Re: [tip:x86/urgent] x86/mm/kmmio: Fix mmiotrace for page unaligned addresses

From: Karol Herbst
Date: Tue Dec 12 2017 - 09:32:50 EST

Next message: David Laight: "RE: [PATCH v4 0/3] Fix find_first_zero_bit() usage"
Previous message: Will Deacon: "Re: [PATCH] x86/pti: Add pti= cmdline option and documentation"
In reply to: Steven Rostedt: "Re: [tip:x86/urgent] x86/mm/kmmio: Fix mmiotrace for page unaligned addresses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Peter,

the basic idea is to detect if a driver accesses a memory region
mapped through ioremap. This is super usefull for reverse engineering
closed source drivers like the Nvidia GPU driver.

So here is what it does:
1. on ioremap the entire memory region mapped is registered in the
mmiotracer and marked as not presen, which basically leads to page
faults on acces
2. mmiotrace is the registered page fault handler for those pages and
while handling the page (which basically means marking them as presen,
because they were never missing in the first place) it parses the
current instruction to detect if it was a read or write and writes
relevant information into a file. This includes address accessed,
value read/written, type of instruction
3. after single stepping, the page is marked as not present again
4. on unmap time, mmiotrace unregisteres those regions and marks them as present

this is more or less the basic idea.

And to answer your question how it is not completely broken: I don't
know. It works for us (more or less, we can't parse repeat
instructions as one example what does not work) and if we come across
issues we try to fix them on the way.

Anyway, this is a super useful tool to record and debug what a driver
is doing with hardware and helps tracking down a lot of this,
especially for Nouveau.

I hope that helps.

On Tue, Dec 12, 2017 at 3:04 PM, Ingo Molnar <mingo@xxxxxxxxxx> wrote:
>
> * Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
>> On Tue, Dec 12, 2017 at 02:55:30AM -0800, tip-bot for Karol Herbst wrote:
>> > Commit-ID: 6d60ce384d1d5ca32b595244db4077a419acc687
>> > Gitweb: https://git.kernel.org/tip/6d60ce384d1d5ca32b595244db4077a419acc687
>> > Author: Karol Herbst <kherbst@xxxxxxxxxx>
>> > AuthorDate: Mon, 27 Nov 2017 08:51:39 +0100
>> > Committer: Ingo Molnar <mingo@xxxxxxxxxx>
>> > CommitDate: Mon, 11 Dec 2017 15:35:18 +0100
>> >
>> > x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
>>
>> OK, let me hijack this thread since apparently people use and care about
>> mmiotrace.
>>
>> I was recently auditing the x86 tlb flushing and ran across this
>> 'thing'. Can someone please explain to me how this is supposed to work
>> and how its not completely broken?
>
> (I have Cc:-ed other gents as well.)
>
> Thanks,
>
> Ingo

Next message: David Laight: "RE: [PATCH v4 0/3] Fix find_first_zero_bit() usage"
Previous message: Will Deacon: "Re: [PATCH] x86/pti: Add pti= cmdline option and documentation"
In reply to: Steven Rostedt: "Re: [tip:x86/urgent] x86/mm/kmmio: Fix mmiotrace for page unaligned addresses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]