| Message ID | 20230204101807.2862321-1-ardb@kernel.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | arm64: kprobes: Drop ID map text from kprobes blacklist | expand |
On Sat, Feb 04, 2023 at 11:18:07AM +0100, Ard Biesheuvel wrote: > The ID mapped text region is never accessed via the normal kernel > mapping of text, and so it was moved into .rodata instead. This means it > is no longer considered as a suitable place for kprobes by default, and > the explicit blacklist is unnecessary, and actually results in an error > message at boot: > > kprobes: Failed to populate blacklist (error -22), kprobes not restricted, be careful using them! > > So stop blacklisting the ID map text explicitly. > > Fixes: af7249b317e4d0b3d ("arm64: kernel: move identity map out of .text mapping") > Reported-by: Nathan Chancellor <nathan@kernel.org> > Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Thank you for the quick fix! Tested-by: Nathan Chancellor <nathan@kernel.org> > --- > arch/arm64/kernel/probes/kprobes.c | 4 ---- > 1 file changed, 4 deletions(-) > > diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c > index f35d059a9a366fa6..70b91a8c6bb3f358 100644 > --- a/arch/arm64/kernel/probes/kprobes.c > +++ b/arch/arm64/kernel/probes/kprobes.c > @@ -387,10 +387,6 @@ int __init arch_populate_kprobe_blacklist(void) > (unsigned long)__irqentry_text_end); > if (ret) > return ret; > - ret = kprobe_add_area_blacklist((unsigned long)__idmap_text_start, > - (unsigned long)__idmap_text_end); > - if (ret) > - return ret; > ret = kprobe_add_area_blacklist((unsigned long)__hyp_text_start, > (unsigned long)__hyp_text_end); > if (ret || is_kernel_in_hyp_mode()) > -- > 2.39.1 >
On Sat, Feb 04, 2023 at 11:18:07AM +0100, Ard Biesheuvel wrote: > The ID mapped text region is never accessed via the normal kernel > mapping of text, and so it was moved into .rodata instead. This means it > is no longer considered as a suitable place for kprobes by default, and > the explicit blacklist is unnecessary, and actually results in an error > message at boot: > > kprobes: Failed to populate blacklist (error -22), kprobes not restricted, be careful using them! > > So stop blacklisting the ID map text explicitly. > > Fixes: af7249b317e4d0b3d ("arm64: kernel: move identity map out of .text mapping") > Reported-by: Nathan Chancellor <nathan@kernel.org> > Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Mark Rutland <mark.rutland@arm.com> Mark. > --- > arch/arm64/kernel/probes/kprobes.c | 4 ---- > 1 file changed, 4 deletions(-) > > diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c > index f35d059a9a366fa6..70b91a8c6bb3f358 100644 > --- a/arch/arm64/kernel/probes/kprobes.c > +++ b/arch/arm64/kernel/probes/kprobes.c > @@ -387,10 +387,6 @@ int __init arch_populate_kprobe_blacklist(void) > (unsigned long)__irqentry_text_end); > if (ret) > return ret; > - ret = kprobe_add_area_blacklist((unsigned long)__idmap_text_start, > - (unsigned long)__idmap_text_end); > - if (ret) > - return ret; > ret = kprobe_add_area_blacklist((unsigned long)__hyp_text_start, > (unsigned long)__hyp_text_end); > if (ret || is_kernel_in_hyp_mode()) > -- > 2.39.1 > > > _______________________________________________ > linux-arm-kernel mailing list > linux-arm-kernel@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
On Sat, 04 Feb 2023 11:18:07 +0100, Ard Biesheuvel wrote: > The ID mapped text region is never accessed via the normal kernel > mapping of text, and so it was moved into .rodata instead. This means it > is no longer considered as a suitable place for kprobes by default, and > the explicit blacklist is unnecessary, and actually results in an error > message at boot: > > kprobes: Failed to populate blacklist (error -22), kprobes not restricted, be careful using them! > > [...] Applied to arm64 (for-next/efi-boot-mmu-on), thanks! [1/1] arm64: kprobes: Drop ID map text from kprobes blacklist https://git.kernel.org/arm64/c/a088cf8eee12
diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c index f35d059a9a366fa6..70b91a8c6bb3f358 100644 --- a/arch/arm64/kernel/probes/kprobes.c +++ b/arch/arm64/kernel/probes/kprobes.c @@ -387,10 +387,6 @@ int __init arch_populate_kprobe_blacklist(void) (unsigned long)__irqentry_text_end); if (ret) return ret; - ret = kprobe_add_area_blacklist((unsigned long)__idmap_text_start, - (unsigned long)__idmap_text_end); - if (ret) - return ret; ret = kprobe_add_area_blacklist((unsigned long)__hyp_text_start, (unsigned long)__hyp_text_end); if (ret || is_kernel_in_hyp_mode())
The ID mapped text region is never accessed via the normal kernel mapping of text, and so it was moved into .rodata instead. This means it is no longer considered as a suitable place for kprobes by default, and the explicit blacklist is unnecessary, and actually results in an error message at boot: kprobes: Failed to populate blacklist (error -22), kprobes not restricted, be careful using them! So stop blacklisting the ID map text explicitly. Fixes: af7249b317e4d0b3d ("arm64: kernel: move identity map out of .text mapping") Reported-by: Nathan Chancellor <nathan@kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> --- arch/arm64/kernel/probes/kprobes.c | 4 ---- 1 file changed, 4 deletions(-)