From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91534C3F2D4 for ; Thu, 9 Jun 2022 13:24:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343859AbiFINYv (ORCPT ); Thu, 9 Jun 2022 09:24:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47878 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343879AbiFINYq (ORCPT ); Thu, 9 Jun 2022 09:24:46 -0400 Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF9A31451CA; Thu, 9 Jun 2022 06:24:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=SFRCVVrRGHSCzaC+svV91Zy2fb9KgpsgW9PodQQtuVA=; b=ZXUIBRWwS9a1A+i7Wlnvbq7c8v 6SK4in80vdIW70IGh6Qwe/9mFxNaBZtzv0uCfovEqg5B7wUC50nw2bh7ER+xaP3QNR+1iZYXnNxos S1DekrsiVQcuauqgAW2+sZFC/1rHvD65HUzk2WexFzY/WbUzTA0pWZot8NWi77yxehXc35lrntlkB Qm2bnOZFbox6CvC5LSuNuJ2I85jiSSXcaN35yBtUgsVQkHMxSoBGhW1SghmYnnm8iMvnQWF6TnUmW X1ud3JxTTmlPwgF7s5xG9BVcKDfLwreRR4yef4m+LNO6b+HhdBpLgVt2qZH1BGOEUFylRzfms6+VM DcV1sHDg==; Received: from mcgrof by bombadil.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1nzI9A-0027yT-Ln; Thu, 09 Jun 2022 13:24:24 +0000 Date: Thu, 9 Jun 2022 06:24:24 -0700 From: Luis Chamberlain To: Christoph Hellwig , "Edgecombe, Rick P" , Christophe Leroy Cc: Song Liu , Masami Hiramatsu , Jarkko Sakkinen , Guo Ren , Jarkko Sakkinen , Linux Kernel Mailing List , Nathaniel McCallum , Russell King , Catalin Marinas , Will Deacon , Thomas Bogendoerfer , "James E.J. Bottomley" , Helge Deller , Michael Ellerman , Benjamin Herrenschmidt , Paul Mackerras , Paul Walmsley , Palmer Dabbelt , Albert Ou , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , "David S. Miller" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , the arch/x86 maintainers , "H. Peter Anvin" , "Naveen N. Rao" , Anil S Keshavamurthy , Steven Rostedt , Kees Cook , "Peter Zijlstra (Intel)" , Nathan Chancellor , Josh Poimboeuf , Mark Rutland , "Eric W. Biederman" , Marco Elver , Dan Li , Sami Tolvanen , Ard Biesheuvel , "Russell King (Oracle)" , Nick Desaulniers , Linus Walleij , Chen Zhongjin , Nicolas Pitre , Mark Brown , Luis Machado , Geert Uytterhoeven , Joey Gouly , Masahiro Yamada , Andrew Morton , Andrey Konovalov , Kefeng Wang , Atsushi Nemoto , Guenter Roeck , Dave Anglin , Alexei Starovoitov , Nicholas Piggin , Daniel Axtens , "Aneesh Kumar K.V" , Jordan Niethe , Anup Patel , Atish Patra , Changbin Du , Heiko Stuebner , Liao Chang , Philipp Tomsich , Wu Caize , Emil Renner Berthing , Alexander Egorenkov , Thomas Richter , Tobias Huschle , Ilya Leoshkevich , Tom Lendacky , Daniel Bristot de Oliveira , Michael Roth , "Kirill A. Shutemov" , Javier Martinez Canillas , Miroslav Benes , =?iso-8859-1?Q?Andr=E9?= Almeida , Tiezhu Yang , Dmitry Torokhov , Aaron Tomlin , Linux ARM , "open list:BROADCOM NVRAM DRIVER" , Parisc List , linuxppc-dev , linux-riscv , linux-s390 , sparclinux , linux-modules@vger.kernel.org Subject: Re: [PATCH] kprobes: Enable tracing for mololithic kernel images Message-ID: References: <20220608000014.3054333-1-jarkko@profian.com> <20220608232115.ccd4399f4a1d133e9b65c2a9@kernel.org> <20220609034852.GA30873@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220609034852.GA30873@lst.de> Sender: Luis Chamberlain Precedence: bulk List-ID: On Thu, Jun 09, 2022 at 05:48:52AM +0200, Christoph Hellwig wrote: > On Wed, Jun 08, 2022 at 01:26:19PM -0700, Luis Chamberlain wrote: > > No, that was removed because it has only one user. > > That is only part of the story. The other part is that the overall > kernel simply does not have any business allocating exutable memory. > Executable memory is a very special concept for modules or module-like > code like kprobes, and should not be exposed as a general concept. It is not just modules and kprobes, it is also ftrace and bpf too now. So while it should not be used everywhere