From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: ACJfBottvsu8Vcl7v77xj7bb8blAtH+r9sAoUbVH/Ajomg5zJ5Uf0EoC9t2Cn490nyxivUNYXFuv ARC-Seal: i=1; a=rsa-sha256; t=1516377094; cv=none; d=google.com; s=arc-20160816; b=yLZ9izvZRPDuNbDg0WeHrm+Rb3kKsQkZ7MBj1RTzmikIgt9NYQzxZskplqMCgRg6ei 6ZaQJpFAd/BX2sEN8jbT3DC0CvkXvHPBKOWe5bxOHCR5BjM2ILyYNJ+uHCkjCp5evrnp pvJ/Fik0RvZeINKAPZsZEebHLMvC4zHGLbFDQBoBU9PgbRnj2oaK3Ug8GhNoLeTBPRQ4 XZZfu1A8u7LrgLvnKeucQtK5wiCb0UlAAdwbalFXzW4bN4X/0p+k/J7u/DejJ4xdoFs7 kaj21wwzOxKjXdz2Gi7lWeGqkx7NL5yurt78kyRm22xfIQDmzm+7BbD6dBHxnh7y6gob pJlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=precedence:content-disposition:content-transfer-encoding :mime-version:robot-unsubscribe:robot-id:git-commit-id:subject:to :references:in-reply-to:reply-to:cc:message-id:from:sender:date :arc-authentication-results; bh=9DZcDu0dxUUHym/g7itv1JEHFyAMGzigw84yWnwwYNY=; b=WQTnPWrs/q3wMImiEYqFbFVrf/PsXIGPyUMyme6lBNfBuM0YWaTQH/V7ukJN3+95nJ gzO8Zr9XramndJ01E/4SrZcUPRzk8ZoW4PNLYLjLOVD7YOFyocunvmQ6yGWswprzGOVS PHyKT9EBF2CetmRGRSD0CEsznKt5klltOheIVYNZP7Y0CM0EBXdbgvaO8vDMR2qEpAwv L67mfdaHqHQK0VG33MQGg02CkJcZZ1wfwspVVn5aNXxmzKDbfzoRsk7XNSU/sESNpYWh fgjh/T2uzNzjwDeulxZKu80kxLJmcr6rJi+2bKwAEiZLjDpMBqQ80CmrPcUvgdgs9I0r k2nw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of tipbot@zytor.com designates 65.50.211.136 as permitted sender) smtp.mailfrom=tipbot@zytor.com Authentication-Results: mx.google.com; spf=pass (google.com: domain of tipbot@zytor.com designates 65.50.211.136 as permitted sender) smtp.mailfrom=tipbot@zytor.com Date: Fri, 19 Jan 2018 07:48:11 -0800 Sender: tip tree robot From: tip-bot for Masami Hiramatsu Message-ID: Cc: mhiramat@kernel.org, arjan@linux.intel.com, peterz@infradead.org, ak@linux.intel.com, gregkh@linux-foundation.org, mingo@kernel.org, dwmw@amazon.co.uk, hpa@zytor.com, linux-kernel@vger.kernel.org, tglx@linutronix.de, ananth@linux.vnet.ibm.com Reply-To: linux-kernel@vger.kernel.org, hpa@zytor.com, dwmw@amazon.co.uk, mingo@kernel.org, gregkh@linux-foundation.org, ak@linux.intel.com, ananth@linux.vnet.ibm.com, tglx@linutronix.de, arjan@linux.intel.com, peterz@infradead.org, mhiramat@kernel.org In-Reply-To: <151629212062.10241.6991266100233002273.stgit@devbox> References: <151629212062.10241.6991266100233002273.stgit@devbox> To: linux-tip-commits@vger.kernel.org Subject: [tip:x86/pti] kprobes/x86: Disable optimizing on the function jumps to indirect thunk Git-Commit-ID: c86a32c09f8ced67971a2310e3b0dda4d1749007 X-Mailer: tip-git-log-daemon Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1589931632406825364?= X-GMAIL-MSGID: =?utf-8?q?1590036627735365469?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: Commit-ID: c86a32c09f8ced67971a2310e3b0dda4d1749007 Gitweb: https://git.kernel.org/tip/c86a32c09f8ced67971a2310e3b0dda4d1749007 Author: Masami Hiramatsu AuthorDate: Fri, 19 Jan 2018 01:15:20 +0900 Committer: Thomas Gleixner CommitDate: Fri, 19 Jan 2018 16:31:29 +0100 kprobes/x86: Disable optimizing on the function jumps to indirect thunk Since indirect jump instructions will be replaced by jump to __x86_indirect_thunk_*, those jmp instruction must be treated as an indirect jump. Since optprobe prohibits to optimize probes in the function which uses an indirect jump, it also needs to find out the function which jump to __x86_indirect_thunk_* and disable optimization. Add a check that the jump target address is between the __indirect_thunk_start/end when optimizing kprobe. Signed-off-by: Masami Hiramatsu Signed-off-by: Thomas Gleixner Acked-by: David Woodhouse Cc: Andi Kleen Cc: Peter Zijlstra Cc: Ananth N Mavinakayanahalli Cc: Arjan van de Ven Cc: Greg Kroah-Hartman Cc: stable@vger.kernel.org Link: https://lkml.kernel.org/r/151629212062.10241.6991266100233002273.stgit@devbox --- arch/x86/kernel/kprobes/opt.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/kprobes/opt.c b/arch/x86/kernel/kprobes/opt.c index 4f98aad..3668f28 100644 --- a/arch/x86/kernel/kprobes/opt.c +++ b/arch/x86/kernel/kprobes/opt.c @@ -40,6 +40,7 @@ #include #include #include +#include #include "common.h" @@ -205,7 +206,7 @@ static int copy_optimized_instructions(u8 *dest, u8 *src) } /* Check whether insn is indirect jump */ -static int insn_is_indirect_jump(struct insn *insn) +static int __insn_is_indirect_jump(struct insn *insn) { return ((insn->opcode.bytes[0] == 0xff && (X86_MODRM_REG(insn->modrm.value) & 6) == 4) || /* Jump */ @@ -239,6 +240,26 @@ static int insn_jump_into_range(struct insn *insn, unsigned long start, int len) return (start <= target && target <= start + len); } +static int insn_is_indirect_jump(struct insn *insn) +{ + int ret = __insn_is_indirect_jump(insn); + +#ifdef CONFIG_RETPOLINE + /* + * Jump to x86_indirect_thunk_* is treated as an indirect jump. + * Note that even with CONFIG_RETPOLINE=y, the kernel compiled with + * older gcc may use indirect jump. So we add this check instead of + * replace indirect-jump check. + */ + if (!ret) + ret = insn_jump_into_range(insn, + (unsigned long)__indirect_thunk_start, + (unsigned long)__indirect_thunk_end - + (unsigned long)__indirect_thunk_start); +#endif + return ret; +} + /* Decode whole function to ensure any instructions don't jump into target */ static int can_optimize(unsigned long paddr) {