1 #include <linux/module.h> 2 #include <linux/sched.h> 3 #include <linux/mutex.h> 4 #include <linux/list.h> 5 #include <linux/stringify.h> 6 #include <linux/kprobes.h> 7 #include <linux/mm.h> 8 #include <linux/vmalloc.h> 9 #include <linux/memory.h> 10 #include <linux/stop_machine.h> 11 #include <linux/slab.h> 12 #include <asm/alternative.h> 13 #include <asm/sections.h> 14 #include <asm/pgtable.h> 15 #include <asm/mce.h> 16 #include <asm/nmi.h> 17 #include <asm/vsyscall.h> 18 #include <asm/cacheflush.h> 19 #include <asm/tlbflush.h> 20 #include <asm/io.h> 21 #include <asm/fixmap.h> 22 23 #define MAX_PATCH_LEN (255-1) 24 25 #ifdef CONFIG_HOTPLUG_CPU 26 static int smp_alt_once; 27 28 static int __init bootonly(char *str) 29 { 30 smp_alt_once = 1; 31 return 1; 32 } 33 __setup("smp-alt-boot", bootonly); 34 #else 35 #define smp_alt_once 1 36 #endif 37 38 static int __initdata_or_module debug_alternative; 39 40 static int __init debug_alt(char *str) 41 { 42 debug_alternative = 1; 43 return 1; 44 } 45 __setup("debug-alternative", debug_alt); 46 47 static int noreplace_smp; 48 49 static int __init setup_noreplace_smp(char *str) 50 { 51 noreplace_smp = 1; 52 return 1; 53 } 54 __setup("noreplace-smp", setup_noreplace_smp); 55 56 #ifdef CONFIG_PARAVIRT 57 static int __initdata_or_module noreplace_paravirt = 0; 58 59 static int __init setup_noreplace_paravirt(char *str) 60 { 61 noreplace_paravirt = 1; 62 return 1; 63 } 64 __setup("noreplace-paravirt", setup_noreplace_paravirt); 65 #endif 66 67 #define DPRINTK(fmt, args...) if (debug_alternative) \ 68 printk(KERN_DEBUG fmt, args) 69 70 /* 71 * Each GENERIC_NOPX is of X bytes, and defined as an array of bytes 72 * that correspond to that nop. Getting from one nop to the next, we 73 * add to the array the offset that is equal to the sum of all sizes of 74 * nops preceding the one we are after. 75 * 76 * Note: The GENERIC_NOP5_ATOMIC is at the end, as it breaks the 77 * nice symmetry of sizes of the previous nops. 78 */ 79 #if defined(GENERIC_NOP1) && !defined(CONFIG_X86_64) 80 static const unsigned char intelnops[] = 81 { 82 GENERIC_NOP1, 83 GENERIC_NOP2, 84 GENERIC_NOP3, 85 GENERIC_NOP4, 86 GENERIC_NOP5, 87 GENERIC_NOP6, 88 GENERIC_NOP7, 89 GENERIC_NOP8, 90 GENERIC_NOP5_ATOMIC 91 }; 92 static const unsigned char * const intel_nops[ASM_NOP_MAX+2] = 93 { 94 NULL, 95 intelnops, 96 intelnops + 1, 97 intelnops + 1 + 2, 98 intelnops + 1 + 2 + 3, 99 intelnops + 1 + 2 + 3 + 4, 100 intelnops + 1 + 2 + 3 + 4 + 5, 101 intelnops + 1 + 2 + 3 + 4 + 5 + 6, 102 intelnops + 1 + 2 + 3 + 4 + 5 + 6 + 7, 103 intelnops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8, 104 }; 105 #endif 106 107 #ifdef K8_NOP1 108 static const unsigned char k8nops[] = 109 { 110 K8_NOP1, 111 K8_NOP2, 112 K8_NOP3, 113 K8_NOP4, 114 K8_NOP5, 115 K8_NOP6, 116 K8_NOP7, 117 K8_NOP8, 118 K8_NOP5_ATOMIC 119 }; 120 static const unsigned char * const k8_nops[ASM_NOP_MAX+2] = 121 { 122 NULL, 123 k8nops, 124 k8nops + 1, 125 k8nops + 1 + 2, 126 k8nops + 1 + 2 + 3, 127 k8nops + 1 + 2 + 3 + 4, 128 k8nops + 1 + 2 + 