calling it module_alloc() is just confusing at this point. Likewise, module_alloc_huge() is being proposed too and I'd rather we deal with this properly in aligment of taking care of the rename as well. If the concern is to restrict access we can use the module namespace stuff so to ensure only intended users get access to it. > Especially as executable memory really should not also be writable > for security reasons. In other words, we should actually never > allocate executable memory, every. We might seal memory and then > mark it executable after having written to it, which is how modules > and kprobes are implemented on all modern Linux ports anyway. The respective free *should* do the executable bits, and there is no generic way to do this for all archs and so it is open coded today. In fact some architectures need further work / help and so split up the module data and exect already on v5.19+ with the new ARCH_WANTS_MODULES_DATA_IN_VMALLOC. See this thread for details: https://lkml.kernel.org/r/Yo1XTN441qbNTLGR@bombadil.infradead.org Doing this work is not easy, but if we're going to do it, it must be done right. Luis From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 413F7C433EF for ; Thu, 9 Jun 2022 13:24:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ZWzqD14ba1iwPX7Je7FC3Hi1cd9Ebofx7tnTjwffj0k=; b=xC7TbvOlvswps8 hdDvl//zkI3IB1/4F08HEBNmwrnYopdf7psaMnOylI9vWc0S/6L6WPGX0Kf4/PZfoA7c6wjThz4he CCscG32b250NJevnsPwfboIisPisgN9tmtiSUVcLAROft01c/g9N92oHbYd9eRzudUBadloMkO6ot iWN4LHsJOBPpWn+Ppst99PaiOS/Mr2byb4W3Q/Kmt4IiQX951XULBAa1wbM287kUXV+mrdkDqynuW GNkJwldC5mVI/Exsgy46L4KGZzGU0Kyh200LD/ZjaSuM5ajA235DnDFPKj9WmVJdxx6gzHEiBoHT9 rUzpiFfIP56xfbT8Ls0g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nzI9K-00284J-Al; Thu, 09 Jun 2022 13:24:34 +0000 Received: from mcgrof by bombadil.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1nzI9A-0027yT-Ln; Thu, 09 Jun 2022 13:24:24 +0000 Date: Thu, 9 Jun 2022 06:24:24 -0700 From: Luis Chamberlain To: Christoph Hellwig , "Edgecombe, Rick P" , Christophe Leroy Cc: Song Liu , Masami Hiramatsu , Jarkko Sakkinen , Guo Ren , Jarkko Sakkinen , Linux Kernel Mailing List , Nathaniel McCallum , Russell King , Catalin Marinas , Will Deacon , Thomas Bogendoerfer , "James E.J. Bottomley" , Helge Deller , Michael Ellerman , Benjamin Herrenschmidt , Paul Mackerras , Paul Walmsley , Palmer Dabbelt , Albert Ou , Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , "David S. Miller" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , the arch/x86 maintainers , "H. Peter Anvin" , "Naveen N. Rao" , Anil S Keshavamurthy , Steven Rostedt , Kees Cook , "Peter Zijlstra (Intel)" , Nathan Chancellor , Josh Poimboeuf , Mark Rutland , "Eric W. Biederman" , Marco Elver , Dan Li , Sami Tolvanen , Ard Biesheuvel , "Russell King (Oracle)" , Nick Desaulniers , Linus Walleij , Chen Zhongjin , Nicolas Pitre , Mark Brown , Luis Machado , Geert Uytterhoeven , Joey Gouly , Masahiro Yamada , Andrew Morton , Andrey Konovalov , Kefeng Wang , Atsushi Nemoto , Guenter Roeck , Dave Anglin , Alexei Starovoitov , Nicholas Piggin , Daniel Axtens , "Aneesh Kumar K.V" , Jordan Niethe , Anup Patel , Atish Patra , Changbin Du , Heiko Stuebner , Liao Chang , Philipp Tomsich , Wu Caize , Emil Renner Berthing , Alexander Egorenkov , Thomas Richter , Tobias Huschle , Ilya Leoshkevich , Tom Lendacky , Daniel Bristot de Oliveira , Michael Roth , "Kirill A. Shutemov" , Javier Martinez Canillas , Miroslav Benes , =?iso-8859-1?Q?Andr=E9?