Re: [PATCH -tip 3/5] kprobes: treewide: Remove trampoline_address from kretprobe_trampoline_handler()
Hi Miroslav,
On Thu, 11 Mar 2021 00:42:25 +0900
Masami Hiramatsu wrote:
> > > + */
> > > +static nokprobe_inline void *kretprobe_trampoline_addr(void)
> > > +{
> > > + return dereference_function_descriptor(kretprobe_trampoline);
> > > +}
> > > +
> >
> > Would it make sense to use this in s390 and powerpc reliable unwinders?
> >
> > Both
> >
> > arch/s390/kernel/stacktrace.c:arch_stack_walk_reliable()
> > arch/powerpc/kernel/stacktrace.c:__save_stack_trace_tsk_reliable()
> >
> > have
> >
> > if (state.ip == (unsigned long)kretprobe_trampoline)
> > return -EINVAL;
> >
> > which you wanted to hide previously if I am not mistaken.
>
> I think, if "ip" means "instruction pointer", it should point
> the real instruction address, which is dereferenced from function
> descriptor. So using kretprobe_trampoline_addr() is good.
Ah, sorry I misunderstood the question.
Yes, the per-arch stacktrace implementation must be fixed afterwards.
It is reliable or not depends on the actual unwinder implementation,
for example, on x86, frame-pointer based unwinder can unwind kretprobe,
but ORC based one doesn't (and discussing with Josh how to solve it)
Anyway since it strongly depends on the architecture, I would like to
leave those for each architecture stacktrace maitainer in this series.
Thank you,
--
Masami Hiramatsu
Re: [PATCH -tip 3/5] kprobes: treewide: Remove trampoline_address from kretprobe_trampoline_handler()
On Wed, 10 Mar 2021 15:21:01 +0100 (CET)
Miroslav Benes wrote:
> Hi Masami,
>
> > --- a/include/linux/kprobes.h
> > +++ b/include/linux/kprobes.h
> > @@ -205,15 +205,23 @@ extern void arch_prepare_kretprobe(struct
> > kretprobe_instance *ri,
> >struct pt_regs *regs);
> > extern int arch_trampoline_kprobe(struct kprobe *p);
> >
> > +void kretprobe_trampoline(void);
> > +/*
> > + * Since some architecture uses structured function pointer,
> > + * use arch_deref_entry_point() to get real function address.
>
> s/arch_deref_entry_point/dereference_function_descriptor/ ?
Ah, I missed it. Thanks!
>
> > + */
> > +static nokprobe_inline void *kretprobe_trampoline_addr(void)
> > +{
> > + return dereference_function_descriptor(kretprobe_trampoline);
> > +}
> > +
>
> Would it make sense to use this in s390 and powerpc reliable unwinders?
>
> Both
>
> arch/s390/kernel/stacktrace.c:arch_stack_walk_reliable()
> arch/powerpc/kernel/stacktrace.c:__save_stack_trace_tsk_reliable()
>
> have
>
> if (state.ip == (unsigned long)kretprobe_trampoline)
> return -EINVAL;
>
> which you wanted to hide previously if I am not mistaken.
I think, if "ip" means "instruction pointer", it should point
the real instruction address, which is dereferenced from function
descriptor. So using kretprobe_trampoline_addr() is good.
But of course, it depends on the architecture. I'm not familiar
with the powerpc and s390, I need those maintainer's help...
Thank you,
--
Masami Hiramatsu
Re: [PATCH -tip 3/5] kprobes: treewide: Remove trampoline_address from kretprobe_trampoline_handler()
Hi Masami,
> --- a/include/linux/kprobes.h
> +++ b/include/linux/kprobes.h
> @@ -205,15 +205,23 @@ extern void arch_prepare_kretprobe(struct
> kretprobe_instance *ri,
> struct pt_regs *regs);
> extern int arch_trampoline_kprobe(struct kprobe *p);
>
> +void kretprobe_trampoline(void);
> +/*
> + * Since some architecture uses structured function pointer,
> + * use arch_deref_entry_point() to get real function address.
s/arch_deref_entry_point/dereference_function_descriptor/ ?
> + */
> +static nokprobe_inline void *kretprobe_trampoline_addr(void)
> +{
> + return dereference_function_descriptor(kretprobe_trampoline);
> +}
> +
Would it make sense to use this in s390 and powerpc reliable unwinders?
Both
arch/s390/kernel/stacktrace.c:arch_stack_walk_reliable()
arch/powerpc/kernel/stacktrace.c:__save_stack_trace_tsk_reliable()
have
if (state.ip == (unsigned long)kretprobe_trampoline)
return -EINVAL;
which you wanted to hide previously if I am not mistaken.
Miroslav
