Re: [RFC PATCH 0/4] kgdb: Honour the kprobe blacklist when setting breakpoints

From: Peter Zijlstra
Date: Fri Jun 05 2020 - 10:30:06 EST


On Fri, Jun 05, 2020 at 02:21:26PM +0100, Daniel Thompson wrote:
> kgdb has traditionally adopted a no safety rails approach to breakpoint
> placement. If the debugger is commanded to place a breakpoint at an
> address then it will do so even if that breakpoint results in kgdb
> becoming inoperable.
>
> A stop-the-world debugger with memory peek/poke does intrinsically
> provide its operator with the means to hose their system in all manner
> of exciting ways (not least because stopping-the-world is already a DoS
> attack ;-) ) but the current no safety rail approach is not easy to
> defend, especially given kprobes provides us with plenty of machinery to
> mark parts of the kernel where breakpointing is discouraged.
>
> This patchset introduces some safety rails by using the existing
> kprobes infrastructure. It does not cover all locations where
> breakpoints can cause trouble but it will definitely block off several
> avenues, including the architecture specific parts that are handled by
> arch_within_kprobe_blacklist().
>
> This patch is an RFC because:
>
> 1. My workstation is still chugging through the compile testing.
>
> 2. Patch 4 needs more runtime testing.
>
> 3. The code to extract the kprobe blacklist code (patch 4 again) needs
> more review especially for its impact on arch specific code.
>
> To be clear I do plan to do the detailed review of the kprobe blacklist
> stuff but would like to check the direction of travel first since the
> change is already surprisingly big and maybe there's a better way to
> organise things.

Thanks for doing these patches, esp 1-3 look very good to me.

I've taken the liberty to bounce the entire set to Masami-San, who is
the kprobes maintainer for comments as well.