lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200717030422.679972-1-jarkko.sakkinen@linux.intel.com>
Date:   Fri, 17 Jul 2020 06:04:14 +0300
From:   Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To:     linux-kernel@...r.kernel.org
Cc:     Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Subject: [PATCH v4 0/7] arch/x86: kprobes: Remove MODULES dependency

Remove MODULES dependency by migrating from module_alloc() to the new
text_alloc() API. Essentially these changes provide preliminaries for
allowing to compile a static kernel with a proper tracing support.

The same API can be used later on in other sites that allocate space for
trampolines, and trivially scaled to other arch's. An arch can inform
with CONFIG_ARCH_HAS_TEXT_ALLOC that it's providing implementation for
text_alloc().

I tested this by creating a trivial (x86_64_defconfig) kernel and initrd
(BusyBox) and then run the most basic kprobe:

# ./kprobe p:do_sys_open
Tracing kprobe do_sys_open. Ctrl-C to end.
             cat-1018  [000] ....   277.635966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.635966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.636966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.636966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.636966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.636966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.636966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.636966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.636966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.640966: do_sys_open: (do_sys_open+0x0/0x80)
             cat-1018  [000] ....   277.654963: do_sys_open: (do_sys_open+0x0/0x80)

I did only "sed -i 's/=m/=y/' .config" and disabled CONFIG_MODULES. The
test was run under QEMU:

qemu-system-x86_64 -kernel output/images/bzImage  \
-m 1G -initrd output/images/rootfs.cpio \
-append "root=/dev/sda rw console=ttyS0,115200 acpi=off nokaslr" \
-serial stdio -display none

v3:
* Make text_alloc() API disjoint.
* Remove all the possible extra clutter not absolutely required and
  split into more logical pieces.

Jarkko Sakkinen (7):
  module: Add lock_modules() and unlock_modules()
  kprobes: Use lock_modules() and unlock_modules()
  vmalloc: Add text_alloc() and text_free()
  arch/x86: Implement text_alloc() and text_free()
  arch/x86: kprobes: Use text_alloc() in alloc_insn_page()
  kprobes: Use text_alloc() and text_free()
  kprobes: Flag out CONFIG_MODULES dependent code

 arch/Kconfig                   |  2 +-
 arch/x86/Kconfig               |  3 ++
 arch/x86/kernel/Makefile       |  1 +
 arch/x86/kernel/kprobes/core.c |  8 +----
 arch/x86/kernel/text_alloc.c   | 41 ++++++++++++++++++++++++
 include/linux/module.h         | 32 ++++++++++++++-----
 include/linux/vmalloc.h        | 23 ++++++++++++++
 kernel/kprobes.c               | 57 +++++++++++++++++++++-------------
 kernel/trace/trace_kprobe.c    | 20 +++++++++---
 9 files changed, 146 insertions(+), 41 deletions(-)
 create mode 100644 arch/x86/kernel/text_alloc.c

-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