lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20220613083627.22388-1-l3b2w1@gmail.com>
Date:   Mon, 13 Jun 2022 16:36:27 +0800
From:   binglei wang <l3b2w1@...il.com>
To:     mhiramat@...nel.org
Cc:     naveen.n.rao@...ux.ibm.com, anil.s.keshavamurthy@...el.com,
        davem@...emloft.net, linux-kernel@...r.kernel.org,
        binglei wang <l3b2w1@...il.com>
Subject: [PATCH 2/2] kprobes: refactor populate_kprobe_blacklist()

From: binglei wang <l3b2w1@...il.com>

Just make it seems orderly

Signed-off-by: binglei wang <l3b2w1@...il.com>
---
 kernel/kprobes.c | 41 +++++++++++++++++++++++++++--------------
 1 file changed, 27 insertions(+), 14 deletions(-)

diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index f4a829d98..b2b1ef7bc 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -2475,6 +2475,26 @@ int kprobe_add_area_blacklist(unsigned long start, unsigned long end)
 	return 0;
 }
 
+/* Add all symbols marked with NOKPROBE_SYMBOL into kprobe blacklist */
+static int __init kprobe_add_nokpb_blacklist(unsigned long *start,
+					     unsigned long *end)
+{
+	unsigned long entry;
+	unsigned long *iter;
+	int ret = 0;
+
+	for (iter = start; iter < end; iter++) {
+		entry = (unsigned long)dereference_symbol_descriptor((void *)*iter);
+		ret = kprobe_add_ksym_blacklist(entry);
+		if (ret == -EINVAL)
+			continue;
+		if (ret < 0)
+			return ret;
+	}
+
+	return ret;
+}
+
 /* Remove all symbols in given area from kprobe blacklist */
 static void kprobe_remove_area_blacklist(unsigned long start, unsigned long end)
 {
@@ -2528,21 +2548,15 @@ int __init __weak arch_populate_kprobe_blacklist(void)
  * since a kprobe need not necessarily be at the beginning
  * of a function.
  */
-static int __init populate_kprobe_blacklist(unsigned long *start,
-					     unsigned long *end)
+static int __init populate_kprobe_blacklist(void)
 {
-	unsigned long entry;
-	unsigned long *iter;
 	int ret;
 
-	for (iter = start; iter < end; iter++) {
-		entry = (unsigned long)dereference_symbol_descriptor((void *)*iter);
-		ret = kprobe_add_ksym_blacklist(entry);
-		if (ret == -EINVAL)
-			continue;
-		if (ret < 0)
-			return ret;
-	}
+	/* Symbols in '__start/__stop_kprobe_blacklist' are blacklisted */
+	ret = kprobe_add_nokpb_blacklist(__start_kprobe_blacklist,
+					__stop_kprobe_blacklist);
+	if (ret)
+		return ret;
 
 	/* Symbols in '__kprobes_text' are blacklisted */
 	ret = kprobe_add_area_blacklist((unsigned long)__kprobes_text_start,
@@ -2690,8 +2704,7 @@ static int __init init_kprobes(void)
 	for (i = 0; i < KPROBE_TABLE_SIZE; i++)
 		INIT_HLIST_HEAD(&kprobe_table[i]);
 
-	err = populate_kprobe_blacklist(__start_kprobe_blacklist,
-					__stop_kprobe_blacklist);
+	err = populate_kprobe_blacklist();
 	if (err)
 		pr_err("Failed to populate blacklist (error %d), kprobes not restricted, be careful using them!\n", err);
 
-- 
2.27.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