3 + 4 + 5, 129 k8nops + 1 + 2 + 3 + 4 + 5 + 6, 130 k8nops + 1 + 2 + 3 + 4 + 5 + 6 + 7, 131 k8nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8, 132 }; 133 #endif 134 135 #if defined(K7_NOP1) && !defined(CONFIG_X86_64) 136 static const unsigned char k7nops[] = 137 { 138 K7_NOP1, 139 K7_NOP2, 140 K7_NOP3, 141 K7_NOP4, 142 K7_NOP5, 143 K7_NOP6, 144 K7_NOP7, 145 K7_NOP8, 146 K7_NOP5_ATOMIC 147 }; 148 static const unsigned char * const k7_nops[ASM_NOP_MAX+2] = 149 { 150 NULL, 151 k7nops, 152 k7nops + 1, 153 k7nops + 1 + 2, 154 k7nops + 1 + 2 + 3, 155 k7nops + 1 + 2 + 3 + 4, 156 k7nops + 1 + 2 + 3 + 4 + 5, 157 k7nops + 1 + 2 + 3 + 4 + 5 + 6, 158 k7nops + 1 + 2 + 3 + 4 + 5 + 6 + 7, 159 k7nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8, 160 }; 161 #endif 162 163 #ifdef P6_NOP1 164 static const unsigned char __initconst_or_module p6nops[] = 165 { 166 P6_NOP1, 167 P6_NOP2, 168 P6_NOP3, 169 P6_NOP4, 170 P6_NOP5, 171 P6_NOP6, 172 P6_NOP7, 173 P6_NOP8, 174 P6_NOP5_ATOMIC 175 }; 176 static const unsigned char * const p6_nops[ASM_NOP_MAX+2] = 177 { 178 NULL, 179 p6nops, 180 p6nops + 1, 181 p6nops + 1 + 2, 182 p6nops + 1 + 2 + 3, 183 p6nops + 1 + 2 + 3 + 4, 184 p6nops + 1 + 2 + 3 + 4 + 5, 185 p6nops + 1 + 2 + 3 + 4 + 5 + 6, 186 p6nops + 1 + 2 + 3 + 4 + 5 + 6 + 7, 187 p6nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8, 188 }; 189 #endif 190 191 /* Initialize these to a safe default */ 192 #ifdef CONFIG_X86_64 193 const unsigned char * const *ideal_nops = p6_nops; 194 #else 195 const unsigned char * const *ideal_nops = intel_nops; 196 #endif 197 198 void __init arch_init_ideal_nops(void) 199 { 200 switch (boot_cpu_data.x86_vendor) { 201 case X86_VENDOR_INTEL: 202 /* 203 * Due to a decoder implementation quirk, some 204 * specific Intel CPUs actually perform better with 205 * the "k8_nops" than with the SDM-recommended NOPs. 206 */ 207 if (boot_cpu_data.x86 == 6 && 208 boot_cpu_data.x86_model >= 0x0f && 209 boot_cpu_data.x86_model != 0x1c && 210 boot_cpu_data.x86_model != 0x26 && 211 boot_cpu_data.x86_model != 0x27 && 212 boot_cpu_data.x86_model < 0x30) { 213 ideal_nops = k8_nops; 214 } else if (boot_cpu_has(X86_FEATURE_NOPL)) { 215 ideal_nops = p6_nops; 216 } else { 217 #ifdef CONFIG_X86_64 218 ideal_nops = k8_nops; 219 #else 220 ideal_nops = intel_nops; 221 #endif 222 } 223 224 default: 225 #ifdef CONFIG_X86_64 226 ideal_nops = k8_nops; 227 #else 228 if (boot_cpu_has(X86_FEATURE_K8)) 229 ideal_nops = k8_nops; 230 else if (boot_cpu_has(X86_FEATURE_K7)) 231 ideal_nops = k7_nops; 232 else 233 ideal_nops = intel_nops; 234 #endif 235 } 236 } 237 238 /* Use this to add nops to a buffer, then text_poke the whole buffer. */ 239 static void __init_or_module add_nops(void *insns, unsigned int len) 240 { 241 while (len > 0) { 242 unsigned int noplen = len; 243 if (noplen > ASM_NOP_MAX) 244 noplen = ASM_NOP_MAX; 245 memcpy(insns, ideal_nops[noplen], noplen); 246 insns += noplen; 247 len -= noplen; 248 } 249 } 250 251 extern struct alt_instr __alt_instructions[], __alt_instructions_end[]; 252 extern s32 __smp_locks[], __smp_locks_end[]; 253 extern char __vsyscall_0; 254 void *text_poke_early(void *addr, const void *opcode, size_t len); 255 256 /* Replace instructions with better alternatives for this CPU type. 257 This runs before SMP is initialized to avoid SMP problems with 258 self modifying code. This implies that asymmetric systems where 259 APs have less capabilities than the boot processor are not handled. 