Re: [PATCH v4 4/9] fprobe: rethook: Use ftrace_regs in fprobe exit handler and rethook
From: Google
Date: Mon Sep 11 2023 - 17:11:28 EST
On Mon, 11 Sep 2023 09:55:09 +0200
Sven Schnelle <svens@xxxxxxxxxxxxx> wrote:
> Masami Hiramatsu (Google) <mhiramat@xxxxxxxxxx> writes:
>
> >> > IOW, it is ftrace save regs/restore regs code issue. I need to check how the
> >> > function_graph implements it.
> >>
> >> gpr2-gpr14 are always saved in ftrace_caller/ftrace_regs_caller(),
> >> regardless of the FTRACE_WITH_REGS flags. The only difference is that
> >> without the FTRACE_WITH_REGS flag the program status word (psw) is not
> >> saved because collecting that is a rather expensive operation.
> >
> > Thanks for checking that! So s390 will recover those saved registers
> > even if FTRACE_WITH_REGS flag is not set? (I wonder what is the requirement
> > of the ftrace_regs when returning from ftrace_call() without
> > FTRACE_WITH_REGS?)
>
> Yes, it will recover these in all cases.
Thanks for the confirmation!
>
> >>
> >> I used the following commands to test rethook (is that the correct
> >> testcase?)
> >>
> >> #!/bin/bash
> >> cd /sys/kernel/tracing
> >>
> >> echo 'r:icmp_rcv icmp_rcv' >kprobe_events
> >> echo 1 >events/kprobes/icmp_rcv/enable
> >> ping -c 1 127.0.0.1
> >> cat trace
> >
> > No, the kprobe will path pt_regs to rethook.
> > Cna you run
> >
> > echo "f:icmp_rcv%return icmp_rcv" >> dynamic_events
>
> Ah, ok. Seems to work as well:
>
> ping-481 [001] ..s2. 53.918480: icmp_rcv: (ip_protocol_deliver_rcu+0x42/0x218 <- icmp_rcv)
> ping-481 [001] ..s2. 53.918491: icmp_rcv: (ip_protocol_deliver_rcu+0x42/0x218 <- icmp_rcv)
Nice!
OK, then s390 is safe to use ftrace_regs :)
Thanks!
--
Masami Hiramatsu (Google) <mhiramat@xxxxxxxxxx>