From: Xu Kuohai <xukuohai@huawei.com>
To: <bpf@vger.kernel.org>, <linux-arm-kernel@lists.infradead.org>,
<linux-kernel@vger.kernel.org>, <netdev@vger.kernel.org>,
<linux-kselftest@vger.kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Ingo Molnar <mingo@redhat.com>,
Daniel Borkmann <daniel@iogearbox.net>,
Alexei Starovoitov <ast@kernel.org>,
Zi Shen Lim <zlim.lnx@gmail.com>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
Yonghong Song <yhs@fb.com>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@kernel.org>,
"David S . Miller" <davem@davemloft.net>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
David Ahern <dsahern@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>, <x86@kernel.org>,
<hpa@zytor.com>, Shuah Khan <shuah@kernel.org>,
Jakub Kicinski <kuba@kernel.org>,
Jesper Dangaard Brouer <hawk@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
Ard Biesheuvel <ardb@kernel.org>,
Daniel Kiss <daniel.kiss@arm.com>,
Steven Price <steven.price@arm.com>,
Sudeep Holla <sudeep.holla@arm.com>,
Marc Zyngier <maz@kernel.org>,
Peter Collingbourne <pcc@google.com>,
Mark Brown <broonie@kernel.org>, Delyan Kratunov <delyank@fb.com>,
Kumar Kartikeya Dwivedi <memxor@gmail.com>
Subject: [PATCH bpf-next v3 2/7] ftrace: Fix deadloop caused by direct call in ftrace selftest
Date: Sun, 24 Apr 2022 11:40:23 -0400 [thread overview]
Message-ID: <20220424154028.1698685-3-xukuohai@huawei.com> (raw)
In-Reply-To: <20220424154028.1698685-1-xukuohai@huawei.com>
After direct call is enabled for arm64, ftrace selftest enters a
dead loop:
<trace_selftest_dynamic_test_func>:
00 bti c
01 mov x9, x30 <trace_direct_tramp>:
02 bl <trace_direct_tramp> ----------> ret
|
lr/x30 is 03, return to 03
|
03 mov w0, #0x0 <-----------------------------|
| |
| dead loop! |
| |
04 ret ---- lr/x30 is still 03, go back to 03 ----|
The reason is that when the direct caller trace_direct_tramp() returns
to the patched function trace_selftest_dynamic_test_func(), lr is still
the address after the instrumented instruction in the patched function,
so when the patched function exits, it returns to itself!
To fix this issue, we need to restore lr before trace_direct_tramp()
exits, so rewrite a dedicated trace_direct_tramp() for arm64.
Reported-by: Li Huafei <lihuafei1@huawei.com>
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
---
kernel/trace/trace_selftest.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/kernel/trace/trace_selftest.c b/kernel/trace/trace_selftest.c
index abcadbe933bb..d2eff2b1d743 100644
--- a/kernel/trace/trace_selftest.c
+++ b/kernel/trace/trace_selftest.c
@@ -785,8 +785,24 @@ static struct fgraph_ops fgraph_ops __initdata = {
};
#ifdef CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS
+#ifdef CONFIG_ARM64
+extern void trace_direct_tramp(void);
+
+asm (
+" .pushsection .text, \"ax\", @progbits\n"
+" .type trace_direct_tramp, %function\n"
+" .global trace_direct_tramp\n"
+"trace_direct_tramp:"
+" mov x10, x30\n"
+" mov x30, x9\n"
+" ret x10\n"
+" .size trace_direct_tramp, .-trace_direct_tramp\n"
+" .popsection\n"
+);
+#else
noinline __noclone static void trace_direct_tramp(void) { }
#endif
+#endif
/*
* Pretty much the same than for the function tracer from which the selftest
--
2.30.2
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Xu Kuohai <xukuohai@huawei.com>
To: <bpf@vger.kernel.org>, <linux-arm-kernel@lists.infradead.org>,
<linux-kernel@vger.kernel.org>, <netdev@vger.kernel.org>,
<linux-kselftest@vger.kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Ingo Molnar <mingo@redhat.com>,
Daniel Borkmann <daniel@iogearbox.net>,
Alexei Starovoitov <ast@kernel.org>,
Zi Shen Lim <zlim.lnx@gmail.com>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
Yonghong Song <yhs@fb.com>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@kernel.org>,
"David S . Miller" <davem@davemloft.net>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
David Ahern <dsahern@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>, <x86@kernel.org>,
<hpa@zytor.com>, Shuah Khan <shuah@kernel.org>,
Jakub Kicinski <kuba@kernel.org>,
Jesper Dangaard Brouer <hawk@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
Ard Biesheuvel <ardb@kernel.org>,
Daniel Kiss <daniel.kiss@arm.com>,
Steven Price <steven.price@arm.com>,
Sudeep Holla <sudeep.holla@arm.com>,
Marc Zyngier <maz@kernel.org>,
Peter Collingbourne <pcc@google.com>,
Mark Brown <broonie@kernel.org>, Delyan Kratunov <delyank@fb.com>,
Kumar Kartikeya Dwivedi <memxor@gmail.com>
Subject: [PATCH bpf-next v3 2/7] ftrace: Fix deadloop caused by direct call in ftrace selftest
Date: Sun, 24 Apr 2022 11:40:23 -0400 [thread overview]
Message-ID: <20220424154028.1698685-3-xukuohai@huawei.com> (raw)
In-Reply-To: <20220424154028.1698685-1-xukuohai@huawei.com>
After direct call is enabled for arm64, ftrace selftest enters a
dead loop:
<trace_selftest_dynamic_test_func>:
00 bti c
01 mov x9, x30 <trace_direct_tramp>:
02 bl <trace_direct_tramp> ----------> ret
|
lr/x30 is 03, return to 03
|
03 mov w0, #0x0 <-----------------------------|
| |
| dead loop! |
| |
04 ret ---- lr/x30 is still 03, go back to 03 ----|
The reason is that when the direct caller trace_direct_tramp() returns
to the patched function trace_selftest_dynamic_test_func(), lr is still
the address after the instrumented instruction in the patched function,
so when the patched function exits, it returns to itself!
