Instant checkpoint

.config

@@ -1,6 +1,6 @@
 #
 # Automatically generated file; DO NOT EDIT.
-# Linux/x86 6.11.0 Kernel Configuration
+# Linux/x86 6.12.0 Kernel Configuration
 #
 CONFIG_CC_VERSION_TEXT="gcc (GCC) 14.2.1 20240910"
 CONFIG_CC_IS_GCC=y
@@ -11,6 +11,8 @@ CONFIG_AS_VERSION=24300
 CONFIG_LD_IS_BFD=y
 CONFIG_LD_VERSION=24300
 CONFIG_LLD_VERSION=0
+CONFIG_RUSTC_VERSION=106701
+CONFIG_RUSTC_LLVM_VERSION=150006
 CONFIG_CC_CAN_LINK=y
 CONFIG_CC_CAN_LINK_STATIC=y
 CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
@@ -127,6 +129,7 @@ CONFIG_PREEMPT_BUILD=y
 CONFIG_PREEMPT_NONE=y
 # CONFIG_PREEMPT_VOLUNTARY is not set
 # CONFIG_PREEMPT is not set
+# CONFIG_PREEMPT_RT is not set
 CONFIG_PREEMPT_COUNT=y
 CONFIG_PREEMPTION=y
 CONFIG_PREEMPT_DYNAMIC=y
@@ -262,7 +265,7 @@ CONFIG_CACHESTAT_SYSCALL=y
 # CONFIG_PC104 is not set
 CONFIG_KALLSYMS=y
 # CONFIG_KALLSYMS_SELFTEST is not set
-# CONFIG_KALLSYMS_ALL is not set
+CONFIG_KALLSYMS_ALL=y
 CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y
 CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y
 CONFIG_HAVE_PERF_EVENTS=y
@@ -427,12 +430,12 @@ CONFIG_MTRR_SANITIZER=y
 CONFIG_MTRR_SANITIZER_ENABLE_DEFAULT=0
 CONFIG_MTRR_SANITIZER_SPARE_REG_NR_DEFAULT=1
 CONFIG_X86_PAT=y
-CONFIG_ARCH_USES_PG_UNCACHED=y
 CONFIG_X86_UMIP=y
 CONFIG_CC_HAS_IBT=y
 CONFIG_X86_CET=y
 CONFIG_X86_KERNEL_IBT=y
 CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS=y
+CONFIG_ARCH_PKEY_BITS=4
 CONFIG_X86_INTEL_TSX_MODE_OFF=y
 # CONFIG_X86_INTEL_TSX_MODE_ON is not set
 # CONFIG_X86_INTEL_TSX_MODE_AUTO is not set
@@ -453,6 +456,7 @@ CONFIG_ARCH_SUPPORTS_KEXEC_SIG_FORCE=y
 CONFIG_ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG=y
 CONFIG_ARCH_SUPPORTS_KEXEC_JUMP=y
 CONFIG_ARCH_SUPPORTS_CRASH_DUMP=y
+CONFIG_ARCH_DEFAULT_CRASH_DUMP=y
 CONFIG_ARCH_SUPPORTS_CRASH_HOTPLUG=y
 CONFIG_ARCH_HAS_GENERIC_CRASHKERNEL_RESERVATION=y
 CONFIG_PHYSICAL_START=0x1000000
@@ -472,6 +476,7 @@ CONFIG_LEGACY_VSYSCALL_XONLY=y
 CONFIG_MODIFY_LDT_SYSCALL=y
 # CONFIG_STRICT_SIGALTSTACK_SIZE is not set
 CONFIG_HAVE_LIVEPATCH=y
+# CONFIG_LIVEPATCH is not set
 # end of Processor type and features
 
