perf/x86/hw_breakpoints: Improve range breakpoint validation

Range breakpoints will do the wrong thing if the address isn't
aligned.  While we're there, add comments about why it's safe for
instruction breakpoints.

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/ae25d14d61f2f43b78e0a247e469f3072df7e201.1438312874.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>

diff --git a/arch/x86/kernel/hw_breakpoint.c b/arch/x86/kernel/hw_breakpoint.c
index 78f3e90c565927591790cadd98f5bacaa14c90a9..6f345d302cf6a22e55aeed2b0570a9ec84d6c184 100644 (file)
--- a/arch/x86/kernel/hw_breakpoint.c
+++ b/arch/x86/kernel/hw_breakpoint.c
@@ -291,8 +291,18 @@ static int arch_build_bp_info(struct perf_event *bp)
                break;
 #endif
        default:
+               /* AMD range breakpoint */
                if (!is_power_of_2(bp->attr.bp_len))
                        return -EINVAL;
+               if (bp->attr.bp_addr & (bp->attr.bp_len - 1))
+                       return -EINVAL;
+               /*
+                * It's impossible to use a range breakpoint to fake out
+                * user vs kernel detection because bp_len - 1 can't
+                * have the high bit set.  If we ever allow range instruction
+                * breakpoints, then we'll have to check for kprobe-blacklisted
+                * addresses anywhere in the range.
+                */
                if (!cpu_has_bpext)
                        return -EOPNOTSUPP;
                info->mask = bp->attr.bp_len - 1;