.S
+++ b/arch/powerpc/kernel/vector.S
@@ -89,6 +89,7 @@ _GLOBAL(load_up_altivec)
 	REST_32VRS(0,r4,r6)
 	/* restore registers and return */
 	blr
+_ASM_NOKPROBE_SYMBOL(load_up_altivec)
 
 /*
  * save_altivec(tsk)
-- 
2.25.0

[PATCH 10/12] powerpc/entry32: Blacklist exception entry points for kprobe.

[Christophe Leroy]

kprobe does not handle events happening in real mode.

As exception entry points are running with MMU disabled,
blacklist them.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/kernel/entry_32.S | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
index 94f78c03cb79..9a1a45d6038a 100644
--- a/arch/powerpc/kernel/entry_32.S
+++ b/arch/powerpc/kernel/entry_32.S
@@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
 	mfspr	r0,SPRN_DSRR1
 	stw	r0,_DSRR1(r11)
 	/* fall through */
+_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
 
 	.globl	debug_transfer_to_handler
 debug_transfer_to_handler:
@@ -59,6 +60,7 @@ debug_transfer_to_handler:
 	mfspr	r0,SPRN_CSRR1
 	stw	r0,_CSRR1(r11)
 	/* fall through */
+_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
 
 	.globl	crit_transfer_to_handler
 crit_transfer_to_handler:
@@ -94,6 +96,7 @@ crit_transfer_to_handler:
 	rlwinm	r0,r1,0,0,(31 - THREAD_SHIFT)
 	stw	r0,KSP_LIMIT(r8)
 	/* fall through */
+_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
 #endif
 
 #ifdef CONFIG_40x
@@ -115,6 +118,7 @@ crit_transfer_to_handler:
 	rlwinm	r0,r1,0,0,(31 - THREAD_SHIFT)
 	stw	r0,KSP_LIMIT(r8)
 	/* fall through */
+_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
 #endif
 
 /*
@@ -127,6 +131,7 @@ crit_transfer_to_handler:
 	.globl	transfer_to_handler_full
 transfer_to_handler_full:
 	SAVE_NVGPRS(r11)
+_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
 	/* fall through */
 
 	.globl	transfer_to_handler
@@ -286,6 +291,8 @@ reenable_mmu:
 	lwz	r2, GPR2(r11)
 	b	fast_exception_return
 #endif
+_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
+_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
 
 #ifndef CONFIG_VMAP_STACK
 /*
-- 
2.25.0

[PATCH 11/12] powerpc/entry32: Blacklist syscall exit points for kprobe.

[Christophe Leroy]

kprobe does not handle events happening in real mode.

The very last part of syscall cannot support a trap.
Add a symbol syscall_exit_finish to identify that part and
blacklist it from kprobe.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/kernel/entry_32.S | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
index 9a1a45d6038a..7035e838d422 100644
--- a/arch/powerpc/kernel/entry_32.S
+++ b/arch/powerpc/kernel/entry_32.S
@@ -463,6 +463,7 @@ END_FTR_SECTION_IFSET(CPU_FTR_NEED_PAIRED_STWCX)
 	lwz	r7,_NIP(r1)
 	lwz	r2,GPR2(r1)
 	lwz	r1,GPR1(r1)
+syscall_exit_finish:
 #if defined(CONFIG_PPC_8xx) && defined(CONFIG_PERF_EVENTS)
 	mtspr	SPRN_NRI, r0
 #endif
@@ -470,6 +471,7 @@ END_FTR_SECTION_IFSET(CPU_FTR_NEED_PAIRED_STWCX)
 	mtspr	SPRN_SRR1,r8
 	SYNC
 	RFI
+_ASM_NOKPROBE_SYMBOL(syscall_exit_finish)
 #ifdef CONFIG_44x
 2:	li	r7,0
 	iccci	r0,r0
@@ -604,6 +606,7 @@ ret_from_kernel_syscall:
 	mtspr	SPRN_SRR1, r10
 	SYNC
 	RFI
+_ASM_NOKPROBE_SYMBOL(ret_from_kernel_syscall)
 
 /*
  * The fork/clone functions need to copy the full register set into
-- 
2.25.0

[PATCH 12/12] powerpc/entry32: Blacklist exception exit points for kprobe.