= Almeida , Tiezhu Yang , Dmitry Torokhov , Aaron Tomlin , Linux ARM , "open list:BROADCOM NVRAM DRIVER" , Parisc List , linuxppc-dev , linux-riscv , linux-s390 , sparclinux , linux-modules@vger.kernel.org Subject: Re: [PATCH] kprobes: Enable tracing for mololithic kernel images Message-ID: References: <20220608000014.3054333-1-jarkko@profian.com> <20220608232115.ccd4399f4a1d133e9b65c2a9@kernel.org> <20220609034852.GA30873@lst.de> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20220609034852.GA30873@lst.de> X-BeenThere: linux-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-riscv" Errors-To: linux-riscv-bounces+linux-riscv=archiver.kernel.org@lists.infradead.org On Thu, Jun 09, 2022 at 05:48:52AM +0200, Christoph Hellwig wrote: > On Wed, Jun 08, 2022 at 01:26:19PM -0700, Luis Chamberlain wrote: > > No, that was removed because it has only one user. > > That is only part of the story. The other part is that the overall > kernel simply does not have any business allocating exutable memory. > Executable memory is a very special concept for modules or module-like > code like kprobes, and should not be exposed as a general concept. It is not just modules and kprobes, it is also ftrace and bpf too now. So while it should not be used everywhere calling it module_alloc() is just confusing at this point. Likewise, module_alloc_huge() is being proposed too and I'd rather we deal with this properly in aligment of taking care of the rename as well. If the concern is to restrict access we can use the module namespace stuff so to ensure only intended users get access to it. > Especially as executable memory really should not also be writable > for security reasons. In other words, we should actually never > allocate executable memory, every. We might seal memory and then > mark it executable after having written to it, which is how modules > and kprobes are implemented on all modern Linux ports anyway. The respective free *should* do the executable bits, and there is no generic way to do this for all archs and so it is open coded today. In fact some architectures need further work / help and so split up the module data and exect already on v5.19+ with the new ARCH_WANTS_MODULES_DATA_IN_VMALLOC. See this thread for details: https://lkml.kernel.org/r/Yo1XTN441qbNTLGR@bombadil.infradead.org Doing this work is not easy, but if we're going to do it, it must be done right. Luis _______________________________________________ linux-riscv mailing list linux-riscv@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-riscv From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6C5CBC43334 for ; Fri, 10 Jun 2022 11:22:30 +0000 (UTC) Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4LKJTc72H8z3dpq for ; Fri, 10 Jun 2022 21:22:28 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=infradead.org header.i=@infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ZXUIBRWw; dkim-atps=neutral Authentication-Results: lists.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=mcgrof@infradead.org; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=infradead.org header.i=@infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ZXUIBRWw; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4LJlHq0h4Xz3bmR for ; Thu, 9 Jun 2022 23:27:02 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=SFRCVVrRGHSCzaC+svV91Zy2fb9KgpsgW9PodQQtuVA=; b=ZXUIBRWwS9a1A+i7Wlnvbq7c8v 6SK4in80vdIW70IGh6Qwe/9mFxNaBZtzv0uCfovEqg5B7wUC50nw2bh7ER+xaP3QNR+1iZYXnNxos S1DekrsiVQcuauqgAW2+sZFC/1rHvD65HUzk2WexFzY/WbUzTA0pWZot8NWi77yxehXc35lrntlkB Qm2bnOZFbox6CvC5LSuNuJ2I85jiSSXcaN35yBtUgsVQkHMxSoBGhW1SghmYnnm8iMvnQWF6TnUmW X1ud3JxTTmlPwgF7s5xG9BVcKDfLwreRR4yef4m+LNO6b+HhdBpLgVt2qZH1BGOEUFylRzfms6+VM DcV1sHDg==; Received: from mcgrof by bombadil.