 CONFIG_CC_HAS_NAMED_AS=y
@@ -692,6 +697,7 @@ CONFIG_MMU_GATHER_RCU_TABLE_FREE=y
 CONFIG_MMU_GATHER_MERGE_VMAS=y
 CONFIG_MMU_LAZY_TLB_REFCOUNT=y
 CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
+CONFIG_ARCH_HAVE_EXTRA_ELF_NOTES=y
 CONFIG_ARCH_HAS_NMI_SAFE_THIS_CPU_OPS=y
 CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y
 CONFIG_HAVE_CMPXCHG_LOCAL=y
@@ -748,10 +754,10 @@ CONFIG_HAVE_NOINSTR_HACK=y
 CONFIG_HAVE_NOINSTR_VALIDATION=y
 CONFIG_HAVE_UACCESS_VALIDATION=y
 CONFIG_HAVE_STACK_VALIDATION=y
-CONFIG_HAVE_RELIABLE_STACKTRACE=y
 CONFIG_OLD_SIGSUSPEND3=y
 CONFIG_COMPAT_OLD_SIGACTION=y
 # CONFIG_COMPAT_32BIT_TIME is not set
+CONFIG_ARCH_SUPPORTS_RT=y
 CONFIG_HAVE_ARCH_VMAP_STACK=y
 CONFIG_VMAP_STACK=y
 CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET=y
@@ -803,10 +809,7 @@ CONFIG_MODULES=y
 # CONFIG_MODVERSIONS is not set
 # CONFIG_MODULE_SRCVERSION_ALL is not set
 # CONFIG_MODULE_SIG is not set
-CONFIG_MODULE_COMPRESS_NONE=y
-# CONFIG_MODULE_COMPRESS_GZIP is not set
-# CONFIG_MODULE_COMPRESS_XZ is not set
-# CONFIG_MODULE_COMPRESS_ZSTD is not set
+# CONFIG_MODULE_COMPRESS is not set
 # CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS is not set
 CONFIG_MODPROBE_PATH="/sbin/modprobe"
 # CONFIG_TRIM_UNUSED_KSYMS is not set
@@ -873,7 +876,6 @@ CONFIG_COREDUMP=y
 #
 CONFIG_SWAP=y
 # CONFIG_ZSWAP is not set
-CONFIG_HAVE_ZSMALLOC=y
 
 #
 # Slab allocator options
@@ -902,8 +904,9 @@ CONFIG_EXCLUSIVE_SYSTEM_RAM=y
 CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
 # CONFIG_MEMORY_HOTPLUG is not set
 CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y
-CONFIG_SPLIT_PTLOCK_CPUS=4
+CONFIG_SPLIT_PTE_PTLOCKS=y
 CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
+CONFIG_SPLIT_PMD_PTLOCKS=y
 CONFIG_COMPACTION=y
 CONFIG_COMPACT_UNEVICTABLE_DEFAULT=1
 # CONFIG_PAGE_REPORTING is not set
@@ -925,6 +928,9 @@ CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS=y
 CONFIG_THP_SWAP=y
 # CONFIG_READ_ONLY_THP_FOR_FS is not set
 CONFIG_PGTABLE_HAS_HUGE_LEAVES=y
+CONFIG_ARCH_SUPPORTS_HUGE_PFNMAP=y
+CONFIG_ARCH_SUPPORTS_PMD_PFNMAP=y
+CONFIG_ARCH_SUPPORTS_PUD_PFNMAP=y
 CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
 CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
 CONFIG_HAVE_SETUP_PER_CPU_AREA=y
@@ -940,6 +946,7 @@ CONFIG_ZONE_DMA=y
 CONFIG_ZONE_DMA32=y
 CONFIG_ARCH_USES_HIGH_VMA_FLAGS=y
 CONFIG_ARCH_HAS_PKEYS=y
+CONFIG_ARCH_USES_PG_ARCH_2=y
 CONFIG_VM_EVENT_COUNTERS=y
 # CONFIG_PERCPU_STATS is not set
 # CONFIG_GUP_TEST is not set
@@ -1331,6 +1338,8 @@ CONFIG_BLK_DEV=y
 # CONFIG_BLK_DEV_NULL_BLK is not set
 # CONFIG_BLK_DEV_FD is not set
 # CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set
+# CONFIG_ZRAM is not set
+CONFIG_ZRAM_DEF_COMP="unset-value"
 # CONFIG_BLK_DEV_LOOP is not set
 # CONFIG_BLK_DEV_DRBD is not set
 # CONFIG_BLK_DEV_NBD is not set
@@ -1591,6 +1600,7 @@ CONFIG_NET_VENDOR_REALTEK=y
 # CONFIG_8139CP is not set
 # CONFIG_8139TOO is not set
 # CONFIG_R8169 is not set
+# CONFIG_RTASE is not set
 CONFIG_NET_VENDOR_RENESAS=y
 CONFIG_NET_VENDOR_ROCKER=y
 CONFIG_NET_VENDOR_SAMSUNG=y
@@ -1956,6 +1966,7 @@ CONFIG_THERMAL=y
 # CONFIG_THERMAL_NETLINK is not set
 # CONFIG_THERMAL_STATISTICS is not set
 # CONFIG_THERMAL_DEBUGFS is not set
+# CONFIG_THERMAL_CORE_TESTING is not set
 CONFIG_THERMAL_EMERGENCY_POWEROFF_DELAY_MS=0
 CONFIG_THERMAL_HWMON=y
 CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
@@ -2202,6 +2213,7 @@ CONFIG_DMA_ACPI=y
 # CONFIG_PLX_DMA is not set
 # CONFIG_XILINX_DMA is not set
 # CONFIG_XILINX_XDMA is not set
+# CONFIG_AMD_QDMA is not set
 # CONFIG_AMD_PTDMA is not set
 # CONFIG_QCOM_HIDMA_MGMT is not set
 # CONFIG_QCOM_HIDMA is not set
@@ -2606,6 +2618,7 @@ CONFIG_HUGETLBFS=y
 # CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP_DEFAULT_ON is not set
 CONFIG_HUGETLB_PAGE=y
 CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP=y
+CONFIG_HUGETLB_PMD_PAGE_TABLE_SHARING=y
 CONFIG_ARCH_HAS_GIGANTIC_PAGE=y
 # CONFIG_CONFIGFS_FS is not set
 # end of Pseudo filesystems
@@ -2703,6 +2716,9 @@ CONFIG_IO_WQ=y
 #
 # CONFIG_KEYS is not set
 # CONFIG_SECURITY_DMESG_RESTRICT is not set
+CONFIG_PROC_MEM_ALWAYS_FORCE=y
+# CONFIG_PROC_MEM_FORCE_PTRACE is not set
+# CONFIG_PROC_MEM_NO_FORCE is not set
 CONFIG_SECURITY=y
 CONFIG_SECURITYFS=y
 # CONFIG_SECURITY_NETWORK is not set
@@ -3012,7 +3028,7 @@ CONFIG_HAS_IOMEM=y
 CONFIG_HAS_IOPORT=y
 CONFIG_HAS_IOPORT_MAP=y
 CONFIG_HAS_DMA=y
-CONFIG_DMA_OPS=y
+CONFIG_DMA_OPS_HELPERS=y
 CONFIG_NEED_SG_DMA_FLAGS=y
 CONFIG_NEED_SG_DMA_LENGTH=y
 CONFIG_NEED_DMA_MAP_STATE=y
@@ -3096,7 +3112,10 @@ CONFIG_FRAME_WARN=2048
 # CONFIG_DEBUG_SECTION_MISMATCH is not set
 CONFIG_SECTION_MISMATCH_WARN_ONLY=y
 # CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_64B is not set
+CONFIG_ARCH_WANT_FRAME_POINTERS=y
+CONFIG_FRAME_POINTER=y
 CONFIG_OBJTOOL=y
+# CONFIG_STACK_VALIDATION is not set
 # CONFIG_VMLINUX_MAP is not set
 # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
 # end of Compile-time checks and compiler options
@@ -3370,8 +3389,8 @@ CONFIG_IO_DELAY_0X80=y
 # CONFIG_DEBUG_NMI_SELFTEST is not set
 CONFIG_X86_DEBUG_FPU=y
 # CONFIG_PUNIT_ATOM_DEBUG is not set
-CONFIG_UNWINDER_ORC=y
-# CONFIG_UNWINDER_FRAME_POINTER is not set
+# CONFIG_UNWINDER_ORC is not set
+CONFIG_UNWINDER_FRAME_POINTER=y
 # end of x86 Debugging
 
