Re: [PATCH v2 15/39] x86/ibt,kprobes: Fix more +0 assumptions
From: Naveen N. Rao
Date: Tue Mar 01 2022 - 12:04:37 EST
Hi Peter,
Peter Zijlstra wrote:
On Mon, Feb 28, 2022 at 03:07:05PM +0900, Masami Hiramatsu wrote:
Hi Peter,
So, instead of this change, can you try below?
This introduce the arch_adjust_kprobe_addr() and use it in the kprobe_addr()
so that it can handle the case that user passed the probe address in
_text+OFFSET format.
It works a little... at the very least it still needs
arch_kprobe_on_func_entry() allowing offset 4.
But looking at this, we've got:
kprobe_on_func_entry(addr, sym, offset)
_kprobe_addr(addr, sym, offset)
if (sym)
addr = kprobe_lookup_name()
= kallsyms_lookup_name()
arch_adjust_kprobe_addr(addr+offset)
skip_endbr()
kallsyms_loopup_size_offset(addr, ...)
kallsyms_lookup_size_offset(addr, NULL, &offset)
arch_kprobe_on_func_entry(offset)
Which is _3_ kallsyms lookups and 3 weak/arch hooks.
Surely we can make this a little more streamlined? The below seems to
work.
I think with a little care and testing it should be possible to fold all
the magic of PowerPC's kprobe_lookup_name() into this one hook as well,
meaning we can get rid of kprobe_lookup_name() entirely. Naveen?
This is timely. I've been looking at addressing a similar set of issues
on powerpc:
http://lkml.kernel.org/r/cover.1645096227.git.naveen.n.rao@xxxxxxxxxxxxxxxxxx
This then gets us down to a 1 kallsyms call and 1 arch hook. Hmm?
I was going to propose making _kprobe_addr() into a weak function in
place of kprobe_lookup_name() in response to Masami in the other thread,
but this is looking better.
---
arch/powerpc/kernel/kprobes.c | 34 +++++++++++++++---------
arch/x86/kernel/kprobes/core.c | 17 ++++++++++++
include/linux/kprobes.h | 3 +-
kernel/kprobes.c | 56 ++++++++++++++++++++++++++++++++++-------
4 files changed, 87 insertions(+), 23 deletions(-)
I will take a closer look at this tomorrow and revert.
Thanks,
- Naveen