kprobes.h (16524B)
1/* SPDX-License-Identifier: GPL-2.0-or-later */ 2#ifndef _LINUX_KPROBES_H 3#define _LINUX_KPROBES_H 4/* 5 * Kernel Probes (KProbes) 6 * 7 * Copyright (C) IBM Corporation, 2002, 2004 8 * 9 * 2002-Oct Created by Vamsi Krishna S <vamsi_krishna@in.ibm.com> Kernel 10 * Probes initial implementation ( includes suggestions from 11 * Rusty Russell). 12 * 2004-July Suparna Bhattacharya <suparna@in.ibm.com> added jumper probes 13 * interface to access function arguments. 14 * 2005-May Hien Nguyen <hien@us.ibm.com> and Jim Keniston 15 * <jkenisto@us.ibm.com> and Prasanna S Panchamukhi 16 * <prasanna@in.ibm.com> added function-return probes. 17 */ 18#include <linux/compiler.h> 19#include <linux/linkage.h> 20#include <linux/list.h> 21#include <linux/notifier.h> 22#include <linux/smp.h> 23#include <linux/bug.h> 24#include <linux/percpu.h> 25#include <linux/spinlock.h> 26#include <linux/rcupdate.h> 27#include <linux/mutex.h> 28#include <linux/ftrace.h> 29#include <linux/refcount.h> 30#include <linux/freelist.h> 31#include <linux/rethook.h> 32#include <asm/kprobes.h> 33 34#ifdef CONFIG_KPROBES 35 36/* kprobe_status settings */ 37#define KPROBE_HIT_ACTIVE 0x00000001 38#define KPROBE_HIT_SS 0x00000002 39#define KPROBE_REENTER 0x00000004 40#define KPROBE_HIT_SSDONE 0x00000008 41 42#else /* !CONFIG_KPROBES */ 43#include <asm-generic/kprobes.h> 44typedef int kprobe_opcode_t; 45struct arch_specific_insn { 46 int dummy; 47}; 48#endif /* CONFIG_KPROBES */ 49 50struct kprobe; 51struct pt_regs; 52struct kretprobe; 53struct kretprobe_instance; 54typedef int (*kprobe_pre_handler_t) (struct kprobe *, struct pt_regs *); 55typedef void (*kprobe_post_handler_t) (struct kprobe *, struct pt_regs *, 56 unsigned long flags); 57typedef int (*kretprobe_handler_t) (struct kretprobe_instance *, 58 struct pt_regs *); 59 60struct kprobe { 61 struct hlist_node hlist; 62 63 /* list of kprobes for multi-handler support */ 64 struct list_head list; 65 66 /*count the number of times this probe was temporarily disarmed */ 67 unsigned long nmissed; 68 69 /* location of the probe point */ 70 kprobe_opcode_t *addr; 71 72 /* Allow user to indicate symbol name of the probe point */ 73 const char *symbol_name; 74 75 /* Offset into the symbol */ 76 unsigned int offset; 77 78 /* Called before addr is executed. */ 79 kprobe_pre_handler_t pre_handler; 80 81 /* Called after addr is executed, unless... */ 82 kprobe_post_handler_t post_handler; 83 84 /* Saved opcode (which has been replaced with breakpoint) */ 85 kprobe_opcode_t opcode; 86 87 /* copy of the original instruction */ 88 struct arch_specific_insn ainsn; 89 90 /* 91 * Indicates various status flags. 92 * Protected by kprobe_mutex after this kprobe is registered. 93 */ 94 u32 flags; 95}; 96 97/* Kprobe status flags */ 98#define KPROBE_FLAG_GONE 1 /* breakpoint has already gone */ 99#define KPROBE_FLAG_DISABLED 2 /* probe is temporarily disabled */ 100#define KPROBE_FLAG_OPTIMIZED 4 /* 101 * probe is really optimized. 102 * NOTE: 103 * this flag is only for optimized_kprobe. 104 */ 105#define KPROBE_FLAG_FTRACE 8 /* probe is using ftrace */ 106 107/* Has this kprobe gone ? */ 108static inline bool kprobe_gone(struct kprobe *p) 109{ 110 return p->flags & KPROBE_FLAG_GONE; 111} 112 113/* Is this kprobe disabled ? */ 114static inline bool kprobe_disabled(struct kprobe *p) 115{ 116 return p->flags & (KPROBE_FLAG_DISABLED | KPROBE_FLAG_GONE); 117} 118 119/* Is this kprobe really running optimized path ? */ 120static inline bool kprobe_optimized(struct kprobe *p) 121{ 122 return p->flags & KPROBE_FLAG_OPTIMIZED; 123} 124 125/* Is this kprobe uses ftrace ? */ 126static inline bool kprobe_ftrace(struct kprobe *p) 127{ 128 return p->flags & KPROBE_FLAG_FTRACE; 129} 130 131/* 132 * Function-return probe - 133 * Note: 134 * User needs to provide a handler function, and initialize maxactive. 