From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 867BFC433DB for ; Tue, 19 Jan 2021 08:05:54 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 32E4E20773 for ; Tue, 19 Jan 2021 08:05:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731526AbhASICR (ORCPT ); Tue, 19 Jan 2021 03:02:17 -0500 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:54889 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731250AbhASH7J (ORCPT ); Tue, 19 Jan 2021 02:59:09 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1611043061; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=8qNmdLSS5lsljSlr43wHmEkle6qxUVtow9wAgfeuvxc=; b=DxzpMxkQ18DYqjMmWfS3x20taPC6xAXaT8Vsa40akUsFlzkH6ipYVMo6Zpza2ok1tGHqz1 bUbkcgPUuZG9Nel71YnSaHWnzMcQ0Wb+MNwzyn+fV7iDhVp1CyljtVYR25dz9VdDpTZDtV kMP6TIY0Tei4MON/i8UAG4pcdJxTMLM= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-41-yAa2RPojNceNOGfYig2k1w-1; Tue, 19 Jan 2021 02:57:39 -0500 X-MC-Unique: yAa2RPojNceNOGfYig2k1w-1 Received: by mail-wr1-f69.google.com with SMTP id j5so9514964wro.12 for ; Mon, 18 Jan 2021 23:57:39 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=8qNmdLSS5lsljSlr43wHmEkle6qxUVtow9wAgfeuvxc=; b=irdK9u/o3zD9+D9OKxi8onx9T1FP/nRFrAGDyBRDgqj/se6dOb3DXfKF7XNKigtiVd FZ+Kvlk0u2hRRs/X/16t//+gT+UsoAbL23EEub5Ls3DZ8+SOyYn9/22CouULwXU/ssf3 Of2zd9D7ATcaHUw03xWeJUTfb4eXPa12CjCCz98pbNulg41I4X0ig4w8tkOUftJzAnXM QMMvySXZiZXyLyJM/lYFg06FIexp1bEwYnmrrt0qT/38f9PNYrg+dIcsjklpELAyxvdw tRQqlJSEh+SSbLXuVjzr5+O/qFdLazwifw6LFyR9/QePbTuaLiM6rRSrCd7/rwOmYV7X mD2A== X-Gm-Message-State: AOAM530pjTDiUptJiOfg/5JYEBQ7JKkmLQtUhSOqRbDcQGczcE2Jh9jB up0/I9czrl2WkgdP+U60ggrM4hs7xpQ8mRSpVD9SMDiX7pMtil0w+Sfnmhj3JuziZTwS8UThsMM wDB2Ibi8YooxK+WfoBlWZRribscBnhyz1jqlNpGRihI585sQlG+D7IjZeNt8RiPToDJ7PBli55p 6b X-Received: by 2002:adf:e541:: with SMTP id z1mr3021328wrm.143.1611043057866; Mon, 18 Jan 2021 23:57:37 -0800 (PST) X-Google-Smtp-Source: ABdhPJyCWTj4etfSQSfrsVGnDa05ynRnIWz5xJxfD+AlFdsC6qTk9zKdjl5YWJPa++3p4njMhamhdA== X-Received: by 2002:adf:e541:: with SMTP id z1mr3021308wrm.143.1611043057690; Mon, 18 Jan 2021 23:57:37 -0800 (PST) Received: from ?IPv6:2a01:cb14:499:3d00:cd47:f651:9d80:157a? ([2a01:cb14:499:3d00:cd47:f651:9d80:157a]) by smtp.gmail.com with ESMTPSA id n6sm3154700wmi.23.2021.01.18.23.57.36 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 18 Jan 2021 23:57:37 -0800 (PST) Subject: Re: Live patching on ARM64 To: "Madhavan T. Venkataraman" , Mark Rutland Cc: linux-arm-kernel@lists.infradead.org, Mark Brown , jpoimboe@redhat.com, live-patching@vger.kernel.org, linux-kernel@vger.kernel.org References: <20210115123347.GB39776@C02TD0UTHF1T.local> From: Julien Thierry Message-ID: <1cd6ab9a-74bc-258e-abf8-fcabba5e3484@redhat.com> Date: Tue, 19 Jan 2021 08:57:36 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Madhavan, On 1/17/21 6:25 PM, Madhavan T. Venkataraman wrote: > > > On 1/15/21 6:33 AM, Mark Rutland wrote: > >>> It looks like the most recent work in this area has been from the >>> following folks: >>> >>> Mark Brown and Mark Rutland: >>> Kernel changes to providing reliable stack traces. >>> >>> Julien Thierry: >>> Providing ARM64 support in objtool. >>> >>> Torsten Duwe: >>> Ftrace with regs. >> >> IIRC that's about right. I'm also trying to make arm64 patch-safe (more >> on that below), and there's a long tail of work there for anyone >> interested. >> > > OK. > >>> I apologize if I have missed anyone else who is working on Live Patching >>> for ARM64. Do let me know. >>> >>> Is there any work I can help with? Any areas that need investigation, any code >>> that needs to be written, any work that needs to be reviewed, any testing that >>> needs to done? You folks are probably super busy and would not mind an extra >>> hand. >> >> One general thing that I believe we'll need to do is to rework code to >> be patch-safe (which implies being noinstr-safe too). For example, we'll >> need to rework the instruction patching code such that this cannot end >> up patching itself (or anything that has instrumented it) in an unsafe >> way. >> > > OK. > >> Once we have objtool it should be possible to identify those cases >> automatically. Currently I'm aware that we'll need to do something in at >> least the following places: >> >> * The entry code -- I'm currently chipping away at this. >> > > OK. > >> * The insn framework (which is used by some patching code), since the >> bulk of it lives in arch/arm64/kernel/insn.c and isn't marked noinstr. >> >> We can probably shift the bulk of the aarch64_insn_gen_*() and >> aarch64_get_*() helpers into a header as __always_inline functions, >> which would allow them to be used in noinstr code. As those are >> typically invoked with a number of constant arguments that the >> compiler can fold, this /might/ work out as an optimization if the >> compiler can elide the error paths. >> >> * The alternatives code, since we call instrumentable and patchable >> functions between updating instructions and performing all the >> necessary maintenance. There are a number of cases within >> __apply_alternatives(), e.g. >> >> - test_bit() >> - cpus_have_cap() >> - pr_info_once() >> - lm_alias() >> - alt_cb, if the callback is not marked as noinstr, or if it calls >> instrumentable code (e.g. from the insn framework). >> - clean_dcache_range_nopatch(), as read_sanitised_ftr_reg() and >> related code can be instrumented. >> >> This might need some underlying rework elsewhere (e.g. in the >> cpufeature code, or atomics framework). >> > > OK. > >> So on the kernel side, maybe a first step would be to try to headerize >> the insn generation code as __always_inline, and see whether that looks >> ok? With that out of the way it'd be a bit easier to rework patching >> code depending on the insn framework. >> > > OK. > > I have an understanding of some of the above already. I will come up to > speed on the others. I will email you any questions I might have. > >> I'm not sure about the objtool side, so I'll leave that to Julien and co >> to answer. >> Sorry for the late reply. The last RFC for arm64 support in objtool is a bit old because it was preferable to split things into smaller series. I touched it much lately, so I'm picking it back up and will try to get a git branch into shape on a recent mainline (a few things need fixing since the last time I rebased it). I'll update you once I have something at least usable/presentable. Cheers, -- Julien Thierry From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2C440C433E0 for ; Tue, 19 Jan 2021 08:00:27 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id BAFD22311C for ; Tue, 19 Jan 2021 08:00:26 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BAFD22311C Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Type: Content-Transfer-Encoding:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:Date:Message-ID:From: References:To:Subject:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=j5jH/RuEYq48Tcx3MB8om0IchGr45LV+heMmhYCp9sU=; b=xkv1Z6/b754AanfSpFD086A7J Talin2ctfw+A/XffEvjtpuT2w6bKgCnioc5r5BkHOooFo8rWGeEok7FZnpsN2OdzPaf3qJg0J5q1R lW5Njdbsst4RGFBkbTnlvN7sgFvCUuiO5keZsAcpv5Q50wZJViAhtmc+M14jD/YIooB0dTg9ndakL cTk4ugkueaG9Tb2C51V/GVao3ka9hbEAHM8yQhsWMUy4Tbg/8WcfQHfmFgeu41HqQV0wrOwQaO6PQ fiSHBOya+qfj4zJHJkgrtpZtHDf4ZyJAIHdLnRDnskb1w/FfnOXF/IhfONmFdyoDOYwOGkdsROF15 acdlg3OcQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1l1luq-000834-IN; Tue, 19 Jan 2021 07:59:04 +0000 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1l1luo-00082i-Av for linux-arm-kernel@lists.infradead.org; Tue, 19 Jan 2021 07:59:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1611043141; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=8qNmdLSS5lsljSlr43wHmEkle6qxUVtow9wAgfeuvxc=; b=ELsKiRJpVHRoV5MKj0qn0NHWhKwZMmGdrqZslzPH/BU7hLmBKiolqWfPdfVBLM6G99OYoX bRYHeUt9+SyR1DWNHvnBAbaOLMgtY3UBdcqv8vs9gQNGTgNOPvAZ035R0wsB0dKU7fdbq5 K3qbWgWmb0rY/peHXlB3yO1RyyDUKvc= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-334-GY56AL9NPPeeCefccEkRog-1; Tue, 19 Jan 2021 02:57:39 -0500 X-MC-Unique: GY56AL9NPPeeCefccEkRog-1 Received: by mail-wr1-f70.google.com with SMTP id i4so9535061wrm.21 for ; Mon, 18 Jan 2021 23:57:38 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=8qNmdLSS5lsljSlr43wHmEkle6qxUVtow9wAgfeuvxc=; b=ttMvRbANsL4w3vJyXgfo1K0wPAPtmurTTiZv2CdquqBb3OcrdTWpb71Q/HRPmRfA7w 5jGjSn3PDnySDRkVNoNFjLKqwUpZ6nSI3UAZmk5+9nz6lDvAY930DR3b2IW8f02lP5fB U5m8uOY4On6v60OfiXBv0KJPrPeIJ/Rn4xJ25ouzGbsw6GcnrARPwAGS/SUpLYYSFINT ErWPDPP4buSdFzBdOBMu3b/N8af13+LT/iASCikbhQZyBwWvqK2aC1HGse4waKLAZbyZ +iR0JnVp7ruIi0vYVdHUkF9u3GlW+TUJOQbTT2SBRTn8P994Wun2SLetZjFg2JSkMY/E +9kg== X-Gm-Message-State: AOAM531/6s3pwV5HOIZ0v8v1oOI6JJ1nK1HY3JkwtZEvfMhzZhnPooJG 9hJ3tkiH5c5mfyjtsNvi03gwmdWgjAJeTtTCWTFhAeQbqvJC2Hze5UXo9RLqH9qOjtyvT5jiXG3 aGnuKnStYh4ycGFunUW4w4fu4TaQlJYnOAJg= X-Received: by 2002:adf:e541:: with SMTP id z1mr3021324wrm.143.1611043057841; Mon, 18 Jan 2021 23:57:37 -0800 (PST) X-Google-Smtp-Source: ABdhPJyCWTj4etfSQSfrsVGnDa05ynRnIWz5xJxfD+AlFdsC6qTk9zKdjl5YWJPa++3p4njMhamhdA== X-Received: by 2002:adf:e541:: with SMTP id z1mr3021308wrm.143.1611043057690; Mon, 18 Jan 2021 23:57:37 -0800 (PST) Received: from ?IPv6:2a01:cb14:499:3d00:cd47:f651:9d80:157a? ([2a01:cb14:499:3d00:cd47:f651:9d80:157a]) by smtp.gmail.com with ESMTPSA id n6sm3154700wmi.23.2021.01.18.23.57.36 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 18 Jan 2021 23:57:37 -0800 (PST) Subject: Re: Live patching on ARM64 To: "Madhavan T. Venkataraman" , Mark Rutland References: <20210115123347.GB39776@C02TD0UTHF1T.local> From: Julien Thierry Message-ID: <1cd6ab9a-74bc-258e-abf8-fcabba5e3484@redhat.com> Date: Tue, 19 Jan 2021 08:57:36 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=jthierry@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210119_025902_405609_2BA66AD8 X-CRM114-Status: GOOD ( 30.02 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: live-patching@vger.kernel.org, Mark Brown , linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, jpoimboe@redhat.com Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hi Madhavan, On 1/17/21 6:25 PM, Madhavan T. Venkataraman wrote: > > > On 1/15/21 6:33 AM, Mark Rutland wrote: > >>> It looks like the most recent work in this area has been from the >>> following folks: >>> >>> Mark Brown and Mark Rutland: >>> Kernel changes