Re: [PATCH 3/3] kprobes/x86: Simplify indirect-jump check in retpoline

Wed, 31 Oct 2018 07:00:54 -0700 

On Wed, Oct 31, 2018 at 02:53:20PM +0100, Peter Zijlstra wrote:
> On Wed, Oct 31, 2018 at 02:01:20PM +0800, Zhenzhong Duan wrote:
> > On 2018/10/30 16:36, Peter Zijlstra wrote:
> > > On Mon, Oct 29, 2018 at 11:55:06PM -0700, Zhenzhong Duan wrote:
> > > > Since CONFIG_RETPOLINE hard depends on compiler support now, so
> > > > replacing indirect-jump check with the range check is safe in that case.
> > > 
> > > Can we put kprobes on module init text before we run alternatives on it?
> > 
> > Forgive me I doesn't understand your question. Do you mean this patch impact
> > kprobes on module init text?
> 
> In that case we would still see the indirect paravirt calls for example,
> and we'd still need that cascade you took out.
> 
> Now, I'm not at all sure we're able to use kprobes at those times, so it
> might be a non-issue.

Hmm, what about the case where we have RETPOLINE runtime disabled? Then
the CALL_NOSPEC alternative patches in an indirect call again, and the
retpolines are gone.

Does that not need the __insn_is_indirect_jump() thing?

> > > > @@ -240,20 +242,16 @@ static int insn_jump_into_range(struct insn 
> > > > *insn, unsigned long start, int len)
> > > >   static int insn_is_indirect_jump(struct insn *insn)
> > > >   {
> > > > -       int ret = __insn_is_indirect_jump(insn);
> > > > +       int ret;
> > > >   #ifdef CONFIG_RETPOLINE
> > > > -       /*
> > > > -        * Jump to x86_indirect_thunk_* is treated as an indirect jump.
> > > > -        * Note that even with CONFIG_RETPOLINE=y, the kernel compiled 
> > > > with
> > > > -        * older gcc may use indirect jump. So we add this check 
> > > > instead of
> > > > -        * replace indirect-jump check.
> > > > -        */
> > > > -       if (!ret)
> > > > +       /* Jump to x86_indirect_thunk_* is treated as an indirect jump. 
> > > > */
> > > >                 ret = insn_jump_into_range(insn,
> > > >                                 (unsigned long)__indirect_thunk_start,
> > > >                                 (unsigned long)__indirect_thunk_end -
> > > >                                 (unsigned long)__indirect_thunk_start);
> > > > +#else
> > > > +               ret = __insn_is_indirect_jump(insn);
> > > >   #endif
> > > >         return ret;
> > > >   }
> > > 
> > > The resulting code is indented wrong.
> > > 
> > 
> > Oh, yes. Thanks for point out.
> > 
> > Zhenzhong

Reply via email to