1 files changed, 105 insertions, 8 deletions
diff --git a/arch/x86/kernel/kprobes.c b/arch/x86/kernel/kprobes.c
index 1cbd54c0df99..5940282bd2f9 100644
--- a/arch/x86/kernel/kprobes.c
+++ b/arch/x86/kernel/kprobes.c
@@ -1184,6 +1184,10 @@ static void __kprobes optimized_callback(struct optimized_kprobe *op,
 {
        struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
+        /* This is possible if op is under delayed unoptimizing */
+        if (kprobe_disabled(&op->kp))
+                return;
        preempt_disable();
        if (kprobe_running()) {
                kprobes_inc_nmissed_count(&op->kp);
@@ -1401,10 +1405,16 @@ int __kprobes arch_prepare_optimized_kprobe(struct optimized_kprobe *op)
        return 0;
 }
-/* Replace a breakpoint (int3) with a relative jump.  */
+#define MAX_OPTIMIZE_PROBES 256
-int __kprobes arch_optimize_kprobe(struct optimized_kprobe *op)
+static struct text_poke_param *jump_poke_params;
+static struct jump_poke_buffer {
+        u8 buf[RELATIVEJUMP_SIZE];
+} *jump_poke_bufs;
+static void __kprobes setup_optimize_kprobe(struct text_poke_param *tprm,
+                                            u8 *insn_buf,
+                                            struct optimized_kprobe *op)
 {
-        unsigned char jmp_code[RELATIVEJUMP_SIZE];
        s32 rel = (s32)((long)op->optinsn.insn -
                        ((long)op->kp.addr + RELATIVEJUMP_SIZE));
@@ -1412,16 +1422,79 @@ int __kprobes arch_optimize_kprobe(struct optimized_kprobe *op)
        memcpy(op->optinsn.copied_insn, op->kp.addr + INT3_SIZE,
               RELATIVE_ADDR_SIZE);
-        jmp_code[0] = RELATIVEJUMP_OPCODE;
+        insn_buf[0] = RELATIVEJUMP_OPCODE;
-        *(s32 *)(&jmp_code[1]) = rel;
+        *(s32 *)(&insn_buf[1]) = rel;
+        tprm->addr = op->kp.addr;
+        tprm->opcode = insn_buf;
+        tprm->len = RELATIVEJUMP_SIZE;
+}
+/*
+ * Replace breakpoints (int3) with relative jumps.
+ * Caller must call with locking kprobe_mutex and text_mutex.
+ */
+void __kprobes arch_optimize_kprobes(struct list_head *oplist)
+{
+        struct optimized_kprobe *op, *tmp;
+        int c = 0;
+        list_for_each_entry_safe(op, tmp, oplist, list) {
+                WARN_ON(kprobe_disabled(&op->kp));
+                /* Setup param */
+                setup_optimize_kprobe(&jump_poke_params[c],
+                                      jump_poke_bufs[c].buf, op);
+                list_del_init(&op->list);
+                if (++c >= MAX_OPTIMIZE_PROBES)
+                        break;
+        }
        /*
         * text_poke_smp doesn't support NMI/MCE code modifying.
         * However, since kprobes itself also doesn't support NMI/MCE
         * code probing, it's not a problem.
         */
-        text_poke_smp(op->kp.addr, jmp_code, RELATIVEJUMP_SIZE);
+        text_poke_smp_batch(jump_poke_params, c);
-        return 0;
+}
+static void __kprobes setup_unoptimize_kprobe(struct text_poke_param *tprm,
+                                              u8 *insn_buf,
+                                              struct optimized_kprobe *op)
+{
+        /* Set int3 to first byte for kprobes */
+        insn_buf[0] = BREAKPOINT_INSTRUCTION;
+        memcpy(insn_buf + 1, op->optinsn.copied_insn, RELATIVE_ADDR_SIZE);
+        tprm->addr = op->kp.addr;
+        tprm->opcode = insn_buf;
+        tprm->len = RELATIVEJUMP_SIZE;
+}
+/*
+ * Recover original instructions and breakpoints from relative jumps.
+ * Caller must call with locking kprobe_mutex.
+ */
+extern void arch_unoptimize_kprobes(struct list_head *oplist,
+                                    struct list_head *done_list)
+{
+        struct optimized_kprobe *op, *tmp;
+        int c = 0;
+        list_for_each_entry_safe(op, tmp, oplist, list) {
+                /* Setup param */
+                setup_unoptimize_kprobe(&jump_poke_params[c],
+                                        jump_poke_bufs[c].buf, op);
+                list_move(&op->list, done_list);
+                if (++c >= MAX_OPTIMIZE_PROBES)
+                        break;
+        }
+        /*
+         * text_poke_smp doesn't support NMI/MCE code modifying.
+         * However, since kprobes itself also doesn't support NMI/MCE
+         * code probing, it's not a problem.
+         */
+        text_poke_smp_batch(jump_poke_params, c);
 }
 /* Replace a relative jump with a breakpoint (int3).  */
@@ -1453,11 +1526,35 @@ static int  __kprobes setup_detour_execution(struct kprobe *p,
        }
        return 0;
 }
+static int __kprobes init_poke_params(void)
+{
+        /* Allocate code buffer and parameter array */
+        jump_poke_bufs = kmalloc(sizeof(struct jump_poke_buffer) *
+                                 MAX_OPTIMIZE_PROBES, GFP_KERNEL);
+        if (!jump_poke_bufs)
+                return -ENOMEM;
+        jump_poke_params = kmalloc(sizeof(struct text_poke_param) *
+                                   MAX_OPTIMIZE_PROBES, GFP_KERNEL);
+        if (!jump_poke_params) {
+                kfree(jump_poke_bufs);
+                jump_poke_bufs = NULL;
+                return -ENOMEM;
+        }
+        return 0;
+}
+#else   /* !CONFIG_OPTPROBES */
+static int __kprobes init_poke_params(void)
+{
+        return 0;
+}
 #endif
 int __init arch_init_kprobes(void)
 {
-        return 0;
+        return init_poke_params();
 }
 int __kprobes arch_trampoline_kprobe(struct kprobe *p)

diff --git a/arch/x86/kernel/kprobes.c b/arch/x86/kernel/kprobes.c index 1cbd54c0df99..5940282bd2f9 100644 --- a/arch/x86/kernel/kprobes.c +++ b/arch/x86/kernel/kprobes.c
@@ -1184,6 +1184,10 @@ static void __kprobes optimized_callback(struct optimized_kprobe *op,
1184	{	1184	{
1185	struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();	1185	struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
1186		1186
		1187	/* This is possible if op is under delayed unoptimizing */
		1188	if (kprobe_disabled(&op->kp))
		1189	return;
		1190
1187	preempt_disable();	1191	preempt_disable();
1188	if (kprobe_running()) {	1192	if (kprobe_running()) {
1189	kprobes_inc_nmissed_count(&op->kp);	1193	kprobes_inc_nmissed_count(&op->kp);
@@ -1401,10 +1405,16 @@ int __kprobes arch_prepare_optimized_kprobe(struct optimized_kprobe *op)
1401	return 0;	1405	return 0;
1402	}	1406	}
1403		1407
1404	/* Replace a breakpoint (int3) with a relative jump. */	1408	#define MAX_OPTIMIZE_PROBES 256
1405	int __kprobes arch_optimize_kprobe(struct optimized_kprobe *op)	1409	static struct text_poke_param *jump_poke_params;
		1410	static struct jump_poke_buffer {
		1411	u8 buf[RELATIVEJUMP_SIZE];
		1412	} *jump_poke_bufs;
		1413
		1414	static void __kprobes setup_optimize_kprobe(struct text_poke_param *tprm,
		1415	u8 *insn_buf,
		1416	struct optimized_kprobe *op)
1406	{	1417	{
1407	unsigned char jmp_code[RELATIVEJUMP_SIZE];
1408	s32 rel = (s32)((long)op->optinsn.insn -	1418	s32 rel = (s32)((long)op->optinsn.insn -
1409	((long)op->kp.addr + RELATIVEJUMP_SIZE));	1419	((long)op->kp.addr + RELATIVEJUMP_SIZE));
1410		1420
@@ -1412,16 +1422,79 @@ int __kprobes arch_optimize_kprobe(struct optimized_kprobe *op)
1412	memcpy(op->optinsn.copied_insn, op->kp.addr + INT3_SIZE,	1422	memcpy(op->optinsn.copied_insn, op->kp.addr + INT3_SIZE,
1413	RELATIVE_ADDR_SIZE);	1423	RELATIVE_ADDR_SIZE);
1414		1424
1415	jmp_code[0] = RELATIVEJUMP_OPCODE;	1425	insn_buf[0] = RELATIVEJUMP_OPCODE;
1416	(s32 )(&jmp_code[1]) = rel;	1426	(s32 )(&insn_buf[1]) = rel;
		1427
		1428	tprm->addr = op->kp.addr;
		1429	tprm->opcode = insn_buf;
		1430	tprm->len = RELATIVEJUMP_SIZE;
		1431	}
		1432
		1433	/*
		1434	* Replace breakpoints (int3) with relative jumps.
		1435	* Caller must call with locking kprobe_mutex and text_mutex.
		1436	*/
		1437	void __kprobes arch_optimize_kprobes(struct list_head *oplist)
		1438	{
		1439	struct optimized_kprobe op, tmp;
		1440	int c = 0;
		1441
		1442	list_for_each_entry_safe(op, tmp, oplist, list) {
		1443	WARN_ON(kprobe_disabled(&op->kp));
		1444	/* Setup param */
		1445	setup_optimize_kprobe(&jump_poke_params[c],
		1446	jump_poke_bufs[c].buf, op);
		1447	list_del_init(&op->list);
		1448	if (++c >= MAX_OPTIMIZE_PROBES)
		1449	break;
		1450	}
1417		1451
1418	/*	1452	/*
1419	* text_poke_smp doesn't support NMI/MCE code modifying.	1453	* text_poke_smp doesn't support NMI/MCE code modifying.
1420	* However, since kprobes itself also doesn't support NMI/MCE	1454	* However, since kprobes itself also doesn't support NMI/MCE
1421	* code probing, it's not a problem.	1455	* code probing, it's not a problem.
1422	*/	1456	*/
1423	text_poke_smp(op->kp.addr, jmp_code, RELATIVEJUMP_SIZE);	1457	text_poke_smp_batch(jump_poke_params, c);
1424	return 0;	1458	}
		1459
		1460	static void __kprobes setup_unoptimize_kprobe(struct text_poke_param *tprm,
		1461	u8 *insn_buf,
		1462	struct optimized_kprobe *op)
		1463	{
		1464	/* Set int3 to first byte for kprobes */
		1465	insn_buf[0] = BREAKPOINT_INSTRUCTION;
		1466	memcpy(insn_buf + 1, op->optinsn.copied_insn, RELATIVE_ADDR_SIZE);
		1467
		1468	tprm->addr = op->kp.addr;
		1469	tprm->opcode = insn_buf;
		1470	tprm->len = RELATIVEJUMP_SIZE;
		1471	}
		1472
		1473	/*
		1474	* Recover original instructions and breakpoints from relative jumps.
		1475	* Caller must call with locking kprobe_mutex.
		1476	*/
		1477	extern void arch_unoptimize_kprobes(struct list_head *oplist,
		1478	struct list_head *done_list)
		1479	{
		1480	struct optimized_kprobe op, tmp;
		1481	int c = 0;
		1482
		1483	list_for_each_entry_safe(op, tmp, oplist, list) {
		1484	/* Setup param */
		1485	setup_unoptimize_kprobe(&jump_poke_params[c],
		1486	jump_poke_bufs[c].buf, op);
		1487	list_move(&op->list, done_list);
		1488	if (++c >= MAX_OPTIMIZE_PROBES)
		1489	break;
		1490	}
		1491
		1492	/*
		1493	* text_poke_smp doesn't support NMI/MCE code modifying.
		1494	* However, since kprobes itself also doesn't support NMI/MCE
		1495	* code probing, it's not a problem.
		1496	*/
		1497	text_poke_smp_batch(jump_poke_params, c);
1425	}	1498	}
1426		1499
1427	/* Replace a relative jump with a breakpoint (int3). */	1500	/* Replace a relative jump with a breakpoint (int3). */
@@ -1453,11 +1526,35 @@ static int __kprobes setup_detour_execution(struct kprobe *p,
1453	}	1526	}
1454	return 0;	1527	return 0;
1455	}	1528	}
		1529
		1530	static int __kprobes init_poke_params(void)
		1531	{
		1532	/* Allocate code buffer and parameter array */
		1533	jump_poke_bufs = kmalloc(sizeof(struct jump_poke_buffer) *
		1534	MAX_OPTIMIZE_PROBES, GFP_KERNEL);
		1535	if (!jump_poke_bufs)
		1536	return -ENOMEM;
		1537
		1538	jump_poke_params = kmalloc(sizeof(struct text_poke_param) *
		1539	MAX_OPTIMIZE_PROBES, GFP_KERNEL);
		1540	if (!jump_poke_params) {
		1541	kfree(jump_poke_bufs);
		1542	jump_poke_bufs = NULL;
		1543	return -ENOMEM;
		1544	}
		1545
		1546	return 0;
		1547	}
		1548	#else /* !CONFIG_OPTPROBES */
		1549	static int __kprobes init_poke_params(void)
		1550	{
		1551	return 0;
		1552	}
1456	#endif	1553	#endif
1457		1554
1458	int __init arch_init_kprobes(void)	1555	int __init arch_init_kprobes(void)
1459	{	1556	{
1460	return 0;	1557	return init_poke_params();
1461	}	1558	}
1462		1559
1463	int __kprobes arch_trampoline_kprobe(struct kprobe *p)	1560	int __kprobes arch_trampoline_kprobe(struct kprobe *p)