260 Tough. Make sure you disable such features by hand. */ 261 262 void __init_or_module apply_alternatives(struct alt_instr *start, 263 struct alt_instr *end) 264 { 265 struct alt_instr *a; 266 u8 insnbuf[MAX_PATCH_LEN]; 267 268 DPRINTK("%s: alt table %p -> %p\n", __func__, start, end); 269 /* 270 * The scan order should be from start to end. A later scanned 271 * alternative code can overwrite a previous scanned alternative code. 272 * Some kernel functions (e.g. memcpy, memset, etc) use this order to 273 * patch code. 274 * 275 * So be careful if you want to change the scan order to any other 276 * order. 277 */ 278 for (a = start; a < end; a++) { 279 u8 *instr = a->instr; 280 BUG_ON(a->replacementlen > a->instrlen); 281 BUG_ON(a->instrlen > sizeof(insnbuf)); 282 BUG_ON(a->cpuid >= NCAPINTS*32); 283 if (!boot_cpu_has(a->cpuid)) 284 continue; 285 #ifdef CONFIG_X86_64 286 /* vsyscall code is not mapped yet. resolve it manually. */ 287 if (instr >= (u8 *)VSYSCALL_START && instr < (u8*)VSYSCALL_END) { 288 instr = __va(instr - (u8*)VSYSCALL_START + (u8*)__pa_symbol(&__vsyscall_0)); 289 DPRINTK("%s: vsyscall fixup: %p => %p\n", 290 __func__, a->instr, instr); 291 } 292 #endif 293 memcpy(insnbuf, a->replacement, a->replacementlen); 294 if (*insnbuf == 0xe8 && a->replacementlen == 5) 295 *(s32 *)(insnbuf + 1) += a->replacement - a->instr; 296 add_nops(insnbuf + a->replacementlen, 297 a->instrlen - a->replacementlen); 298 text_poke_early(instr, insnbuf, a->instrlen); 299 } 300 } 301 302 #ifdef CONFIG_SMP 303 304 static void alternatives_smp_lock(const s32 *start, const s32 *end, 305 u8 *text, u8 *text_end) 306 { 307 const s32 *poff; 308 309 mutex_lock(&text_mutex); 310 for (poff = start; poff < end; poff++) { 311 u8 *ptr = (u8 *)poff + *poff; 312 313 if (!*poff || ptr < text || ptr >= text_end) 314 continue; 315 /* turn DS segment override prefix into lock prefix */ 316 if (*ptr == 0x3e) 317 text_poke(ptr, ((unsigned char []){0xf0}), 1); 318 }; 319 mutex_unlock(&text_mutex); 320 } 321 322 static void alternatives_smp_unlock(const s32 *start, const s32 *end, 323 u8 *text, u8 *text_end) 324 { 325 const s32 *poff; 326 327 if (noreplace_smp) 328 return; 329 330 mutex_lock(&text_mutex); 331 for (poff = start; poff < end; poff++) { 332 u8 *ptr = (u8 *)poff + *poff; 333 334 if (!