Re: [PATCH v4 2/2] arm64: kprobe: Enable OPTPROBE for arm64

From: liuqi (BA)
Date: Tue Nov 30 2021 - 01:48:15 EST

Next message: Hannes Reinecke: "Re: [PATCH v2 3/3] blk-crypto: show crypto capabilities in sysfs"
Previous message: Feng Tang: "Re: [PATCH v3 2/2] x86/tsc: skip tsc watchdog checking for qualified platforms"
In reply to: Masami Hiramatsu: "Re: [PATCH v4 2/2] arm64: kprobe: Enable OPTPROBE for arm64"
Next in thread: Masami Hiramatsu: "Re: [PATCH v4 2/2] arm64: kprobe: Enable OPTPROBE for arm64"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2021/11/29 22:35, Masami Hiramatsu wrote:

Hi all,

I meet a problem when I use SYM_CODE_START(optprobe_template) to replace
optprobe_template_entry.

If SYM_CODE_START is used, all optprobe will share one trampoline space.
Under this circumstances, if user register two optprobes, trampoline
will be overwritten by the newer one, and this will cause kernel panic
when the old optprobe is trigger.

Hm, this is curious, because the template should be copied to the
trampoline buffer for each optprobe and be modified.

Using optprobe_template_entry will not have this problem, as each
optprobe has its own trampoline space (alloced in get_opinsn_slot()).

Yes, it is designed to do so.

Thank you,

Hi Masami,

Thanks for your reply. But I also met a problem when using
get_opinsn_slot() to alloc trampoline buffer.

As module_alloc(like x86) is used to alloc buffer, trampoline is in
module space, so if origin insn is in kernel space, the range between
origin insn and trampoline is out of 128M.

As module PLT cannot used here, I have no idea to achieve long jump in
this situation. Do you have any good idea?

Hi Masami,

Thanks so much for your reply.

One possible solution is to use pre-allocated trampoline space in
the text area, as same as ppc64 does.
(See arch/powerpc/kernel/optprobes_head.S, it embeds a space at "optinsn_slot")

I find something interesting in arch/powerpc/kernel/optprobes.c, it use
"optinsn_slot" as a public buffer, and use a static "insn_page_in_use"
to make sure there is only one optprobe in kernel.

If we use this solution , users could only register one optprobe each
time. This will also be a limitation for users, what's your opinion
about this?

No, that is just a memory area for pooling trampoline buffer. So optprobe
can allocate the buffer from that area. Please see kernel/kprobes.c:344.
optprobe allocates "insn_slot" from kprobe_optinsn_slots, which uses
alloc_optinsn_page() to allocate the pool of slots.

Thank you,

Hi,

Thanks for your reply, I test alloc_optinsn_page() and it does work well to alloc the pool of slots.

But when I tried to use module PLT, something seems wrong here.
Arm64 Module PLT in mod->arch.ftrace_trampolines is set in module_finalize, after that, mod->arch.ftrace_trampolines seems to be a read-only memory. But in arch_optimize_kprobes() we need to modify the destination of PLT (as each optprobe has its own trampoline buffer), if so, we cannot get rid of the 128M branch limit :(

Thanks,
Qi

Next message: Hannes Reinecke: "Re: [PATCH v2 3/3] blk-crypto: show crypto capabilities in sysfs"
Previous message: Feng Tang: "Re: [PATCH v3 2/2] x86/tsc: skip tsc watchdog checking for qualified platforms"
In reply to: Masami Hiramatsu: "Re: [PATCH v4 2/2] arm64: kprobe: Enable OPTPROBE for arm64"
Next in thread: Masami Hiramatsu: "Re: [PATCH v4 2/2] arm64: kprobe: Enable OPTPROBE for arm64"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]