75a1a607bb
Add two new probe_kernel_read_strict() and strncpy_from_unsafe_strict()
helpers which by default alias to the __probe_kernel_read() and the
__strncpy_from_unsafe(), respectively, but can be overridden by archs
which have non-overlapping address ranges for kernel space and user
space in order to bail out with -EFAULT when attempting to probe user
memory including non-canonical user access addresses [0]:
4-level page tables:
user-space mem: 0x0000000000000000 - 0x00007fffffffffff
non-canonical: 0x0000800000000000 - 0xffff7fffffffffff
5-level page tables:
user-space mem: 0x0000000000000000 - 0x00ffffffffffffff
non-canonical: 0x0100000000000000 - 0xfeffffffffffffff
The idea is that these helpers are complementary to the probe_user_read()
and strncpy_from_unsafe_user() which probe user-only memory. Both added
helpers here do the same, but for kernel-only addresses.
Both set of helpers are going to be used for BPF tracing. They also
explicitly avoid throwing the splat for non-canonical user addresses from
00c42373d3
("x86-64: add warning for non-canonical user access address
dereferences").
For compat, the current probe_kernel_read() and strncpy_from_unsafe() are
left as-is.
[0] Documentation/x86/x86_64/mm.txt
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: x86@kernel.org
Link: https://lore.kernel.org/bpf/eefeefd769aa5a013531f491a71f0936779e916b.1572649915.git.daniel@iogearbox.net
56 lines
1.8 KiB
Makefile
56 lines
1.8 KiB
Makefile
# SPDX-License-Identifier: GPL-2.0
|
|
# Kernel does not boot with instrumentation of tlb.c and mem_encrypt*.c
|
|
KCOV_INSTRUMENT_tlb.o := n
|
|
KCOV_INSTRUMENT_mem_encrypt.o := n
|
|
KCOV_INSTRUMENT_mem_encrypt_identity.o := n
|
|
|
|
KASAN_SANITIZE_mem_encrypt.o := n
|
|
KASAN_SANITIZE_mem_encrypt_identity.o := n
|
|
|
|
ifdef CONFIG_FUNCTION_TRACER
|
|
CFLAGS_REMOVE_mem_encrypt.o = -pg
|
|
CFLAGS_REMOVE_mem_encrypt_identity.o = -pg
|
|
endif
|
|
|
|
obj-y := init.o init_$(BITS).o fault.o ioremap.o extable.o pageattr.o mmap.o \
|
|
pat.o pgtable.o physaddr.o setup_nx.o tlb.o cpu_entry_area.o maccess.o
|
|
|
|
# Make sure __phys_addr has no stackprotector
|
|
nostackp := $(call cc-option, -fno-stack-protector)
|
|
CFLAGS_physaddr.o := $(nostackp)
|
|
CFLAGS_setup_nx.o := $(nostackp)
|
|
CFLAGS_mem_encrypt_identity.o := $(nostackp)
|
|
|
|
CFLAGS_fault.o := -I $(srctree)/$(src)/../include/asm/trace
|
|
|
|
obj-$(CONFIG_X86_PAT) += pat_rbtree.o
|
|
|
|
obj-$(CONFIG_X86_32) += pgtable_32.o iomap_32.o
|
|
|
|
obj-$(CONFIG_HUGETLB_PAGE) += hugetlbpage.o
|
|
obj-$(CONFIG_X86_PTDUMP_CORE) += dump_pagetables.o
|
|
obj-$(CONFIG_X86_PTDUMP) += debug_pagetables.o
|
|
|
|
obj-$(CONFIG_HIGHMEM) += highmem_32.o
|
|
|
|
KASAN_SANITIZE_kasan_init_$(BITS).o := n
|
|
obj-$(CONFIG_KASAN) += kasan_init_$(BITS).o
|
|
|
|
obj-$(CONFIG_MMIOTRACE) += mmiotrace.o
|
|
mmiotrace-y := kmmio.o pf_in.o mmio-mod.o
|
|
obj-$(CONFIG_MMIOTRACE_TEST) += testmmiotrace.o
|
|
|
|
obj-$(CONFIG_NUMA) += numa.o numa_$(BITS).o
|
|
obj-$(CONFIG_AMD_NUMA) += amdtopology.o
|
|
obj-$(CONFIG_ACPI_NUMA) += srat.o
|
|
obj-$(CONFIG_NUMA_EMU) += numa_emulation.o
|
|
|
|
obj-$(CONFIG_X86_INTEL_MPX) += mpx.o
|
|
obj-$(CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS) += pkeys.o
|
|
obj-$(CONFIG_RANDOMIZE_MEMORY) += kaslr.o
|
|
obj-$(CONFIG_PAGE_TABLE_ISOLATION) += pti.o
|
|
|
|
obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt.o
|
|
obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_identity.o
|
|
obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_boot.o
|