*poff || ptr < text || ptr >= text_end) 335 continue; 336 /* turn lock prefix into DS segment override prefix */ 337 if (*ptr == 0xf0) 338 text_poke(ptr, ((unsigned char []){0x3E}), 1); 339 }; 340 mutex_unlock(&text_mutex); 341 } 342 343 struct smp_alt_module { 344 /* what is this ??? */ 345 struct module *mod; 346 char *name; 347 348 /* ptrs to lock prefixes */ 349 const s32 *locks; 350 const s32 *locks_end; 351 352 /* .text segment, needed to avoid patching init code ;) */ 353 u8 *text; 354 u8 *text_end; 355 356 struct list_head next; 357 }; 358 static LIST_HEAD(smp_alt_modules); 359 static DEFINE_MUTEX(smp_alt); 360 static int smp_mode = 1; /* protected by smp_alt */ 361 362 void __init_or_module alternatives_smp_module_add(struct module *mod, 363 char *name, 364 void *locks, void *locks_end, 365 void *text, void *text_end) 366 { 367 struct smp_alt_module *smp; 368 369 if (noreplace_smp) 370 return; 371 372 if (smp_alt_once) { 373 if (boot_cpu_has(X86_FEATURE_UP)) 374 alternatives_smp_unlock(locks, locks_end, 375 text, text_end); 376 return; 377 } 378 379 smp = kzalloc(sizeof(*smp), GFP_KERNEL); 380 if (NULL == smp) 381 return; /* we'll run the (safe but slow) SMP code then ... */ 382 383 smp->mod = mod; 384 smp->name = name; 385 smp->locks = locks; 386 smp->locks_end = locks_end; 387 smp->text = text; 388 smp->text_end = text_end; 389 DPRINTK("%s: locks %p -> %p, text %p -> %p, name %s\n", 390 __func__, smp->locks, smp->locks_end, 391 smp->text, smp->text_end, smp->name); 392 393 mutex_lock(&smp_alt); 394 list_add_tail(&smp->next, &smp_alt_modules); 395 if (boot_cpu_has(X86_FEATURE_UP)) 396 alternatives_smp_unlock(smp->locks, smp->locks_end, 397 smp->text, smp->text_end); 398 mutex_unlock(&smp_alt); 399 } 400 401 void __init_or_module alternatives_smp_module_del(struct module *mod) 402 { 403 struct smp_alt_module *item; 404 405 if (smp_alt_once || noreplace_smp) 406 return; 407 408 mutex_lock(&smp_alt); 409 list_for_each_entry(item, &smp_alt_modules, next) { 410 if (mod != item->mod) 411 continue; 412 list_del(&item->next); 413 mutex_unlock(&smp_alt); 414 DPRINTK("%s: %s\n", __func__, item->name); 415 kfree(item); 416 return; 417 } 418 mutex_unlock(&smp_alt); 419 } 420 421 bool skip_smp_alternatives; 422 void alternatives_smp_switch(int smp) 423 { 424 struct smp_alt_module *mod; 425 426 #ifdef CONFIG_LOCKDEP 427 /* 428 * Older binutils section handling bug prevented 429 * alternatives-replacement from working reliably. 430 * 431 * If this still occurs then you should see a hang 432 * or crash shortly after this line: 433 */ 434 printk("lockdep: fixing up alternatives.\n"); 435 #endif 436 437 if (noreplace_smp || smp_alt_once || skip_smp_alternatives) 438 return; 439 BUG_ON(!smp && (num_online_cpus() > 1)); 440 441 mutex_lock(&smp_alt); 442 443 /* 444 * Avoid unnecessary switches because it forces JIT based VMs to 445 * throw away all cached translations, which can be quite costly. 