On Mon, Jan 18, 2010 at 02:15:51PM +0100, Peter Zijlstra wrote: > On Mon, 2010-01-18 at 14:37 +0200, Avi Kivity wrote: > > On 01/18/2010 02:14 PM, Peter Zijlstra wrote: > > > > > >> Well, the alternatives are very unappealing. Emulation and > > >> single-stepping are going to be very slow compared to a couple of jumps. > > >> > > > With CPL2 or RPL on user segments the protection issue seems to be > > > manageable for running the instructions from kernel space. > > > > > > > CPL2 gives unrestricted access to the kernel address space; and RPL does > > not affect page level protection. Segment limits don't work on x86-64. > > But perhaps I missed something - these things are tricky. > > So setting RPL to 3 on the user segments allows access to kernel pages > just fine? How useful.. :/ > > > It should be possible to translate the instruction into an address space > > check, followed by the action, but that's still slower due to privilege > > level switches. > > Well, if you manage to do the address validation you don't need the priv > level switch anymore, right? > > Are the ins encodings sane enough to recognize mem parameters without > needing to know the actual ins? > > How about using a hw-breakpoint to close the gap for the inline single > step? You could even re-insert the int3 lazily when you need the > hw-breakpoint again. It would consume one hw-breakpoint register for > each task/cpu that has probes though.. >
A very scarce resource that it is, well, sometimes all that we might have is just one hw-breakpoint register (like older PPC64 with 1 IABR) in the system. If one process/thread consumes it, then all other contenders (from both kernel and user-space) are prevented from acquiring it. Also to mention the existence of processors with no support for instruction breakpoints. Thanks, K.Prasad