[thirdparty/kernel/stable-queue.git] / releases / 4.19.29 / arm64-kprobe-always-blacklist-the-kvm-world-switch-c.patch

From f0b2351f6ab425b8672ba6f74a842f1ab83e5d3c Mon Sep 17 00:00:00 2001
From: James Morse <james.morse@arm.com>
Date: Thu, 24 Jan 2019 16:32:55 +0000
Subject: arm64: kprobe: Always blacklist the KVM world-switch code

[ Upstream commit f2b3d8566d81deaca31f4e3163def0bea7746e11 ]

On systems with VHE the kernel and KVM's world-switch code run at the
same exception level. Code that is only used on a VHE system does not
need to be annotated as __hyp_text as it can reside anywhere in the
 kernel text.

__hyp_text was also used to prevent kprobes from patching breakpoint
instructions into this region, as this code runs at a different
exception level. While this is no longer true with VHE, KVM still
switches VBAR_EL1, meaning a kprobe's breakpoint executed in the
world-switch code will cause a hyp-panic.

Move the __hyp_text check in the kprobes blacklist so it applies on
VHE systems too, to cover the common code and guest enter/exit
assembly.

Fixes: 888b3c8720e0 ("arm64: Treat all entry code as non-kprobe-able")
Reviewed-by: Christoffer Dall <christoffer.dall@arm.com>
Signed-off-by: James Morse <james.morse@arm.com>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 arch/arm64/kernel/probes/kprobes.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c
index b5a367d4bba6..30bb13797034 100644
--- a/arch/arm64/kernel/probes/kprobes.c
+++ b/arch/arm64/kernel/probes/kprobes.c
@@ -478,13 +478,13 @@ bool arch_within_kprobe_blacklist(unsigned long addr)
 	    addr < (unsigned long)__entry_text_end) ||
 	    (addr >= (unsigned long)__idmap_text_start &&
 	    addr < (unsigned long)__idmap_text_end) ||
+	    (addr >= (unsigned long)__hyp_text_start &&
+	    addr < (unsigned long)__hyp_text_end) ||
 	    !!search_exception_tables(addr))
 		return true;
 
 	if (!is_kernel_in_hyp_mode()) {
-		if ((addr >= (unsigned long)__hyp_text_start &&
-		    addr < (unsigned long)__hyp_text_end) ||
-		    (addr >= (unsigned long)__hyp_idmap_text_start &&
+		if ((addr >= (unsigned long)__hyp_idmap_text_start &&
 		    addr < (unsigned long)__hyp_idmap_text_end))
 			return true;
 	}
-- 
2.19.1
Commit	Line	Data
7748c0ed SL	1	From f0b2351f6ab425b8672ba6f74a842f1ab83e5d3c Mon Sep 17 00:00:00 2001
	2	From: James Morse <james.morse@arm.com>
	3	Date: Thu, 24 Jan 2019 16:32:55 +0000
	4	Subject: arm64: kprobe: Always blacklist the KVM world-switch code
	5
	6	[ Upstream commit f2b3d8566d81deaca31f4e3163def0bea7746e11 ]
	7
	8	On systems with VHE the kernel and KVM's world-switch code run at the
	9	same exception level. Code that is only used on a VHE system does not
	10	need to be annotated as __hyp_text as it can reside anywhere in the
	11	kernel text.
	12
	13	__hyp_text was also used to prevent kprobes from patching breakpoint
	14	instructions into this region, as this code runs at a different
	15	exception level. While this is no longer true with VHE, KVM still
	16	switches VBAR_EL1, meaning a kprobe's breakpoint executed in the
	17	world-switch code will cause a hyp-panic.
	18
	19	Move the __hyp_text check in the kprobes blacklist so it applies on
	20	VHE systems too, to cover the common code and guest enter/exit
	21	assembly.
	22
	23	Fixes: 888b3c8720e0 ("arm64: Treat all entry code as non-kprobe-able")
	24	Reviewed-by: Christoffer Dall <christoffer.dall@arm.com>
	25	Signed-off-by: James Morse <james.morse@arm.com>
	26	Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
	27	Signed-off-by: Will Deacon <will.deacon@arm.com>
	28	Signed-off-by: Sasha Levin <sashal@kernel.org>
	29	---
	30	arch/arm64/kernel/probes/kprobes.c \| 6 +++---
	31	1 file changed, 3 insertions(+), 3 deletions(-)
	32
	33	diff --git a/arch/arm64/kernel/probes/kprobes.c b/arch/arm64/kernel/probes/kprobes.c
	34	index b5a367d4bba6..30bb13797034 100644
	35	--- a/arch/arm64/kernel/probes/kprobes.c
	36	+++ b/arch/arm64/kernel/probes/kprobes.c
	37	@@ -478,13 +478,13 @@ bool arch_within_kprobe_blacklist(unsigned long addr)
	38	addr < (unsigned long)__entry_text_end) \|\|
	39	(addr >= (unsigned long)__idmap_text_start &&
	40	addr < (unsigned long)__idmap_text_end) \|\|
	41	+ (addr >= (unsigned long)__hyp_text_start &&
	42	+ addr < (unsigned long)__hyp_text_end) \|\|
	43	!!search_exception_tables(addr))
	44	return true;
	45
	46	if (!is_kernel_in_hyp_mode()) {
	47	- if ((addr >= (unsigned long)__hyp_text_start &&
	48	- addr < (unsigned long)__hyp_text_end) \|\|
	49	- (addr >= (unsigned long)__hyp_idmap_text_start &&
	50	+ if ((addr >= (unsigned long)__hyp_idmap_text_start &&
	51	addr < (unsigned long)__hyp_idmap_text_end))
	52	return true;
	53	}
	54	--
	55	2.19.1
	56