446 */ 447 if (smp == smp_mode) { 448 /* nothing */ 449 } else if (smp) { 450 printk(KERN_INFO "SMP alternatives: switching to SMP code\n"); 451 clear_cpu_cap(&boot_cpu_data, X86_FEATURE_UP); 452 clear_cpu_cap(&cpu_data(0), X86_FEATURE_UP); 453 list_for_each_entry(mod, &smp_alt_modules, next) 454 alternatives_smp_lock(mod->locks, mod->locks_end, 455 mod->text, mod->text_end); 456 } else { 457 printk(KERN_INFO "SMP alternatives: switching to UP code\n"); 458 set_cpu_cap(&boot_cpu_data, X86_FEATURE_UP); 459 set_cpu_cap(&cpu_data(0), X86_FEATURE_UP); 460 list_for_each_entry(mod, &smp_alt_modules, next) 461 alternatives_smp_unlock(mod->locks, mod->locks_end, 462 mod->text, mod->text_end); 463 } 464 smp_mode = smp; 465 mutex_unlock(&smp_alt); 466 } 467 468 /* Return 1 if the address range is reserved for smp-alternatives */ 469 int alternatives_text_reserved(void *start, void *end) 470 { 471 struct smp_alt_module *mod; 472 const s32 *poff; 473 u8 *text_start = start; 474 u8 *text_end = end; 475 476 list_for_each_entry(mod, &smp_alt_modules, next) { 477 if (mod->text > text_end || mod->text_end < text_start) 478 continue; 479 for (poff = mod->locks; poff < mod->locks_end; poff++) { 480 const u8 *ptr = (const u8 *)poff + *poff; 481 482 if (text_start <= ptr && text_end > ptr) 483 return 1; 484 } 485 } 486 487 return 0; 488 } 489 #endif 490 491 #ifdef CONFIG_PARAVIRT 492 void __init_or_module apply_paravirt(struct paravirt_patch_site *start, 493 struct paravirt_patch_site *end) 494 { 495 struct paravirt_patch_site *p; 496 char insnbuf[MAX_PATCH_LEN]; 497 498 if (noreplace_paravirt) 499 return; 500 501 for (p = start; p < end; p++) { 502 unsigned int used; 503 504 BUG_ON(p->len > MAX_PATCH_LEN); 505 /* prep the buffer with the original instructions */ 506 memcpy(insnbuf, p->instr, p->len); 507 used = pv_init_ops.patch(p->instrtype, p->clobbers, insnbuf, 508 (unsigned long)p->instr, p->len); 509 510 BUG_ON(used > p->len); 511 512 /* Pad the rest with nops */ 513 add_nops(insnbuf + used, p->len - used); 514 text_poke_early(p->instr, insnbuf, p->len); 515 } 516 } 517 extern struct paravirt_patch_site __start_parainstructions[], 518 __stop_parainstructions[]; 519 #endif /* CONFIG_PARAVIRT */ 520 521 void __init alternative_instructions(void) 522 { 523 /* The patching is not fully atomic, so try to avoid local interruptions 524 that might execute the to be patched code. 525 Other CPUs are not running. */ 526 stop_nmi(); 527 528 /* 529 * Don't stop machine check exceptions while patching. 530 * MCEs only happen when something got corrupted and in this 531 * case we must do something about the corruption. 532 * Ignoring it is worse than a unlikely patching race. 533 * Also machine checks tend to be broadcast and if one CPU 534 * goes into machine check the others follow quickly, so we don't 535 * expect a machine check to cause undue problems during to code 536 * patching. 537 */ 538 539 apply_alternatives(__alt_instructions, __alt_instructions_end); 540 541 /* switch to patch-once-at-boottime-only mode and free the 542 * tables in case we know the number of CPUs will never ever 543 * change */ 544 #ifdef CONFIG_HOTPLUG_CPU 545 if (num_possible_cpus() < 2) 546 smp_alt_once = 1; 547 #endif 548 549 #ifdef CONFIG_SMP 550 if (smp_alt_once) { 551 if (1 == num_possible_cpus()) { 552 printk(KERN_INFO "SMP alternatives: switching to UP code\n"); 553 set_cpu_cap(&boot_cpu_data, X86_FEATURE_UP); 554 set_cpu_cap(&cpu_data(0), X86_FEATURE_UP); 555 556 