[Christophe Leroy]

kprobe does not handle events happening in real mode.

The very last part of exception exits cannot support a trap.
Blacklist them from kprobe.

While we are at it, remove exc_exit_start symbol which is not
used to avoid having to blacklist it.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/kernel/entry_32.S | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
index 7035e838d422..e161fb7a0568 100644
--- a/arch/powerpc/kernel/entry_32.S
+++ b/arch/powerpc/kernel/entry_32.S
@@ -810,6 +810,7 @@ fast_exception_return:
 	lwz	r11,GPR11(r11)
 	SYNC
 	RFI
+_ASM_NOKPROBE_SYMBOL(fast_exception_return)
 
 #if !(defined(CONFIG_4xx) || defined(CONFIG_BOOKE))
 /* check if the exception happened in a restartable section */
@@ -1049,6 +1050,8 @@ exc_exit_restart:
 exc_exit_restart_end:
 	SYNC
 	RFI
+_ASM_NOKPROBE_SYMBOL(exc_exit_restart)
+_ASM_NOKPROBE_SYMBOL(exc_exit_restart_end)
 
 #else /* !(CONFIG_4xx || CONFIG_BOOKE) */
 	/*
@@ -1070,7 +1073,6 @@ exc_exit_restart_end:
 exc_exit_restart:
 	lwz	r11,_NIP(r1)
 	lwz	r12,_MSR(r1)
-exc_exit_start:
 	mtspr	SPRN_SRR0,r11
 	mtspr	SPRN_SRR1,r12
 	REST_2GPRS(11, r1)
@@ -1080,6 +1082,7 @@ exc_exit_restart_end:
 	PPC405_ERR77_SYNC
 	rfi
 	b	.			/* prevent prefetch past rfi */
+_ASM_NOKPROBE_SYMBOL(exc_exit_restart)
 
 /*
  * Returning from a critical interrupt in user mode doesn't need
@@ -1193,6 +1196,7 @@ ret_from_crit_exc:
 	mtspr	SPRN_SRR0,r9;
 	mtspr	SPRN_SRR1,r10;
 	RET_FROM_EXC_LEVEL(SPRN_CSRR0, SPRN_CSRR1, PPC_RFCI)
+_ASM_NOKPROBE_SYMBOL(ret_from_crit_exc)
 #endif /* CONFIG_40x */
 
 #ifdef CONFIG_BOOKE
@@ -1204,6 +1208,7 @@ ret_from_crit_exc:
 	RESTORE_xSRR(SRR0,SRR1);
 	RESTORE_MMU_REGS;
 	RET_FROM_EXC_LEVEL(SPRN_CSRR0, SPRN_CSRR1, PPC_RFCI)
+_ASM_NOKPROBE_SYMBOL(ret_from_crit_exc)
 
 	.globl	ret_from_debug_exc
 ret_from_debug_exc:
@@ -1214,6 +1219,7 @@ ret_from_debug_exc:
 	RESTORE_xSRR(CSRR0,CSRR1);
 	RESTORE_MMU_REGS;
 	RET_FROM_EXC_LEVEL(SPRN_DSRR0, SPRN_DSRR1, PPC_RFDI)
+_ASM_NOKPROBE_SYMBOL(ret_from_debug_exc)
 
 	.globl	ret_from_mcheck_exc
 ret_from_mcheck_exc:
@@ -1225,6 +1231,7 @@ ret_from_mcheck_exc:
 	RESTORE_xSRR(DSRR0,DSRR1);
 	RESTORE_MMU_REGS;
 	RET_FROM_EXC_LEVEL(SPRN_MCSRR0, SPRN_MCSRR1, PPC_RFMCI)
+_ASM_NOKPROBE_SYMBOL(ret_from_mcheck_exc)
 #endif /* CONFIG_BOOKE */
 
 /*
-- 
2.25.0

Re: [PATCH 06/12] powerpc/32s: Make local symbols non visible in hash_low.

[Naveen N. Rao]

Christophe Leroy wrote:
> In hash_low.S, a lot of named local symbols are used instead of
> numbers to ease code lisibility. However, they don't need to be
		       ^^^^^^^^^^
Nit..                  visibility


- Naveen

Re: [PATCH 10/12] powerpc/entry32: Blacklist exception entry points for kprobe.