to providing reliable stack traces. >>> >>> Julien Thierry: >>> Providing ARM64 support in objtool. >>> >>> Torsten Duwe: >>> Ftrace with regs. >> >> IIRC that's about right. I'm also trying to make arm64 patch-safe (more >> on that below), and there's a long tail of work there for anyone >> interested. >> > > OK. > >>> I apologize if I have missed anyone else who is working on Live Patching >>> for ARM64. Do let me know. >>> >>> Is there any work I can help with? Any areas that need investigation, any code >>> that needs to be written, any work that needs to be reviewed, any testing that >>> needs to done? You folks are probably super busy and would not mind an extra >>> hand. >> >> One general thing that I believe we'll need to do is to rework code to >> be patch-safe (which implies being noinstr-safe too). For example, we'll >> need to rework the instruction patching code such that this cannot end >> up patching itself (or anything that has instrumented it) in an unsafe >> way. >> > > OK. > >> Once we have objtool it should be possible to identify those cases >> automatically. Currently I'm aware that we'll need to do something in at >> least the following places: >> >> * The entry code -- I'm currently chipping away at this. >> > > OK. > >> * The insn framework (which is used by some patching code), since the >> bulk of it lives in arch/arm64/kernel/insn.c and isn't marked noinstr. >> >> We can probably shift the bulk of the aarch64_insn_gen_*() and >> aarch64_get_*() helpers into a header as __always_inline functions, >> which would allow them to be used in noinstr code. As those are >> typically invoked with a number of constant arguments that the >> compiler can fold, this /might/ work out as an optimization if the >> compiler can elide the error paths. >> >> * The alternatives code, since we call instrumentable and patchable >> functions between updating instructions and performing all the >> necessary maintenance. There are a number of cases within >> __apply_alternatives(), e.g. >> >> - test_bit() >> - cpus_have_cap() >> - pr_info_once() >> - lm_alias() >> - alt_cb, if the callback is not marked as noinstr, or if it calls >> instrumentable code (e.g. from the insn framework). >> - clean_dcache_range_nopatch(), as read_sanitised_ftr_reg() and >> related code can be instrumented. >> >> This might need some underlying rework elsewhere (e.g. in the >> cpufeature code, or atomics framework). >> > > OK. > >> So on the kernel side, maybe a first step would be to try to headerize >> the insn generation code as __always_inline, and see whether that looks >> ok? With that out of the way it'd be a bit easier to rework patching >> code depending on the insn framework. >> > > OK. > > I have an understanding of some of the above already. I will come up to > speed on the others. I will email you any questions I might have. > >> I'm not sure about the objtool side, so I'll leave that to Julien and co >> to answer. >> Sorry for the late reply. The last RFC for arm64 support in objtool is a bit old because it was preferable to split things into smaller series. I touched it much lately, so I'm picking it back up and will try to get a git branch into shape on a recent mainline (a few things need fixing since the last time I rebased it). I'll update you once I have something at least usable/presentable. Cheers, -- Julien Thierry _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel