James Morse 459058f0e3 KVM: arm64: Forbid kprobing of the VHE world-switch code ... [ Upstream commit 7d82602909 ] On systems with VHE the kernel and KVM's world-switch code run at the same exception level. Code that is only used on a VHE system does not need to be annotated as __hyp_text as it can reside anywhere in the kernel text. __hyp_text was also used to prevent kprobes from patching breakpoint instructions into this region, as this code runs at a different exception level. While this is no longer true with VHE, KVM still switches VBAR_EL1, meaning a kprobe's breakpoint executed in the world-switch code will cause a hyp-panic. echo "p:weasel sysreg_save_guest_state_vhe" > /sys/kernel/debug/tracing/kprobe_events echo 1 > /sys/kernel/debug/tracing/events/kprobes/weasel/enable lkvm run -k /boot/Image --console serial -p "console=ttyS0 earlycon=uart,mmio,0x3f8" # lkvm run -k /boot/Image -m 384 -c 3 --name guest-1474 Info: Placing fdt at 0x8fe00000 - 0x8fffffff Info: virtio-mmio.devices=0x200@0x10000:36 Info: virtio-mmio.devices=0x200@0x10200:37 Info: virtio-mmio.devices=0x200@0x10400:38 [ 614.178186] Kernel panic - not syncing: HYP panic: [ 614.178186] PS:404003c9 PC:ffff0000100d70e0 ESR:f2000004 [ 614.178186] FAR:0000000080080000 HPFAR:0000000000800800 PAR:1d00007edbadc0de [ 614.178186] VCPU:00000000f8de32f1 [ 614.178383] CPU: 2 PID: 1482 Comm: kvm-vcpu-0 Not tainted 5.0.0-rc2 #10799 [ 614.178446] Call trace: [ 614.178480] dump_backtrace+0x0/0x148 [ 614.178567] show_stack+0x24/0x30 [ 614.178658] dump_stack+0x90/0xb4 [ 614.178710] panic+0x13c/0x2d8 [ 614.178793] hyp_panic+0xac/0xd8 [ 614.178880] kvm_vcpu_run_vhe+0x9c/0xe0 [ 614.178958] kvm_arch_vcpu_ioctl_run+0x454/0x798 [ 614.179038] kvm_vcpu_ioctl+0x360/0x898 [ 614.179087] do_vfs_ioctl+0xc4/0x858 [ 614.179174] ksys_ioctl+0x84/0xb8 [ 614.179261] __arm64_sys_ioctl+0x28/0x38 [ 614.179348] el0_svc_common+0x94/0x108 [ 614.179401] el0_svc_handler+0x38/0x78 [ 614.179487] el0_svc+0x8/0xc [ 614.179558] SMP: stopping secondary CPUs [ 614.179661] Kernel Offset: disabled [ 614.179695] CPU features: 0x003,2a80aa38 [ 614.179758] Memory Limit: none [ 614.179858] ---[ end Kernel panic - not syncing: HYP panic: [ 614.179858] PS:404003c9 PC:ffff0000100d70e0 ESR:f2000004 [ 614.179858] FAR:0000000080080000 HPFAR:0000000000800800 PAR:1d00007edbadc0de [ 614.179858] VCPU:00000000f8de32f1 ]--- Annotate the VHE world-switch functions that aren't marked __hyp_text using NOKPROBE_SYMBOL(). Signed-off-by: James Morse <james.morse@arm.com> Fixes: 3f5c90b890 ("KVM: arm64: Introduce VHE-specific kvm_vcpu_run") Acked-by: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2019-03-23 20:09:43 +01:00
..
boot	arm64: dts: rockchip: fix graph_port warning on rk3399 bob kevin and excavator	2019-03-23 20:09:42 +01:00
configs	arm64: defconfig: Enable TI's AM6 SoC platform	2018-08-29 11:51:26 -07:00
crypto	crypto: speck - remove Speck	2018-11-13 11:08:46 -08:00
include	arm/arm64: KVM: Allow a VCPU to fully reset itself	2019-03-23 20:09:43 +01:00
kernel	arm64: kprobe: Always blacklist the KVM world-switch code	2019-03-13 14:02:31 -07:00
kvm	KVM: arm64: Forbid kprobing of the VHE world-switch code	2019-03-23 20:09:43 +01:00
lib	arm64: lse: remove -fcall-used-x0 flag	2018-11-13 11:08:54 -08:00
mm	arm64: Do not issue IPIs for user executable ptes	2019-02-06 17:30:12 +01:00
net	bpf, arm64: save 4 bytes in prologue when ebpf insns came from cbpf	2018-05-14 19:11:45 -07:00
xen	arm64: mm: Add additional parameter to uaccess_ttbr0_disable	2018-01-17 13:57:49 +01:00
Kconfig	arm64: mm: always enable CONFIG_HOLES_IN_ZONE	2018-08-31 11:06:45 +01:00
Kconfig.debug	Kconfig: consolidate the "Kernel hacking" menu	2018-08-02 08:06:48 +09:00
Kconfig.platforms	ARM: SoC: late updates	2018-08-25 14:12:36 -07:00
Makefile	arm64: relocatable: fix inconsistencies in linker script and options	2019-01-13 09:51:08 +01:00