alternatives_smp_unlock(__smp_locks, __smp_locks_end, 557 _text, _etext); 558 } 559 } else { 560 alternatives_smp_module_add(NULL, "core kernel", 561 __smp_locks, __smp_locks_end, 562 _text, _etext); 563 564 /* Only switch to UP mode if we don't immediately boot others */ 565 if (num_present_cpus() == 1 || setup_max_cpus <= 1) 566 alternatives_smp_switch(0); 567 } 568 #endif 569 apply_paravirt(__parainstructions, __parainstructions_end); 570 571 if (smp_alt_once) 572 free_init_pages("SMP alternatives", 573 (unsigned long)__smp_locks, 574 (unsigned long)__smp_locks_end); 575 576 restart_nmi(); 577 } 578 579 /** 580 * text_poke_early - Update instructions on a live kernel at boot time 581 * @addr: address to modify 582 * @opcode: source of the copy 583 * @len: length to copy 584 * 585 * When you use this code to patch more than one byte of an instruction 586 * you need to make sure that other CPUs cannot execute this code in parallel. 587 * Also no thread must be currently preempted in the middle of these 588 * instructions. And on the local CPU you need to be protected again NMI or MCE 589 * handlers seeing an inconsistent instruction while you patch. 590 */ 591 void *__init_or_module text_poke_early(void *addr, const void *opcode, 592 size_t len) 593 { 594 unsigned long flags; 595 local_irq_save(flags); 596 memcpy(addr, opcode, len); 597 sync_core(); 598 local_irq_restore(flags); 599 /* Could also do a CLFLUSH here to speed up CPU recovery; but 600 that causes hangs on some VIA CPUs. */ 601 return addr; 602 } 603 604 /** 605 * text_poke - Update instructions on a live kernel 606 * @addr: address to modify 607 * @opcode: source of the copy 608 * @len: length to copy 609 * 610 * Only atomic text poke/set should be allowed when not doing early patching. 611 * It means the size must be writable atomically and the address must be aligned 612 * in a way that permits an atomic write. It also makes sure we fit on a single 613 * page. 614 * 615 * Note: Must be called under text_mutex. 616 */ 617 void *__kprobes text_poke(void *addr, const void *opcode, size_t len) 618 { 619 unsigned long flags; 620 char *vaddr; 621 struct page *pages[2]; 622 int i; 623 624 if (!core_kernel_text((unsigned long)addr)) { 625 pages[0] = vmalloc_to_page(addr); 626 pages[1] = vmalloc_to_page(addr + PAGE_SIZE); 627 } else { 628 pages[0] = virt_to_page(addr); 629 WARN_ON(!PageReserved(pages[0])); 630 pages[1] = virt_to_page(addr + PAGE_SIZE); 631 } 632 BUG_ON(!pages[0]); 633 local_irq_save(flags); 634 set_fixmap(FIX_TEXT_POKE0, page_to_phys(pages[0])); 635 if (pages[1]) 636 set_fixmap(FIX_TEXT_POKE1, page_to_phys(pages[1])); 637 vaddr = (char *)fix_to_virt(FIX_TEXT_POKE0); 638 memcpy(&vaddr[(unsigned long)addr & ~PAGE_MASK], opcode, len); 639 clear_fixmap(FIX_TEXT_POKE0); 640 if (pages[1]) 641 clear_fixmap(FIX_TEXT_POKE1); 642 local_flush_tlb(); 643 sync_core(); 644 /* Could also do a CLFLUSH here to speed up CPU recovery; but 645 that causes hangs on some VIA CPUs. */ 646 for (i = 0; i < len; i++) 647 BUG_ON(((char *)addr)[i] != ((char *)opcode)[i]); 648 local_irq_restore(flags); 649 return addr; 650 } 651 652 /* 653 * Cross-modifying kernel text with stop_machine(). 