x86,kgdb: Fix DEBUG_RODATA limitation using text_poke()

commit 3751d3e85cf693e10e2c47c03c8caa65e171099b upstream.

There has long been a limitation using software breakpoints with a
kernel compiled with CONFIG_DEBUG_RODATA going back to 2.6.26. For
this particular patch, it will apply cleanly and has been tested all
the way back to 2.6.36.

The kprobes code uses the text_poke() function which accommodates
writing a breakpoint into a read-only page.  The x86 kgdb code can
solve the problem similarly by overriding the default breakpoint
set/remove routines and using text_poke() directly.

The x86 kgdb code will first attempt to use the traditional
probe_kernel_write(), and next try using a the text_poke() function.
The break point install method is tracked such that the correct break
point removal routine will get called later on.

Cc: x86@kernel.org
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Inspried-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

3 files changed, 62 insertions, 18 deletions

diff --git a/arch/x86/kernel/kgdb.c b/arch/x86/kernel/kgdb.c
index 5f9ecff328b..fc1f48dc998 100644
--- a/arch/x86/kernel/kgdb.c
+++ b/arch/x86/kernel/kgdb.c
@@ -43,6 +43,8 @@
 #include <linux/smp.h>
 #include <linux/nmi.h>
 #include <linux/hw_breakpoint.h>
+#include <linux/uaccess.h>
+#include <linux/memory.h>
 
 #include <asm/debugreg.h>
 #include <asm/apicdef.h>
@@ -710,6 +712,64 @@ void kgdb_arch_set_pc(struct pt_regs *regs, unsigned long ip)
         regs->ip = ip;
 }
 
+int kgdb_arch_set_breakpoint(struct kgdb_bkpt *bpt)
+{
+        int err;
+        char opc[BREAK_INSTR_SIZE];
+
+        bpt->type = BP_BREAKPOINT;
+        err = probe_kernel_read(bpt->saved_instr, (char *)bpt->bpt_addr,
+                                BREAK_INSTR_SIZE);
+        if (err)
+                return err;
+        err = probe_kernel_write((char *)bpt->bpt_addr,
+                                 arch_kgdb_ops.gdb_bpt_instr, BREAK_INSTR_SIZE);
+#ifdef CONFIG_DEBUG_RODATA
+        if (!err)
+                return err;
+        /*
+         * It is safe to call text_poke() because normal kernel execution
+         * is stopped on all cores, so long as the text_mutex is not locked.
+         */
+        if (mutex_is_locked(&text_mutex))
+                return -EBUSY;
+        text_poke((void *)bpt->bpt_addr, arch_kgdb_ops.gdb_bpt_instr,
+                  BREAK_INSTR_SIZE);
+        err = probe_kernel_read(opc, (char *)bpt->bpt_addr, BREAK_INSTR_SIZE);
+        if (err)
+                return err;
+        if (memcmp(opc, arch_kgdb_ops.gdb_bpt_instr, BREAK_INSTR_SIZE))
+                return -EINVAL;
+        bpt->type = BP_POKE_BREAKPOINT;
+#endif /* CONFIG_DEBUG_RODATA */
+        return err;
+}
+
+int kgdb_arch_remove_breakpoint(struct kgdb_bkpt *bpt)
+{
+#ifdef CONFIG_DEBUG_RODATA
+        int err;
+        char opc[BREAK_INSTR_SIZE];
+
+        if (bpt->type != BP_POKE_BREAKPOINT)
+                goto knl_write;
+        /*
+         * It is safe to call text_poke() because normal kernel execution
+         * is stopped on all cores, so long as the text_mutex is not locked.
+         */
+        if (mutex_is_locked(&text_mutex))
+                goto knl_write;
+        text_poke((void *)bpt->bpt_addr, bpt->saved_instr, BREAK_INSTR_SIZE);
+        err = probe_kernel_read(opc, (char *)bpt->bpt_addr, BREAK_INSTR_SIZE);
+        if (err || memcmp(opc, bpt->saved_instr, BREAK_INSTR_SIZE))
+                goto knl_write;
+        return err;
+knl_write:
+#endif /* CONFIG_DEBUG_RODATA */
+        return probe_kernel_write((char *)bpt->bpt_addr,
+                                  (char *)bpt->saved_instr, BREAK_INSTR_SIZE);
+}
+
 struct kgdb_arch arch_kgdb_ops = {
         /* Breakpoint instruction: */
         .gdb_bpt_instr          = { 0xcc },
diff --git a/drivers/misc/kgdbts.c b/drivers/misc/kgdbts.c
index 00461380c0f..cdefef231fb 100644
--- a/drivers/misc/kgdbts.c
+++ b/drivers/misc/kgdbts.c
@@ -967,22 +967,6 @@ static void run_singlestep_break_test(void)
         kgdbts_break_test();
 }
 
-static void test_debug_rodata(void)
-{
-#ifdef CONFIG_DEBUG_RODATA
-        /* Until there is an api to write to read-only text segments, use
-         * HW breakpoints for the remainder of any tests, else print a
-         * failure message if hw breakpoints do not work.
-         */
-        if (!(arch_kgdb_ops.flags & KGDB_HW_BREAKPOINT && hwbreaks_ok)) {
-                eprintk("kgdbts: HW breakpoints BROKEN, ending tests\n");
-                return;
-        }
-        force_hwbrks = 1;
-        v1printk("kgdbts:Using HW breakpoints for SW breakpoint tests\n");
-#endif /* CONFIG_DEBUG_RODATA */
-}
-
 static void kgdbts_run_tests(void)
 {
         char *ptr;
@@ -1015,7 +999,6 @@ static void kgdbts_run_tests(void)
                 v1printk("kgdbts:RUN access write breakpoint test\n");
                 run_hw_break_test(0);
         }
-        test_debug_rodata();
 
         /* required internal KGDB tests */
         v1printk("kgdbts:RUN plant and detach test\n");
diff --git a/include/linux/kgdb.h b/include/linux/kgdb.h
index 4d23aa59463..f7192fb4237 100644
--- a/include/linux/kgdb.h
+++ b/include/linux/kgdb.h
@@ -63,7 +63,8 @@ enum kgdb_bptype {
         BP_HARDWARE_BREAKPOINT,
         BP_WRITE_WATCHPOINT,
         BP_READ_WATCHPOINT,
-        BP_ACCESS_WATCHPOINT
+        BP_ACCESS_WATCHPOINT,
+        BP_POKE_BREAKPOINT,
 };
 
 enum kgdb_bpstate {