Re: [PATCH 1/2] kprobes/x86: Use 5-byte NOP when the code might be modified by ftrace

[Petr Mladek]

On Fri 2015-02-20 13:52:23, Ingo Molnar wrote:
> 
> * Masami Hiramatsu <masami.hiramatsu.pt@xxxxxxxxxxx> wrote:
> 
> > (2015/02/20 19:26), Ingo Molnar wrote:
> > > 
> > > * Petr Mladek <pmladek@xxxxxxx> wrote:
> > > 
> > >> can_probe() checks if the given address points to the 
> > >> beginning of an instruction. It analyzes all the 
> > >> instructions from the beginning of the function until the 
> > >> given address. The code might be modified by another 
> > >> Kprobe. In this case, the current code is read into a 
> > >> buffer, int3 breakpoint is replaced by the saved opcode 
> > >> in the buffer, and can_probe() analyzes the buffer 
> > >> instead.
> > >>
> > >> [...]
> > > 
> > > Had to drop this patch due to build failures on 32-bit x86:
> > > 
> > > arch/x86/kernel/kprobes/core.c:258:40: error: âMCOUNT_INSN_SIZEâ undeclared (first use in this function)
> > 
> > Oops, MCOUNT_INSN_SIZE actually depends on 
> > CONFIG_FUNCTION_TRACER... I think we can use 5 instead of 
> > that since we are copying.

I'll use 5 for now.

> Or just make the define more widely available? It's not 
> like the size changes from disabling the function tracer.

I would do this in a separate patch that would consolidate all
NOP_ATOMIC5 users: ftrace, jump_labels, and kprobe. The number
5 is hardcoded more times in arch/x86/kernel/kprobes/core.c.
I'll put it into my TODO list.

Best Regards,
Petr
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/