135 * maxactive - The maximum number of instances of the probed function that 136 * can be active concurrently. 137 * nmissed - tracks the number of times the probed function's return was 138 * ignored, due to maxactive being too low. 139 * 140 */ 141struct kretprobe_holder { 142 struct kretprobe *rp; 143 refcount_t ref; 144}; 145 146struct kretprobe { 147 struct kprobe kp; 148 kretprobe_handler_t handler; 149 kretprobe_handler_t entry_handler; 150 int maxactive; 151 int nmissed; 152 size_t data_size; 153#ifdef CONFIG_KRETPROBE_ON_RETHOOK 154 struct rethook *rh; 155#else 156 struct freelist_head freelist; 157 struct kretprobe_holder *rph; 158#endif 159}; 160 161#define KRETPROBE_MAX_DATA_SIZE 4096 162 163struct kretprobe_instance { 164#ifdef CONFIG_KRETPROBE_ON_RETHOOK 165 struct rethook_node node; 166#else 167 union { 168 struct freelist_node freelist; 169 struct rcu_head rcu; 170 }; 171 struct llist_node llist; 172 struct kretprobe_holder *rph; 173 kprobe_opcode_t *ret_addr; 174 void *fp; 175#endif 176 char data[]; 177}; 178 179struct kretprobe_blackpoint { 180 const char *name; 181 void *addr; 182}; 183 184struct kprobe_blacklist_entry { 185 struct list_head list; 186 unsigned long start_addr; 187 unsigned long end_addr; 188}; 189 190#ifdef CONFIG_KPROBES 191DECLARE_PER_CPU(struct kprobe *, current_kprobe); 192DECLARE_PER_CPU(struct kprobe_ctlblk, kprobe_ctlblk); 193 194extern void kprobe_busy_begin(void); 195extern void kprobe_busy_end(void); 196 197#ifdef CONFIG_KRETPROBES 198/* Check whether @p is used for implementing a trampoline. */ 199extern int arch_trampoline_kprobe(struct kprobe *p); 200 201#ifdef CONFIG_KRETPROBE_ON_RETHOOK 202static nokprobe_inline struct kretprobe *get_kretprobe(struct kretprobe_instance *ri) 203{ 204 RCU_LOCKDEP_WARN(!rcu_read_lock_any_held(), 205 "Kretprobe is accessed from instance under preemptive context"); 206 207 return (struct kretprobe *)READ_ONCE(ri->node.rethook->data); 208} 209static nokprobe_inline unsigned long get_kretprobe_retaddr(struct kretprobe_instance *ri) 210{ 211 return ri->node.ret_addr; 212} 213#else 214extern void arch_prepare_kretprobe(struct kretprobe_instance *ri, 215 struct pt_regs *regs); 216void arch_kretprobe_fixup_return(struct pt_regs *regs, 217 kprobe_opcode_t *correct_ret_addr); 218 219void __kretprobe_trampoline(void); 220/* 221 * Since some architecture uses structured function pointer, 222 * use dereference_function_descriptor() to get real function address. 223 */ 224static nokprobe_inline void *kretprobe_trampoline_addr(void) 225{ 226 return dereference_kernel_function_descriptor(__kretprobe_trampoline); 227} 228 229/* If the trampoline handler called from a kprobe, use this version */ 230unsigned long __kretprobe_trampoline_handler(struct pt_regs *regs, 231 void *frame_pointer); 232 233static nokprobe_inline 234unsigned long kretprobe_trampoline_handler(struct pt_regs *regs, 235 void *frame_pointer) 236{ 237 unsigned long ret; 238 /* 239 * Set a dummy kprobe for avoiding kretprobe recursion. 240 * Since kretprobe never runs in kprobe handler, no kprobe must 241 * be running at this point. 