From: Peter Zijlstra <peterz@infradead.org>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Steven Rostedt <rostedt@goodmis.org>,
linux-kernel@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Ingo Molnar <mingo@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Masami Hiramatsu <mhiramat@kernel.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
Matthew Helsley <mhelsley@vmware.com>,
"Rafael J . Wysocki" <rafael.j.wysocki@intel.com>,
David Woodhouse <dwmw2@infradead.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Jason Baron <jbaron@akamai.com>, Jiri Kosina <jkosina@suse.cz>,
ard.biesheuvel@linaro.org, Andy Lutomirski <luto@kernel.org>
Subject: Re: [POC][RFC][PATCH 1/2] jump_function: Addition of new feature "jump_function"
Date: Mon, 8 Oct 2018 18:39:53 +0200 [thread overview]
Message-ID: <20181008163953.GD5663@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <F36C6419-7D92-4357-BDB1-D8B90DE09889@amacapital.net>
On Mon, Oct 08, 2018 at 09:29:56AM -0700, Andy Lutomirski wrote:
>
>
> > On Oct 8, 2018, at 8:57 AM, Peter Zijlstra <peterz@infradead.org> wrote:
> >
> > On Mon, Oct 08, 2018 at 01:33:14AM -0700, Andy Lutomirski wrote:
> >>> Can't we hijack the relocation records for these functions before they
> >>> get thrown out in the (final) link pass or something?
> >>
> >> I could be talking out my arse here, but I thought we could do this,
> >> too, then changed my mind. The relocation records give us the
> >> location of the call or jump operand, but they don’t give the address
> >> of the beginning of the instruction.
> >
> > But that's like 1 byte before the operand, right? We could even double check
> > this by reading back that byte and ensuring it is in fact 0xE8 (CALL).
> >
> > AFAICT there is only the _1_ CALL encoding, and that is the 5 byte: E8 <PLT32>,
> > so if we have the PLT32 location, we also have the instruction location. Or am
> > I missing something?
>
> There’s also JMP and Jcc, any of which can be used for rail calls, but
> those are also one byte. I suppose GCC is unlikely to emit a prefixed
> form of any of these. So maybe we really can assume they’re all one
> byte.
Oh, I had not considered tail calls..
> But there is a nasty potential special case: anything that takes the
> function’s address. This includes jump tables, computed gotos, and
> plain old function pointers. And I suspect that any of these could
> have one of the rather large number of CALL/JMP/Jcc bytes before the
> relocation by coincidence.
We can have objtool verify the CALL/JMP/Jcc only condition. So if
someone tries to take the address of a patchable function, it will error
out.
Heck, it could initially even error out on tail calls.
next prev parent reply other threads:[~2018-10-08 16:40 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-06 1:51 [POC][RFC][PATCH 0/2] PROOF OF CONCEPT: Dynamic Functions (jump functions) Steven Rostedt
2018-10-06 1:51 ` [POC][RFC][PATCH 1/2] jump_function: Addition of new feature "jump_function" Steven Rostedt
2018-10-06 2:00 ` Steven Rostedt
2018-10-06 2:02 ` Steven Rostedt
2018-10-06 2:03 ` Steven Rostedt
2018-10-06 15:15 ` Steven Rostedt
2018-10-06 12:12 ` Peter Zijlstra
2018-10-06 13:39 ` Steven Rostedt
2018-10-06 15:13 ` Andy Lutomirski
2018-10-06 15:16 ` Steven Rostedt
2018-10-08 7:21 ` Peter Zijlstra
2018-10-08 8:33 ` Andy Lutomirski
2018-10-08 15:57 ` Peter Zijlstra
2018-10-08 16:29 ` Andy Lutomirski
2018-10-08 16:39 ` Steven Rostedt
2018-10-08 16:39 ` Peter Zijlstra [this message]
2018-10-08 17:25 ` Andy Lutomirski
2018-10-08 17:30 ` Ard Biesheuvel
2018-10-08 17:42 ` Andy Lutomirski
2018-10-08 17:44 ` Jiri Kosina
2018-10-08 17:45 ` Ard Biesheuvel
2018-10-08 17:47 ` Andy Lutomirski
2018-10-09 2:17 ` Josh Poimboeuf
2018-10-09 3:57 ` Steven Rostedt
2018-10-10 17:52 ` Josh Poimboeuf
2018-10-10 18:03 ` Andy Lutomirski
2018-10-10 18:16 ` Josh Poimboeuf
2018-10-10 18:17 ` Josh Poimboeuf
2018-10-10 21:13 ` Andy Lutomirski
2018-10-11 3:07 ` Josh Poimboeuf
2018-10-11 12:52 ` Josh Poimboeuf
2018-10-11 16:20 ` Andy Lutomirski
2018-10-10 18:33 ` Josh Poimboeuf
2018-10-10 18:56 ` Steven Rostedt
2018-10-10 20:16 ` Josh Poimboeuf
2018-10-10 20:57 ` Andy Lutomirski
2018-10-08 16:31 ` Steven Rostedt
2018-10-08 11:30 ` Ard Biesheuvel
2018-10-09 3:44 ` Masami Hiramatsu
2018-10-09 3:55 ` Steven Rostedt
2018-10-09 16:04 ` Masami Hiramatsu
2018-10-09 8:59 ` David Laight
2018-10-06 1:51 ` [POC][RFC][PATCH 2/2] tracepoints: Implement it with dynamic functions Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181008163953.GD5663@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=dwmw2@infradead.org \
--cc=jbaron@akamai.com \
--cc=jkosina@suse.cz \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mhelsley@vmware.com \
--cc=mhiramat@kernel.org \
--cc=mingo@kernel.org \
--cc=pbonzini@redhat.com \
--cc=rafael.j.wysocki@intel.com \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.