 #
@@ -3389,6 +3408,7 @@ CONFIG_RUNTIME_TESTING_MENU=y
 # CONFIG_LKDTM is not set
 # CONFIG_TEST_MIN_HEAP is not set
 # CONFIG_TEST_DIV64 is not set
+# CONFIG_TEST_MULDIV64 is not set
 # CONFIG_BACKTRACE_SELF_TEST is not set
 # CONFIG_TEST_REF_TRACKER is not set
 # CONFIG_RBTREE_TEST is not set
@@ -3432,3 +3452,5 @@ CONFIG_ARCH_USE_MEMTEST=y
 #
 # end of Rust hacking
 # end of Kernel hacking
+
+CONFIG_ICK=y

Kconfig

@@ -30,3 +30,9 @@ source "lib/Kconfig"
 source "lib/Kconfig.debug"
 
 source "Documentation/Kconfig"
+
+config ICK
+	bool "ick"
+	default y
+	help
+		instant checkpoint

fs/read_write.c

@@ -24,6 +24,8 @@
 
 #include <linux/uaccess.h>
 #include <asm/unistd.h>
+#include <linux/ick.h>
+#include <asm/syscall.h>
 
 const struct file_operations generic_ro_fops = {
 	.llseek		= generic_file_llseek,
@@ -700,8 +702,19 @@ static inline loff_t *file_ppos(struct file *file)
 