To fix this issue, we need to restore lr before trace_direct_tramp()
exits, so rewrite a dedicated trace_direct_tramp() for arm64.
Reported-by: Li Huafei <lihuafei1@huawei.com>
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
---
kernel/trace/trace_selftest.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/kernel/trace/trace_selftest.c b/kernel/trace/trace_selftest.c
index abcadbe933bb..d2eff2b1d743 100644
--- a/kernel/trace/trace_selftest.c
+++ b/kernel/trace/trace_selftest.c
@@ -785,8 +785,24 @@ static struct fgraph_ops fgraph_ops __initdata = {
};
#ifdef CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS
+#ifdef CONFIG_ARM64
+extern void trace_direct_tramp(void);
+
+asm (
+" .pushsection .text, \"ax\", @progbits\n"
+" .type trace_direct_tramp, %function\n"
+" .global trace_direct_tramp\n"
+"trace_direct_tramp:"
+" mov x10, x30\n"
+" mov x30, x9\n"
+" ret x10\n"
+" .size trace_direct_tramp, .-trace_direct_tramp\n"
+" .popsection\n"
+);
+#else
noinline __noclone static void trace_direct_tramp(void) { }
#endif
+#endif
/*
* Pretty much the same than for the function tracer from which the selftest
--
2.30.2
next prev parent reply other threads:[~2022-04-24 15:30 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-24 15:40 [PATCH bpf-next v3 0/7] bpf trampoline for arm64 Xu Kuohai
2022-04-24 15:40 ` Xu Kuohai
2022-04-24 15:40 ` [PATCH bpf-next v3 1/7] arm64: ftrace: Add ftrace direct call support Xu Kuohai
2022-04-24 15:40 ` Xu Kuohai
2022-04-24 15:40 ` Xu Kuohai [this message]
2022-04-24 15:40 ` [PATCH bpf-next v3 2/7] ftrace: Fix deadloop caused by direct call in ftrace selftest Xu Kuohai
2022-04-25 15:05 ` Steven Rostedt
2022-04-25 15:05 ` Steven Rostedt
2022-04-26 7:36 ` Xu Kuohai
2022-04-26 7:36 ` Xu Kuohai
2022-04-24 15:40 ` [PATCH bpf-next v3 3/7] bpf: Move is_valid_bpf_tramp_flags() to the public trampoline code Xu Kuohai
2022-04-24 15:40 ` Xu Kuohai
2022-04-24 15:40 ` [PATCH bpf-next v3 4/7] bpf, arm64: Impelment bpf_arch_text_poke() for arm64 Xu Kuohai
2022-04-24 15:40 ` Xu Kuohai
2022-05-10 11:45 ` Jakub Sitnicki
2022-05-10 11:45 ` Jakub Sitnicki
2022-05-11 3:18 ` Xu Kuohai
2022-05-11 3:18 ` Xu Kuohai
2022-05-13 14:59 ` Mark Rutland
2022-05-13 14:59 ` Mark Rutland
2022-05-16 6:55 ` Xu Kuohai
2022-05-16 6:55 ` Xu Kuohai
2022-05-16 7:18 ` Mark Rutland
2022-05-16 7:18 ` Mark Rutland
2022-05-16 7:58 ` Xu Kuohai
2022-05-16 7:58 ` Xu Kuohai
2022-04-24 15:40 ` [PATCH bpf-next v3 5/7] bpf, arm64: Support to poke bpf prog Xu Kuohai
2022-04-24 15:40 ` Xu Kuohai
2022-05-10 9:36 ` Jakub Sitnicki
2022-05-10 9:36 ` Jakub Sitnicki
2022-05-11 3:12 ` Xu Kuohai
2022-05-11 3:12 ` Xu Kuohai
2022-05-12 10:54 ` Jakub Sitnicki
2022-05-12 10:54 ` Jakub Sitnicki
2022-04-24 15:40 ` [PATCH bpf-next v3 6/7] bpf, arm64: bpf trampoline for arm64 Xu Kuohai
2022-04-24 15:40 ` Xu Kuohai
2022-04-24 15:40 ` [PATCH bpf-next v3 7/7] selftests/bpf: Fix trivial typo in fentry_fexit.c Xu Kuohai
2022-04-24 15:40 ` Xu Kuohai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220424154028.1698685-3-xukuohai@huawei.com \
--to=xukuohai@huawei.com \
--cc=andrii@kernel.org \
--cc=ardb@kernel.org \
--cc=ast@kernel.org \
--cc=bp@alien8.de \
--cc=bpf@vger.kernel.org \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=daniel.kiss@arm.com \
--cc=daniel@iogearbox.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=delyank@fb.com \
--cc=dsahern@kernel.org \
--cc=hawk@kernel.org \
--cc=hpa@zytor.com \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=kpsingh@kernel.org \
--cc=kuba@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=memxor@gmail.com \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=pasha.tatashin@soleen.com \
--cc=pcc@google.com \
--cc=rostedt@goodmis.org \
--cc=shuah@kernel.org \
--cc=songliubraving@fb.com \
--cc=steven.price@arm.com \
--cc=sudeep.holla@arm.com \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=yhs@fb.com \
--cc=yoshfuji@linux-ipv6.org \
--cc=zlim.lnx@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.