[Naveen N. Rao]

Christophe Leroy wrote:
> kprobe does not handle events happening in real mode.
> 
> As exception entry points are running with MMU disabled,
> blacklist them.
> 
> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
> ---
>  arch/powerpc/kernel/entry_32.S | 7 +++++++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
> index 94f78c03cb79..9a1a45d6038a 100644
> --- a/arch/powerpc/kernel/entry_32.S
> +++ b/arch/powerpc/kernel/entry_32.S
> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>  	mfspr	r0,SPRN_DSRR1
>  	stw	r0,_DSRR1(r11)
>  	/* fall through */
> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
> 
>  	.globl	debug_transfer_to_handler
>  debug_transfer_to_handler:
> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>  	mfspr	r0,SPRN_CSRR1
>  	stw	r0,_CSRR1(r11)
>  	/* fall through */
> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
> 
>  	.globl	crit_transfer_to_handler
>  crit_transfer_to_handler:
> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>  	rlwinm	r0,r1,0,0,(31 - THREAD_SHIFT)
>  	stw	r0,KSP_LIMIT(r8)
>  	/* fall through */
> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>  #endif
> 
>  #ifdef CONFIG_40x
> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>  	rlwinm	r0,r1,0,0,(31 - THREAD_SHIFT)
>  	stw	r0,KSP_LIMIT(r8)
>  	/* fall through */
> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>  #endif
> 
>  /*
> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>  	.globl	transfer_to_handler_full
>  transfer_to_handler_full:
>  	SAVE_NVGPRS(r11)
> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>  	/* fall through */
> 
>  	.globl	transfer_to_handler
> @@ -286,6 +291,8 @@ reenable_mmu:
>  	lwz	r2, GPR2(r11)
>  	b	fast_exception_return
>  #endif
> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)

These are added after 'reenable_mmu', which is itself not blacklisted.  
Is that intentional?


- Naveen

Re: [PATCH 01/12] powerpc/52xx: Blacklist functions running with MMU disabled for kprobe

[Naveen N. Rao]

Christophe Leroy wrote:
> kprobe does not handle events happening in real mode, all
> functions running with MMU disabled have to be blacklisted.
> 
> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
> ---
>  arch/powerpc/platforms/52xx/lite5200_sleep.S | 2 ++
>  1 file changed, 2 insertions(+)

Apart from the two minor comments, for this series:
Acked-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>

- Naveen

Re: [PATCH 06/12] powerpc/32s: Make local symbols non visible in hash_low.

[Christophe Leroy]

Le 30/03/2020 à 19:06, Naveen N. Rao a écrit :
> Christophe Leroy wrote:
>> In hash_low.S, a lot of named local symbols are used instead of
>> numbers to ease code lisibility. However, they don't need to be
>                 ^^^^^^^^^^
> Nit..                  visibility


Lol, no.

I mean't "lisibilité" in French, which means "readability"

Re: [PATCH 06/12] powerpc/32s: Make local symbols non visible in hash_low.

[Naveen N. Rao]

Christophe Leroy wrote:
> 
> 
> Le 30/03/2020 à 19:06, Naveen N. Rao a écrit :
>> Christophe Leroy wrote:
>>> In hash_low.S, a lot of named local symbols are used instead of
>>> numbers to ease code lisibility. However, they don't need to be
>>                 ^^^^^^^^^^
>> Nit..                  visibility
> 
> 
> Lol, no.
> 
> I mean't "lisibilité" in French, which means "readability"

Touche :D

- Naveen

Re: [PATCH 10/12] powerpc/entry32: Blacklist exception entry points for kprobe.