654 * This code originally comes from immediate value. 655 */ 656 static atomic_t stop_machine_first; 657 static int wrote_text; 658 659 struct text_poke_params { 660 struct text_poke_param *params; 661 int nparams; 662 }; 663 664 static int __kprobes stop_machine_text_poke(void *data) 665 { 666 struct text_poke_params *tpp = data; 667 struct text_poke_param *p; 668 int i; 669 670 if (atomic_dec_and_test(&stop_machine_first)) { 671 for (i = 0; i < tpp->nparams; i++) { 672 p = &tpp->params[i]; 673 text_poke(p->addr, p->opcode, p->len); 674 } 675 smp_wmb(); /* Make sure other cpus see that this has run */ 676 wrote_text = 1; 677 } else { 678 while (!wrote_text) 679 cpu_relax(); 680 smp_mb(); /* Load wrote_text before following execution */ 681 } 682 683 for (i = 0; i < tpp->nparams; i++) { 684 p = &tpp->params[i]; 685 flush_icache_range((unsigned long)p->addr, 686 (unsigned long)p->addr + p->len); 687 } 688 /* 689 * Intel Archiecture Software Developer's Manual section 7.1.3 specifies 690 * that a core serializing instruction such as "cpuid" should be 691 * executed on _each_ core before the new instruction is made visible. 692 */ 693 sync_core(); 694 return 0; 695 } 696 697 /** 698 * text_poke_smp - Update instructions on a live kernel on SMP 699 * @addr: address to modify 700 * @opcode: source of the copy 701 * @len: length to copy 702 * 703 * Modify multi-byte instruction by using stop_machine() on SMP. This allows 704 * user to poke/set multi-byte text on SMP. Only non-NMI/MCE code modifying 705 * should be allowed, since stop_machine() does _not_ protect code against 706 * NMI and MCE. 707 * 708 * Note: Must be called under get_online_cpus() and text_mutex. 709 */ 710 void *__kprobes text_poke_smp(void *addr, const void *opcode, size_t len) 711 { 712 struct text_poke_params tpp; 713 struct text_poke_param p; 714 715 p.addr = addr; 716 p.opcode = opcode; 717 p.len = len; 718 tpp.params = &p; 719 tpp.nparams = 1; 720 atomic_set(&stop_machine_first, 1); 721 wrote_text = 0; 722 /* Use __stop_machine() because the caller already got online_cpus. */ 723 __stop_machine(stop_machine_text_poke, (void *)&tpp, cpu_online_mask); 724 return addr; 725 } 726 727 /** 728 * text_poke_smp_batch - Update instructions on a live kernel on SMP 729 * @params: an array of text_poke parameters 730 * @n: the number of elements in params. 731 * 732 * Modify multi-byte instruction by using stop_machine() on SMP. Since the 733 * stop_machine() is heavy task, it is better to aggregate text_poke requests 734 * and do it once if possible. 735 * 736 * Note: Must be called under get_online_cpus() and text_mutex. 737 */ 738 void __kprobes text_poke_smp_batch(struct text_poke_param *params, int n) 739 { 740 struct text_poke_params tpp = {.params = params, .nparams = n}; 741 742 atomic_set(&stop_machine_first, 1); 743 wrote_text = 0; 744 __stop_machine(stop_machine_text_poke, (void *)&tpp, NULL); 745 } 746