Re: [RFC][PATCH 1/2] x86: Allow breakpoints to emulate call functions

From: Peter Zijlstra
Date: Tue May 07 2019 - 08:43:05 EST

Next message: Jon Hunter: "Re: [PATCH 4.9 00/62] 4.9.174-stable review"
Previous message: Pavel Machek: "stm class: Prevent user-controllable allocations"
In reply to: Steven Rostedt: "Re: [RFC][PATCH 1/2] x86: Allow breakpoints to emulate call functions"
Next in thread: Steven Rostedt: "Re: [RFC][PATCH 1/2] x86: Allow breakpoints to emulate call functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 07, 2019 at 08:27:16AM -0400, Steven Rostedt wrote:
> On Tue, 7 May 2019 11:27:31 +0200
> Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
> > FWIW, both these trampolines assume a kprobe will not
> > int3_emulate_{push/call}(), for both bitnesses.
> >
> > But then; I'm thinking kprobes should be inspection only and not modify
> > things. So that might just be good enough.
>
> I believe there are kprobe calls that do modify things. Note, they can
> modify regs->ip.

The kprobe pre_handler as used by kretprobes does, and that is indeed
handled by the trampolines.

> Kprobes sets the FTRACE_OPS_FL_IPMODIFY flag, thus
> they can never be put at the same location that is being live patched.

OK, so do we want to allow kprobes that also modify regs->sp ? Because
then we need to change these trampolines a bit.

I'd prefer not to allow kprobes this.

Next message: Jon Hunter: "Re: [PATCH 4.9 00/62] 4.9.174-stable review"
Previous message: Pavel Machek: "stm class: Prevent user-controllable allocations"
In reply to: Steven Rostedt: "Re: [RFC][PATCH 1/2] x86: Allow breakpoints to emulate call functions"
Next in thread: Steven Rostedt: "Re: [RFC][PATCH 1/2] x86: Allow breakpoints to emulate call functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]