[Christophe Leroy]

Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
> Christophe Leroy wrote:
>> kprobe does not handle events happening in real mode.
>>
>> As exception entry points are running with MMU disabled,
>> blacklist them.
>>
>> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
>> ---
>>  arch/powerpc/kernel/entry_32.S | 7 +++++++
>>  1 file changed, 7 insertions(+)
>>
>> diff --git a/arch/powerpc/kernel/entry_32.S 
>> b/arch/powerpc/kernel/entry_32.S
>> index 94f78c03cb79..9a1a45d6038a 100644
>> --- a/arch/powerpc/kernel/entry_32.S
>> +++ b/arch/powerpc/kernel/entry_32.S
>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>      mfspr    r0,SPRN_DSRR1
>>      stw    r0,_DSRR1(r11)
>>      /* fall through */
>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>
>>      .globl    debug_transfer_to_handler
>>  debug_transfer_to_handler:
>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>      mfspr    r0,SPRN_CSRR1
>>      stw    r0,_CSRR1(r11)
>>      /* fall through */
>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>
>>      .globl    crit_transfer_to_handler
>>  crit_transfer_to_handler:
>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>      stw    r0,KSP_LIMIT(r8)
>>      /* fall through */
>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>  #endif
>>
>>  #ifdef CONFIG_40x
>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>      stw    r0,KSP_LIMIT(r8)
>>      /* fall through */
>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>  #endif
>>
>>  /*
>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>      .globl    transfer_to_handler_full
>>  transfer_to_handler_full:
>>      SAVE_NVGPRS(r11)
>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>      /* fall through */
>>
>>      .globl    transfer_to_handler
>> @@ -286,6 +291,8 @@ reenable_mmu:
>>      lwz    r2, GPR2(r11)
>>      b    fast_exception_return
>>  #endif
>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
> 
> These are added after 'reenable_mmu', which is itself not blacklisted. 
> Is that intentional?

Yes I put it as the complete end of the entry part, ie just before 
stack_ovf which is a function by itself.

Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.

I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, that's 
the reason why I put it close to the symbol itself in my first series.

Could you have a look at the code and tell me what looks the most 
appropriate as a location to you ?

https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230

Thanks
Christophe

Re: [PATCH 10/12] powerpc/entry32: Blacklist exception entry points for kprobe.

[Christophe Leroy]

Le 30/03/2020 à 20:33, Christophe Leroy a écrit :
> 
> 
> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>> Christophe Leroy wrote:
>>> kprobe does not handle events happening in real mode.
>>>
>>> As exception entry points are running with MMU disabled,
>>> blacklist them.
>>>
>>> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
>>> ---
>>>  arch/powerpc/kernel/entry_32.S | 7 +++++++
>>>  1 file changed, 7 insertions(+)
>>>
>>> diff --git a/arch/powerpc/kernel/entry_32.S 
>>> b/arch/powerpc/kernel/entry_32.S
>>> index 94f78c03cb79..9a1a45d6038a 100644
>>> --- a/arch/powerpc/kernel/entry_32.S
>>> +++ b/arch/powerpc/kernel/entry_32.S
>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>>      mfspr    r0,SPRN_DSRR1
>>>      stw    r0,_DSRR1(r11)
>>>      /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>
>>>      .globl    debug_transfer_to_handler
>>>  debug_transfer_to_handler:
>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>>      mfspr    r0,SPRN_CSRR1
>>>      stw    r0,_CSRR1(r11)
>>>      /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>
>>>      .globl    crit_transfer_to_handler
>>>  crit_transfer_to_handler:
>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>      stw    r0,KSP_LIMIT(r8)
>>>      /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>  #endif
>>>
>>>  #ifdef CONFIG_40x
>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>      stw    r0,KSP_LIMIT(r8)
>>>      /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>  #endif
>>>
>>>  /*
>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>>      .globl    transfer_to_handler_full
>>>  transfer_to_handler_full:
>>>      SAVE_NVGPRS(r11)
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>>      /* fall through */
>>>
>>>      .globl    transfer_to_handler
>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>>      lwz    r2, GPR2(r11)
>>>      b    fast_exception_return
>>>  #endif
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>
>> These are added after 'reenable_mmu', which is itself not blacklisted. 
>> Is that intentional?
> 
> Yes I put it as the complete end of the entry part, ie just before 
> stack_ovf which is a function by itself.
> 
> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
> 
> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, that's 
> the reason why I put it close to the symbol itself in my first series.
> 
> Could you have a look at the code and tell me what looks the most 
> appropriate as a location to you ?
> 
> https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230 

Ok, thinking about it once more, I guess we have a problem as everything 
after that reenable_mmu will be visible.

So I'll respin

Christophe

Re: [PATCH 10/12] powerpc/entry32: Blacklist exception entry points for kprobe.

[Naveen N. Rao]

Christophe Leroy wrote:
> 
> 
> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>> Christophe Leroy wrote:
>>> kprobe does not handle events happening in real mode.
>>>
>>> As exception entry points are running with MMU disabled,
>>> blacklist them.
>>>
>>> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
>>> ---
>>>  arch/powerpc/kernel/entry_32.S | 7 +++++++
>>>  1 file changed, 7 insertions(+)
>>>
>>> diff --git a/arch/powerpc/kernel/entry_32.S 
>>> b/arch/powerpc/kernel/entry_32.S
>>> index 94f78c03cb79..9a1a45d6038a 100644
>>> --- a/arch/powerpc/kernel/entry_32.S
>>> +++ b/arch/powerpc/kernel/entry_32.S
>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>>      mfspr    r0,SPRN_DSRR1
>>>      stw    r0,_DSRR1(r11)
>>>      /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>
>>>      .globl    debug_transfer_to_handler
>>>  debug_transfer_to_handler:
>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>>      mfspr    r0,SPRN_CSRR1
>>>      stw    r0,_CSRR1(r11)
>>>      /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>
>>>      .globl    crit_transfer_to_handler
>>>  crit_transfer_to_handler:
>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>      stw    r0,KSP_LIMIT(r8)
>>>      /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>  #endif
>>>
>>>  #ifdef CONFIG_40x
>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>      stw    r0,KSP_LIMIT(r8)
>>>      /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>  #endif
>>>
>>>  /*
>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>>      .globl    transfer_to_handler_full
>>>  transfer_to_handler_full:
>>>      SAVE_NVGPRS(r11)
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>>      /* fall through */
>>>
>>>      .globl    transfer_to_handler
>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>>      lwz    r2, GPR2(r11)
>>>      b    fast_exception_return
>>>  #endif
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>> 
>> These are added after 'reenable_mmu', which is itself not blacklisted. 
>> Is that intentional?
> 
> Yes I put it as the complete end of the entry part, ie just before 
> stack_ovf which is a function by itself.
> 
> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
> 
> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, that's 
> the reason why I put it close to the symbol itself in my first series.

Ok, I see what you mean. 'reenable_mmu' can probably be moved after the 
end of 'transfer_to_handler_cont' (as also removing what looks to be an 
unused label '1' for the branch to trace_hardirqs_off), but that's a 
minor thing. From the blacklisting point, this is not an issue.

- Naveen

Re: [PATCH 10/12] powerpc/entry32: Blacklist exception entry points for kprobe.

[Naveen N. Rao]

Christophe Leroy wrote:
> 
> 
> Le 30/03/2020 à 20:33, Christophe Leroy a écrit :
>> 
>> 
>> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>>> Christophe Leroy wrote:
>>>> kprobe does not handle events happening in real mode.
>>>>
>>>> As exception entry points are running with MMU disabled,
>>>> blacklist them.
>>>>
>>>> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
>>>> ---
>>>>  arch/powerpc/kernel/entry_32.S | 7 +++++++
>>>>  1 file changed, 7 insertions(+)
>>>>
>>>> diff --git a/arch/powerpc/kernel/entry_32.S 
>>>> b/arch/powerpc/kernel/entry_32.S
>>>> index 94f78c03cb79..9a1a45d6038a 100644
>>>> --- a/arch/powerpc/kernel/entry_32.S
>>>> +++ b/arch/powerpc/kernel/entry_32.S
>>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>>>      mfspr    r0,SPRN_DSRR1
>>>>      stw    r0,_DSRR1(r11)
>>>>      /* fall through */
>>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>>
>>>>      .globl    debug_transfer_to_handler
>>>>  debug_transfer_to_handler:
>>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>>>      mfspr    r0,SPRN_CSRR1
>>>>      stw    r0,_CSRR1(r11)
>>>>      /* fall through */
>>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>>
>>>>      .globl    crit_transfer_to_handler
>>>>  crit_transfer_to_handler:
>>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>      stw    r0,KSP_LIMIT(r8)
>>>>      /* fall through */
>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>  #endif
>>>>
>>>>  #ifdef CONFIG_40x
>>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>      stw    r0,KSP_LIMIT(r8)
>>>>      /* fall through */
>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>  #endif
>>>>
>>>>  /*
>>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>>>      .globl    transfer_to_handler_full
>>>>  transfer_to_handler_full:
>>>>      SAVE_NVGPRS(r11)
>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>>>      /* fall through */
>>>>
>>>>      .globl    transfer_to_handler
>>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>>>      lwz    r2, GPR2(r11)
>>>>      b    fast_exception_return
>>>>  #endif
>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>>
>>> These are added after 'reenable_mmu', which is itself not blacklisted. 
>>> Is that intentional?
>> 
>> Yes I put it as the complete end of the entry part, ie just before 
>> stack_ovf which is a function by itself.
>> 
>> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
>> 
>> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, that's 
>> the reason why I put it close to the symbol itself in my first series.
>> 
>> Could you have a look at the code and tell me what looks the most 
>> appropriate as a location to you ?
>> 
>> https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230 
> 
> Ok, thinking about it once more, I guess we have a problem as everything 
> after that reenable_mmu will be visible.

I see that we reach reenable_mmu through a 'rfi' with MSR_KERNEL, which 
seems safe to me. So, I figured it can be probed without issues?

- Naveen

Re: [PATCH 10/12] powerpc/entry32: Blacklist exception entry points for kprobe.

[Christophe Leroy]

Le 31/03/2020 à 08:17, Naveen N. Rao a écrit :
> Christophe Leroy wrote:
>>
>>
>> Le 30/03/2020 à 20:33, Christophe Leroy a écrit :
>>>
>>>
>>> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>>>> Christophe Leroy wrote:
>>>>> kprobe does not handle events happening in real mode.
>>>>>
>>>>> As exception entry points are running with MMU disabled,
>>>>> blacklist them.
>>>>>
>>>>> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
>>>>> ---
>>>>>  arch/powerpc/kernel/entry_32.S | 7 +++++++
>>>>>  1 file changed, 7 insertions(+)
>>>>>
>>>>> diff --git a/arch/powerpc/kernel/entry_32.S 
>>>>> b/arch/powerpc/kernel/entry_32.S
>>>>> index 94f78c03cb79..9a1a45d6038a 100644
>>>>> --- a/arch/powerpc/kernel/entry_32.S
>>>>> +++ b/arch/powerpc/kernel/entry_32.S
>>>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>>>>      mfspr    r0,SPRN_DSRR1
>>>>>      stw    r0,_DSRR1(r11)
>>>>>      /* fall through */
>>>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>>>
>>>>>      .globl    debug_transfer_to_handler
>>>>>  debug_transfer_to_handler:
>>>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>>>>      mfspr    r0,SPRN_CSRR1
>>>>>      stw    r0,_CSRR1(r11)
>>>>>      /* fall through */
>>>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>>>
>>>>>      .globl    crit_transfer_to_handler
>>>>>  crit_transfer_to_handler:
>>>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>>      stw    r0,KSP_LIMIT(r8)
>>>>>      /* fall through */
>>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>>  #endif
>>>>>
>>>>>  #ifdef CONFIG_40x
>>>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>>      stw    r0,KSP_LIMIT(r8)
>>>>>      /* fall through */
>>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>>  #endif
>>>>>
>>>>>  /*
>>>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>>>>      .globl    transfer_to_handler_full
>>>>>  transfer_to_handler_full:
>>>>>      SAVE_NVGPRS(r11)
>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>>>>      /* fall through */
>>>>>
>>>>>      .globl    transfer_to_handler
>>>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>>>>      lwz    r2, GPR2(r11)
>>>>>      b    fast_exception_return
>>>>>  #endif
>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>>>
>>>> These are added after 'reenable_mmu', which is itself not 
>>>> blacklisted. Is that intentional?
>>>
>>> Yes I put it as the complete end of the entry part, ie just before 
>>> stack_ovf which is a function by itself.
>>>
>>> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
>>>
>>> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, 
>>> that's the reason why I put it close to the symbol itself in my first 
>>> series.
>>>
>>> Could you have a look at the code and tell me what looks the most 
>>> appropriate as a location to you ?
>>>
>>> https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230 
>>
>>
>> Ok, thinking about it once more, I guess we have a problem as 
>> everything after that reenable_mmu will be visible.
> 
> I see that we reach reenable_mmu through a 'rfi' with MSR_KERNEL, which 
> seems safe to me. So, I figured it can be probed without issues?

Yes it can. And that's the reason why I didn't blacklist it. However the 
4: and 7: which are after reenable_mmu are called from earlier, at a 
time we are still in real mode. So I need to do something about that I 
guess.

Christophe

Re: [PATCH 10/12] powerpc/entry32: Blacklist exception entry points for kprobe.

[Naveen N. Rao]

Christophe Leroy wrote:
> 
> 
> Le 31/03/2020 à 08:17, Naveen N. Rao a écrit :
>> Christophe Leroy wrote:
>>>
>>>
>>> Le 30/03/2020 à 20:33, Christophe Leroy a écrit :
>>>>
>>>>
>>>> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>>>>> Christophe Leroy wrote:
>>>>>> kprobe does not handle events happening in real mode.
>>>>>>
>>>>>> As exception entry points are running with MMU disabled,
>>>>>> blacklist them.
>>>>>>
>>>>>> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
>>>>>> ---
>>>>>>  arch/powerpc/kernel/entry_32.S | 7 +++++++
>>>>>>  1 file changed, 7 insertions(+)
>>>>>>
>>>>>> diff --git a/arch/powerpc/kernel/entry_32.S 
>>>>>> b/arch/powerpc/kernel/entry_32.S
>>>>>> index 94f78c03cb79..9a1a45d6038a 100644
>>>>>> --- a/arch/powerpc/kernel/entry_32.S
>>>>>> +++ b/arch/powerpc/kernel/entry_32.S
>>>>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>>>>>      mfspr    r0,SPRN_DSRR1
>>>>>>      stw    r0,_DSRR1(r11)
>>>>>>      /* fall through */
>>>>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>>>>
>>>>>>      .globl    debug_transfer_to_handler
>>>>>>  debug_transfer_to_handler:
>>>>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>>>>>      mfspr    r0,SPRN_CSRR1
>>>>>>      stw    r0,_CSRR1(r11)
>>>>>>      /* fall through */
>>>>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>>>>
>>>>>>      .globl    crit_transfer_to_handler
>>>>>>  crit_transfer_to_handler:
>>>>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>>>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>>>      stw    r0,KSP_LIMIT(r8)
>>>>>>      /* fall through */
>>>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>>>  #endif
>>>>>>
>>>>>>  #ifdef CONFIG_40x
>>>>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>>>>>      rlwinm    r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>>>      stw    r0,KSP_LIMIT(r8)
>>>>>>      /* fall through */
>>>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>>>  #endif
>>>>>>
>>>>>>  /*
>>>>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>>>>>      .globl    transfer_to_handler_full
>>>>>>  transfer_to_handler_full:
>>>>>>      SAVE_NVGPRS(r11)
>>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>>>>>      /* fall through */
>>>>>>
>>>>>>      .globl    transfer_to_handler
>>>>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>>>>>      lwz    r2, GPR2(r11)
>>>>>>      b    fast_exception_return
>>>>>>  #endif
>>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>>>>
>>>>> These are added after 'reenable_mmu', which is itself not 
>>>>> blacklisted. Is that intentional?
>>>>
>>>> Yes I put it as the complete end of the entry part, ie just before 
>>>> stack_ovf which is a function by itself.
>>>>
>>>> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
>>>>
>>>> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, 
>>>> that's the reason why I put it close to the symbol itself in my first 
>>>> series.
>>>>
>>>> Could you have a look at the code and tell me what looks the most 
>>>> appropriate as a location to you ?
>>>>
>>>> https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230 
>>>
>>>
>>> Ok, thinking about it once more, I guess we have a problem as 
>>> everything after that reenable_mmu will be visible.
>> 
>> I see that we reach reenable_mmu through a 'rfi' with MSR_KERNEL, which 
>> seems safe to me. So, I figured it can be probed without issues?
> 
> Yes it can. And that's the reason why I didn't blacklist it. However the 
> 4: and 7: which are after reenable_mmu are called from earlier, at a 
> time we are still in real mode. So I need to do something about that I 
> guess.

Ah yes, good catch. Makes sense to move 'reenable_mmu' after all.

Thanks,
Naveen