242 */ 243 kprobe_busy_begin(); 244 ret = __kretprobe_trampoline_handler(regs, frame_pointer); 245 kprobe_busy_end(); 246 247 return ret; 248} 249 250static nokprobe_inline struct kretprobe *get_kretprobe(struct kretprobe_instance *ri) 251{ 252 RCU_LOCKDEP_WARN(!rcu_read_lock_any_held(), 253 "Kretprobe is accessed from instance under preemptive context"); 254 255 return READ_ONCE(ri->rph->rp); 256} 257 258static nokprobe_inline unsigned long get_kretprobe_retaddr(struct kretprobe_instance *ri) 259{ 260 return (unsigned long)ri->ret_addr; 261} 262#endif /* CONFIG_KRETPROBE_ON_RETHOOK */ 263 264#else /* !CONFIG_KRETPROBES */ 265static inline void arch_prepare_kretprobe(struct kretprobe *rp, 266 struct pt_regs *regs) 267{ 268} 269static inline int arch_trampoline_kprobe(struct kprobe *p) 270{ 271 return 0; 272} 273#endif /* CONFIG_KRETPROBES */ 274 275/* Markers of '_kprobe_blacklist' section */ 276extern unsigned long __start_kprobe_blacklist[]; 277extern unsigned long __stop_kprobe_blacklist[]; 278 279extern struct kretprobe_blackpoint kretprobe_blacklist[]; 280 281#ifdef CONFIG_KPROBES_SANITY_TEST 282extern int init_test_probes(void); 283#else /* !CONFIG_KPROBES_SANITY_TEST */ 284static inline int init_test_probes(void) 285{ 286 return 0; 287} 288#endif /* CONFIG_KPROBES_SANITY_TEST */ 289 290extern int arch_prepare_kprobe(struct kprobe *p); 291extern void arch_arm_kprobe(struct kprobe *p); 292extern void arch_disarm_kprobe(struct kprobe *p); 293extern int arch_init_kprobes(void); 294extern void kprobes_inc_nmissed_count(struct kprobe *p); 295extern bool arch_within_kprobe_blacklist(unsigned long addr); 296extern int arch_populate_kprobe_blacklist(void); 297extern int kprobe_on_func_entry(kprobe_opcode_t *addr, const char *sym, unsigned long offset); 298 299extern bool within_kprobe_blacklist(unsigned long addr); 300extern int kprobe_add_ksym_blacklist(unsigned long entry); 301extern int kprobe_add_area_blacklist(unsigned long start, unsigned long end); 302 303struct kprobe_insn_cache { 304 struct mutex mutex; 305 void *(*alloc)(void); /* allocate insn page */ 306 void (*free)(void *); /* free insn page */ 307 const char *sym; /* symbol for insn pages */ 308 struct list_head pages; /* list of kprobe_insn_page */ 309 size_t insn_size; /* size of instruction slot */ 310 int nr_garbage; 311}; 312 313#ifdef __ARCH_WANT_KPROBES_INSN_SLOT 314extern kprobe_opcode_t *__get_insn_slot(struct kprobe_insn_cache *c); 315extern void __free_insn_slot(struct kprobe_insn_cache *c, 316 kprobe_opcode_t *slot, int dirty); 317/* sleep-less address checking routine */ 318extern bool __is_insn_slot_addr(struct kprobe_insn_cache *c, 319 unsigned long addr); 320 321#define DEFINE_INSN_CACHE_OPS(__name) \ 322extern struct kprobe_insn_cache kprobe_##__name##_slots; \ 323 \ 324static inline kprobe_opcode_t *get_##__name##_slot(void) \ 325{ \ 326 return __get_insn_slot(&kprobe_##__name##_slots); \ 327} \ 328 \ 329static inline void free_##__name##_slot(kprobe_opcode_t *slot, int dirty)\ 330{ \ 331 __free_insn_slot(&kprobe_##__name##_slots, slot, dirty); \ 332} \ 333 \ 334static inline bool is_kprobe_##__name##_slot(unsigned long addr) \ 335{ \ 336 return __is_insn_slot_addr(&kprobe_##__name##_slots, addr); \ 337} 338#define KPROBE_INSN_PAGE_SYM "kprobe_insn_page" 339#define KPROBE_OPTINSN_PAGE_SYM "kprobe_optinsn_page" 340int kprobe_cache_get_kallsym(struct kprobe_insn_cache *c, unsigned int *symnum, 341 unsigned long *value, char *type, char *sym); 342#else /* !