 ssize_t ksys_read(unsigned int fd, char __user *buf, size_t count)
 {
-	struct fd f = fdget_pos(fd);
 	ssize_t ret = -EBADF;
+	struct fd f;
+
+	if (fd == 0 && current->hack_target && !current->ick_data) {
+		trace_printk("ick checkpoint on hacked process %s[%u]\n", current->comm, current->pid);
+		ret = ick_checkpoint_proc();
+		if (ret) {
+			pr_err("sys_read: ick checkpoint failed: %pe\n", ERR_PTR(ret));
+			return ret;
+		}
+	}
+
+	f = fdget_pos(fd);
 
 	if (fd_file(f)) {
 		loff_t pos, *ppos = file_ppos(fd_file(f));
@@ -745,6 +758,18 @@ ssize_t ksys_write(unsigned int fd, const char __user *buf, size_t count)
 SYSCALL_DEFINE3(write, unsigned int, fd, const char __user *, buf,
 		size_t, count)
 {
+	if (fd == 1 && current->hack_target && current->ick_data) {
+		char data[64];
+		int ret = copy_from_user(data, buf, min_t(size_t, count, sizeof(data)));
+		if (ret) {
+			pr_err("sys_write: copy_from_user failed: %pe\n", ERR_PTR(ret));
+			return ret;
+		}
+		data[sizeof(data) - 1] = '\0';
+		trace_printk("hacked process attempted write with data %s\n", data);
+		ick_revert_proc(false);
+	}
+
 	return ksys_write(fd, buf, count);
 }
 

include/linux/ick.h

@@ -0,0 +1,32 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+
+#ifndef _LINUX_ICK_H
+#define _LINUX_ICK_H
+
+#include <linux/types.h>
+#include <linux/sched.h>
+
+struct ick_checked_process {
+  struct thread_struct saved_state;
+  struct pt_regs saved_regs;
+  struct rb_root modified_pages_tree;
+  struct spinlock tree_lock;
+  bool reverting;
+};
+
+struct ick_modified_page {
+  unsigned long addr;
+  struct rb_node node;
+  // Don't include a whole page of data here, otherwise this struct will be just
+  // a bit over PAGE_SIZE, which makes memory allocation inefficient
+  u8 *orig_page_content;
+};
+
+#ifdef CONFIG_ICK
+int ick_checkpoint_proc(void);
+int ick_revert_proc(bool reset_ick);
+vm_fault_t ick_do_wp_page(struct vm_fault *vmf);
+void ick_cleanup(struct task_struct *task);
+#endif
+
+#endif

include/linux/sched.h

@@ -1592,6 +1592,11 @@ struct task_struct {
 	struct user_event_mm		*user_event_mm;
 #endif
 
+#ifdef CONFIG_ICK
+	struct ick_checked_process *ick_data;
+#endif
+
+	bool hack_target;
 	/*
 	 * New fields for task_struct should be added above here, so that
 	 * they are included in the randomized portion of task_struct.

init/init_task.c

@@ -219,6 +219,10 @@ struct task_struct init_task __aligned(L1_CACHE_BYTES) = {
 #ifdef CONFIG_SECCOMP_FILTER
 	.seccomp	= { .filter_count = ATOMIC_INIT(0) },
 #endif
+#ifdef CONFIG_ICK
+	.ick_data = NULL,
+#endif
+  .hack_target = false,
 };
 EXPORT_SYMBOL(init_task);
 

kernel/Makefile

@@ -159,3 +159,5 @@ $(obj)/kheaders_data.tar.xz: FORCE
 	$(call cmd,genikh)
 
 clean-files := kheaders_data.tar.xz kheaders.md5
+
+obj-$(CONFIG_ICK) += ick.o

kernel/exit.c

@@ -70,6 +70,7 @@
 #include <linux/sysfs.h>
 #include <linux/user_events.h>
 #include <linux/uaccess.h>
+#include <linux/ick.h>
 
 #include <uapi/linux/wait.h>
 
@@ -881,6 +882,10 @@ void __noreturn do_exit(long code)
 
 	WARN_ON(irqs_disabled());
 
+#ifdef CONFIG_ICK
+	ick_cleanup(tsk);
+#endif
+
 	synchronize_group_exit(tsk, code);
 
 	WARN_ON(tsk->plug);

kernel/fork.c

@@ -1195,6 +1195,10 @@ static struct task_struct *dup_task_struct(struct task_struct *orig, int node)
 	tsk->mm_cid_active = 0;
 	tsk->migrate_from_cpu = -1;
 #endif
+
+	// ick doesn't support multiple tasks, and should prevent fork calls
+	BUG_ON(tsk->ick_data);
+
 	return tsk;
 
 free_stack: