Re: [PATCH v7 1/2] kprobes: Implement trampoline memory allocator for tracing
Le 26/03/2024 à 14:46, Jarkko Sakkinen a écrit :
> Tracing with kprobes while running a monolithic kernel is currently
> impossible because CONFIG_KPROBES depends on CONFIG_MODULES.
>
> Introduce alloc_execmem() and free_execmem() for allocating executable
> memory. If an arch implements these functions, it can mark this up with
> the HAVE_ALLOC_EXECMEM kconfig flag.
>
> The second new kconfig flag is ALLOC_EXECMEM, which can be selected if
> either MODULES is selected or HAVE_ALLOC_EXECMEM is support by the arch. If
> HAVE_ALLOC_EXECMEM is not supported by an arch, module_alloc() and
> module_memfree() are used as a fallback, thus retaining backwards
> compatibility to earlier kernel versions.
>
> This will allow architecture to enable kprobes traces without requiring
> to enable module.
>
> The support can be implemented with four easy steps:
>
> 1. Implement alloc_execmem().
> 2. Implement free_execmem().
> 3. Edit arch//Makefile.
> 4. Set HAVE_ALLOC_EXECMEM in arch//Kconfig.
>
> Link:
> https://lore.kernel.org/all/20240325115632.04e37297491cadfbbf382...@kernel.org/
> Suggested-by: Masami Hiramatsu
> Signed-off-by: Jarkko Sakkinen
> ---
> v7:
> - Use "depends on" for ALLOC_EXECMEM instead of "select"
> - Reduced and narrowed CONFIG_MODULES checks further in kprobes.c.
> v6:
> - Use null pointer for notifiers and register the module notifier only if
>IS_ENABLED(CONFIG_MODULES) is set.
> - Fixed typo in the commit message and wrote more verbose description
>of the feature.
> v5:
> - alloc_execmem() was missing GFP_KERNEL parameter. The patch set did
>compile because 2/2 had the fixup (leaked there when rebasing the
>patch set).
> v4:
> - Squashed a couple of unrequired CONFIG_MODULES checks.
> - See https://lore.kernel.org/all/d034m18d63ec.2y11d954ys...@kernel.org/
> v3:
> - A new patch added.
> - For IS_DEFINED() I need advice as I could not really find that many
>locations where it would be applicable.
> ---
> arch/Kconfig| 17 +++-
> include/linux/execmem.h | 13 +
> kernel/kprobes.c| 53 ++---
> kernel/trace/trace_kprobe.c | 15 +--
> 4 files changed, 73 insertions(+), 25 deletions(-)
> create mode 100644 include/linux/execmem.h
>
> diff --git a/arch/Kconfig b/arch/Kconfig
> index a5af0edd3eb8..5e9735f60f3c 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -52,8 +52,8 @@ config GENERIC_ENTRY
>
> config KPROBES
> bool "Kprobes"
> - depends on MODULES
> depends on HAVE_KPROBES
> + depends on ALLOC_EXECMEM
> select KALLSYMS
> select TASKS_RCU if PREEMPTION
> help
> @@ -215,6 +215,21 @@ config HAVE_OPTPROBES
> config HAVE_KPROBES_ON_FTRACE
> bool
>
> +config HAVE_ALLOC_EXECMEM
> + bool
> + help
> + Architectures that select this option are capable of allocating
> trampoline
> + executable memory for tracing subsystems, indepedently of the kernel
> module
> + subsystem.
> +
> +config ALLOC_EXECMEM
> + bool "Executable (trampoline) memory allocation"
Why make it user selectable ? Previously I was able to select KPROBES as
soon as MODULES was selected. Now I will have to first select
ALLOC_EXECMEM in addition ? What is the added value of allowing the user
to disable it ?
> + default y
> + depends on MODULES || HAVE_ALLOC_EXECMEM
> + help
> + Select this for executable (trampoline) memory. Can be enabled when
> either
> + module allocator or arch-specific allocator is available.
> +
> config ARCH_CORRECT_STACKTRACE_ON_KRETPROBE
> bool
> help
> diff --git a/include/linux/execmem.h b/include/linux/execmem.h
> new file mode 100644
> index ..ae2ff151523a
> --- /dev/null
> +++ b/include/linux/execmem.h
> @@ -0,0 +1,13 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +#ifndef _LINUX_EXECMEM_H
> +#define _LINUX_EXECMEM_H
> +
It should include moduleloader.h otherwise the user of alloc_execmem()
must include both this header and moduleloader.h to use alloc_execmem()
> +#ifdef CONFIG_HAVE_ALLOC_EXECMEM
> +void *alloc_execmem(unsigned long size, gfp_t gfp);
> +void free_execmem(void *region);
> +#else
> +#define alloc_execmem(size, gfp) module_alloc(size)
Then gfp is silently ignored in the case. Is that expected ?
> +#define free_execmem(region) module_memfree(region)
> +#endif
> +
> +#endif /* _LINUX_EXECMEM_H */
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index 9d9095e81792..13bef5de315c 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -44,6 +44,7 @@
> #include
> #include
> #include
> +#include
>
> #define KPROBE_HASH_BITS 6
> #define KPROBE_TABLE_SIZE (1 << KPROBE_HASH_BITS)
> @@ -113,17 +114,17 @@ enum kprobe_slot_state {
> void __weak *alloc_insn_page(void)
> {
> /*
> - * Use module_alloc() so this page is within +/- 2GB of where the
> + * Use alloc_execmem() so this page
[PATCH v7 1/2] kprobes: Implement trampoline memory allocator for tracing
Tracing with kprobes while running a monolithic kernel is currently
impossible because CONFIG_KPROBES depends on CONFIG_MODULES.
Introduce alloc_execmem() and free_execmem() for allocating executable
memory. If an arch implements these functions, it can mark this up with
the HAVE_ALLOC_EXECMEM kconfig flag.
The second new kconfig flag is ALLOC_EXECMEM, which can be selected if
either MODULES is selected or HAVE_ALLOC_EXECMEM is support by the arch. If
HAVE_ALLOC_EXECMEM is not supported by an arch, module_alloc() and
module_memfree() are used as a fallback, thus retaining backwards
compatibility to earlier kernel versions.
This will allow architecture to enable kprobes traces without requiring
to enable module.
The support can be implemented with four easy steps:
1. Implement alloc_execmem().
2. Implement free_execmem().
3. Edit arch//Makefile.
4. Set HAVE_ALLOC_EXECMEM in arch//Kconfig.
Link:
https://lore.kernel.org/all/20240325115632.04e37297491cadfbbf382...@kernel.org/
Suggested-by: Masami Hiramatsu
Signed-off-by: Jarkko Sakkinen
---
v7:
- Use "depends on" for ALLOC_EXECMEM instead of "select"
- Reduced and narrowed CONFIG_MODULES checks further in kprobes.c.
v6:
- Use null pointer for notifiers and register the module notifier only if
IS_ENABLED(CONFIG_MODULES) is set.
- Fixed typo in the commit message and wrote more verbose description
of the feature.
v5:
- alloc_execmem() was missing GFP_KERNEL parameter. The patch set did
compile because 2/2 had the fixup (leaked there when rebasing the
patch set).
v4:
- Squashed a couple of unrequired CONFIG_MODULES checks.
- See https://lore.kernel.org/all/d034m18d63ec.2y11d954ys...@kernel.org/
v3:
- A new patch added.
- For IS_DEFINED() I need advice as I could not really find that many
locations where it would be applicable.
---
arch/Kconfig| 17 +++-
include/linux/execmem.h | 13 +
kernel/kprobes.c| 53 ++---
kernel/trace/trace_kprobe.c | 15 +--
4 files changed, 73 insertions(+), 25 deletions(-)
create mode 100644 include/linux/execmem.h
diff --git a/arch/Kconfig b/arch/Kconfig
index a5af0edd3eb8..5e9735f60f3c 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -52,8 +52,8 @@ config GENERIC_ENTRY
config KPROBES
bool "Kprobes"
- depends on MODULES
depends on HAVE_KPROBES
+ depends on ALLOC_EXECMEM
select KALLSYMS
select TASKS_RCU if PREEMPTION
help
@@ -215,6 +215,21 @@ config HAVE_OPTPROBES
config HAVE_KPROBES_ON_FTRACE
bool
+config HAVE_ALLOC_EXECMEM
+ bool
+ help
+ Architectures that select this option are capable of allocating
trampoline
+ executable memory for tracing subsystems, indepedently of the kernel
module
+ subsystem.
+
+config ALLOC_EXECMEM
+ bool "Executable (trampoline) memory allocation"
+ default y
+ depends on MODULES || HAVE_ALLOC_EXECMEM
+ help
+ Select this for executable (trampoline) memory. Can be enabled when
either
+ module allocator or arch-specific allocator is available.
+
config ARCH_CORRECT_STACKTRACE_ON_KRETPROBE
bool
help
diff --git a/include/linux/execmem.h b/include/linux/execmem.h
new file mode 100644
index ..ae2ff151523a
--- /dev/null
+++ b/include/linux/execmem.h
@@ -0,0 +1,13 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _LINUX_EXECMEM_H
+#define _LINUX_EXECMEM_H
+
+#ifdef CONFIG_HAVE_ALLOC_EXECMEM
+void *alloc_execmem(unsigned long size, gfp_t gfp);
+void free_execmem(void *region);
+#else
+#define alloc_execmem(size, gfp) module_alloc(size)
+#define free_execmem(region) module_memfree(region)
+#endif
+
+#endif /* _LINUX_EXECMEM_H */
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 9d9095e81792..13bef5de315c 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -44,6 +44,7 @@
#include
#include
#include
+#include
#define KPROBE_HASH_BITS 6
#define KPROBE_TABLE_SIZE (1 << KPROBE_HASH_BITS)
@@ -113,17 +114,17 @@ enum kprobe_slot_state {
void __weak *alloc_insn_page(void)
{
/*
-* Use module_alloc() so this page is within +/- 2GB of where the
+* Use alloc_execmem() so this page is within +/- 2GB of where the
* kernel image and loaded module images reside. This is required
* for most of the architectures.
* (e.g. x86-64 needs this to handle the %rip-relative fixups.)
*/
- return module_alloc(PAGE_SIZE);
+ return alloc_execmem(PAGE_SIZE, GFP_KERNEL);
}
static void free_insn_page(void *page)
{
- module_memfree(page);
+ free_execmem(page);
}
struct kprobe_insn_cache kprobe_insn_slots = {
@@ -1592,6 +1593,7 @@ static int check_kprobe_address_safe(struct kprobe *p,
goto out;
}
+#ifdef CONFIG_MODULES
/*
* If the module freed '.init.text', we couldn't i