__ARCH_WANT_KPROBES_INSN_SLOT */ 343#define DEFINE_INSN_CACHE_OPS(__name) \ 344static inline bool is_kprobe_##__name##_slot(unsigned long addr) \ 345{ \ 346 return 0; \ 347} 348#endif 349 350DEFINE_INSN_CACHE_OPS(insn); 351 352#ifdef CONFIG_OPTPROBES 353/* 354 * Internal structure for direct jump optimized probe 355 */ 356struct optimized_kprobe { 357 struct kprobe kp; 358 struct list_head list; /* list for optimizing queue */ 359 struct arch_optimized_insn optinsn; 360}; 361 362/* Architecture dependent functions for direct jump optimization */ 363extern int arch_prepared_optinsn(struct arch_optimized_insn *optinsn); 364extern int arch_check_optimized_kprobe(struct optimized_kprobe *op); 365extern int arch_prepare_optimized_kprobe(struct optimized_kprobe *op, 366 struct kprobe *orig); 367extern void arch_remove_optimized_kprobe(struct optimized_kprobe *op); 368extern void arch_optimize_kprobes(struct list_head *oplist); 369extern void arch_unoptimize_kprobes(struct list_head *oplist, 370 struct list_head *done_list); 371extern void arch_unoptimize_kprobe(struct optimized_kprobe *op); 372extern int arch_within_optimized_kprobe(struct optimized_kprobe *op, 373 kprobe_opcode_t *addr); 374 375extern void opt_pre_handler(struct kprobe *p, struct pt_regs *regs); 376 377DEFINE_INSN_CACHE_OPS(optinsn); 378 379extern void wait_for_kprobe_optimizer(void); 380#else /* !CONFIG_OPTPROBES */ 381static inline void wait_for_kprobe_optimizer(void) { } 382#endif /* CONFIG_OPTPROBES */ 383 384#ifdef CONFIG_KPROBES_ON_FTRACE 385extern void kprobe_ftrace_handler(unsigned long ip, unsigned long parent_ip, 386 struct ftrace_ops *ops, struct ftrace_regs *fregs); 387extern int arch_prepare_kprobe_ftrace(struct kprobe *p); 388#else 389static inline int arch_prepare_kprobe_ftrace(struct kprobe *p) 390{ 391 return -EINVAL; 392} 393#endif /* CONFIG_KPROBES_ON_FTRACE */ 394 395/* Get the kprobe at this addr (if any) - called with preemption disabled */ 396struct kprobe *get_kprobe(void *addr); 397 398/* kprobe_running() will just return the current_kprobe on this CPU */ 399static inline struct kprobe *kprobe_running(void) 400{ 401 return __this_cpu_read(current_kprobe); 402} 403 404static inline void reset_current_kprobe(void) 405{ 406 __this_cpu_write(current_kprobe, NULL); 407} 408 409static inline struct kprobe_ctlblk *get_kprobe_ctlblk(void) 410{ 411 return this_cpu_ptr(&kprobe_ctlblk); 412} 413 414kprobe_opcode_t *kprobe_lookup_name(const char *name, unsigned int offset); 415kprobe_opcode_t *arch_adjust_kprobe_addr(unsigned long addr, unsigned long offset, bool *on_func_entry); 416 417int register_kprobe(struct kprobe *p); 418void unregister_kprobe(struct kprobe *p); 419int register_kprobes(struct kprobe **kps, int num); 420void unregister_kprobes(struct kprobe **kps, int num); 421 422int register_kretprobe(struct kretprobe *rp); 423void unregister_kretprobe(struct kretprobe *rp); 424int register_kretprobes(struct kretprobe **rps, int num); 425void unregister_kretprobes(struct kretprobe **rps, int num); 426 427#if defined(CONFIG_KRETPROBE_ON_RETHOOK) || !defined(CONFIG_KRETPROBES) 428#define kprobe_flush_task(tk) do {} while (0) 429#else 430void kprobe_flush_task(struct task_struct *tk); 431#endif 432 433void kprobe_free_init_mem(void); 434 435int disable_kprobe(struct kprobe *kp); 436int enable_kprobe(struct kprobe *kp); 437 438void dump_kprobe(struct kprobe *kp); 439 440void *alloc_insn_page(void); 441 442void *alloc_optinsn_page(void); 443void free_optinsn_page(void *page); 444 445int kprobe_get_kallsym(unsigned int symnum, unsigned long *value, char *type, 446 char *sym); 447 448int arch_kprobe_get_kallsym(unsigned int *symnum, unsigned long *value, 449 char *type, char *sym); 450#else /* !CONFIG_KPROBES: */ 451 452static inline int kprobe_fault_handler(struct pt_regs *regs, int trapnr) 453{ 454 return 0; 455} 456static inline struct kprobe *get_kprobe(void *addr) 457{ 458 return NULL; 459} 460static inline struct kprobe *kprobe_running(void) 461{ 462 return NULL; 463} 464#define kprobe_busy_begin() do {} while (0) 465#define kprobe_busy_end() do {} while (0) 466 467static inline int register_kprobe(struct kprobe *p) 468{ 469 return -EOPNOTSUPP; 470} 471static inline int register_kprobes(struct kprobe **kps, int num) 472{ 473 return -EOPNOTSUPP; 474} 475static inline void unregister_kprobe(struct kprobe *p) 476{ 477} 478static inline void unregister_kprobes(struct kprobe **kps, int num) 479{ 480} 481static inline int register_kretprobe(struct kretprobe *rp) 482{ 483 return -EOPNOTSUPP; 484} 485static inline int register_kretprobes(struct kretprobe **rps, int num) 486{ 487 return -EOPNOTSUPP; 488} 489static inline void unregister_kretprobe(struct kretprobe *rp) 490{ 491} 492static inline void unregister_kretprobes(struct kretprobe **rps, int num) 493{ 494} 495static inline void kprobe_flush_task(struct task_struct *tk) 496{ 497} 498static inline void kprobe_free_init_mem(void) 499{ 500} 501static inline int disable_kprobe(struct kprobe *kp) 502{ 503 return -EOPNOTSUPP; 504} 505static inline int enable_kprobe(struct kprobe *kp) 506{ 507 return -EOPNOTSUPP; 508} 509 510static inline bool within_kprobe_blacklist(unsigned long addr) 511{ 512 return true; 513} 514static inline int kprobe_get_kallsym(unsigned int symnum, unsigned long *value, 515 char *type, char *sym) 516{ 517 return -ERANGE; 518} 519#endif /* CONFIG_KPROBES */ 520 521static inline int disable_kretprobe(struct kretprobe *rp) 522{ 523 return disable_kprobe(&rp->kp); 524} 525static inline int enable_kretprobe(struct kretprobe *rp) 526{ 527 return enable_kprobe(&rp->kp); 528} 529 530#ifndef CONFIG_KPROBES 531static inline bool is_kprobe_insn_slot(unsigned long addr) 532{ 533 return false; 534} 535#endif /* !CONFIG_KPROBES */ 536 537#ifndef CONFIG_OPTPROBES 538static inline bool is_kprobe_optinsn_slot(unsigned long addr) 539{ 540 return false; 541} 542#endif /* !CONFIG_OPTPROBES */ 543 544#ifdef CONFIG_KRETPROBES 545#ifdef CONFIG_KRETPROBE_ON_RETHOOK 546static nokprobe_inline bool is_kretprobe_trampoline(unsigned long addr) 547{ 548 return is_rethook_trampoline(addr); 549} 550 551static nokprobe_inline 552unsigned long kretprobe_find_ret_addr(struct task_struct *tsk, void *fp, 553 struct llist_node **cur) 554{ 555 return rethook_find_ret_addr(tsk, (unsigned long)fp, cur); 556} 557#else 558static nokprobe_inline bool is_kretprobe_trampoline(unsigned long addr) 559{ 560 return (void *)addr == kretprobe_trampoline_addr(); 561} 562 563unsigned long kretprobe_find_ret_addr(struct task_struct *tsk, void *fp, 564 struct llist_node **cur); 565#endif 566#else 567static nokprobe_inline bool is_kretprobe_trampoline(unsigned long addr) 568{ 569 return false; 570} 571 572static nokprobe_inline 573unsigned long kretprobe_find_ret_addr(struct task_struct *tsk, void *fp, 574 struct llist_node **cur) 575{ 576 return 0; 577} 578#endif 579 580/* Returns true if kprobes handled the fault */ 581static nokprobe_inline bool kprobe_page_fault(struct pt_regs *regs, 582 unsigned int trap) 583{ 584 if (!IS_ENABLED(CONFIG_KPROBES)) 585 return false; 586 if (user_mode(regs)) 587 return false; 588 /* 589 * To be potentially processing a kprobe fault and to be allowed 590 * to call kprobe_running(), we have to be non-preemptible. 591 */ 592 if (preemptible()) 593 return false; 594 if (!kprobe_running()) 595 return false; 596 return kprobe_fault_handler(regs, trap); 597} 598 599#endif /* _LINUX_KPROBES_H */