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1nzI9A-0027yT-Ln; Thu, 09 Jun 2022 13:24:24 +0000 Date: Thu, 9 Jun 2022 06:24:24 -0700 From: Luis Chamberlain To: Christoph Hellwig , "Edgecombe, Rick P" , Christophe Leroy Subject: Re: [PATCH] kprobes: Enable tracing for mololithic kernel images Message-ID: References: <20220608000014.3054333-1-jarkko@profian.com> <20220608232115.ccd4399f4a1d133e9b65c2a9@kernel.org> <20220609034852.GA30873@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220609034852.GA30873@lst.de> X-Mailman-Approved-At: Fri, 10 Jun 2022 21:09:20 +1000 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Dan Li , Heiko Stuebner , Linus Walleij , Guo Ren , Alexander Gordeev , Javier Martinez Canillas , Geert Uytterhoeven , Catalin Marinas , Christian Borntraeger , Guenter Roeck , =?iso-8859-1?Q?Andr=E9?= Almeida , Michael Roth , Nicholas Piggin , Thomas Gleixner , Andrey Konovalov , Nick Desaulniers , Linux Kernel Mailing List , Sven Schnelle , Wu Caize , Paul Mackerras , Andrew Morton , Mark Rutland , Luis Machado , Atsushi Nemoto , Dave Hansen , Joey Gouly , "James E.J. Bottomley" , Song Liu , linux-s390 , Ilya Leoshkevich , Anup Patel , Helge Deller , Anil S Keshavamurthy , Masami Hiramatsu , Tom Lendacky , Vasily Gorbik , Philipp Tomsich , Dave Anglin , Linux ARM , Daniel Axtens , Nicolas Pitre , Jarkko Sakkinen , "Eric W. Biederman" , "Aneesh Kumar K.V" , Daniel Bristot de Oliveira , Kefeng Wang , Emil Renner Berthing , Jordan Niethe , Atish Patra , Alexei Starovoitov , Will Deacon , Masahiro Yamada , Jarkko Sakkinen , Sami Tolvanen , "Naveen N. Rao" , Marco Elver , Kees Cook , Steven Rostedt , Nathan Chancellor , "Russell King \(Oracle\)" , Mark Brown , Borislav Petkov , Alexander Egorenkov , Thomas Bogendoerfer , Parisc List , Nathaniel McCallum , Dmitry Torokhov , "David S. Miller" , "Kirill A. Shutemov" , Tobias Huschle , "Peter Zijlstra \(Intel\)" , "H. Peter Anvin" , sparclinux , Tiezhu Yang , Miroslav Benes , Chen Zhongjin , Ard Biesheuvel , the arch/x86 maintainers , Russell King , linux-riscv , Ingo Molnar , Aaron Tomlin , Albert Ou , Heiko Carstens , Liao Chang , Paul Walmsley , Josh Poimboeuf , Thomas Richter , "open list:BROADCOM NVRAM DRIVER" , Changbin Du , Palmer Dabbelt , linuxppc-dev , linux-modules@vger.kernel.org Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" On Thu, Jun 09, 2022 at 05:48:52AM +0200, Christoph Hellwig wrote: > On Wed, Jun 08, 2022 at 01:26:19PM -0700, Luis Chamberlain wrote: > > No, that was removed because it has only one user. > > That is only part of the story. The other part is that the overall > kernel simply does not have any business allocating exutable memory. > Executable memory is a very special concept for modules or module-like > code like kprobes, and should not be exposed as a general concept. It is not just modules and kprobes, it is also ftrace and bpf too now. So while it should not be used everywhere calling it module_alloc() is just confusing at this point. Likewise, module_alloc_huge() is being proposed too and I'd rather we deal with this properly in aligment of taking care of the rename as well. If the concern is to restrict access we can use the module namespace stuff so to ensure only intended users get access to it. > Especially as executable memory really should not also be writable > for security reasons. In other words, we should actually never > allocate executable memory, every. We might seal memory and then > mark it executable after having written to it, which is how modules > and kprobes are implemented on all modern Linux ports anyway. The respective free *should* do the executable bits, and there is no generic way to do this for all archs and so it is open coded today. In fact some architectures need further work / help and so split up the module data and exect already on v5.19+ with the new ARCH_WANTS_MODULES_DATA_IN_VMALLOC. See this thread for details: https://lkml.kernel.org/r/Yo1XTN441qbNTLGR@bombadil.infradead.org Doing this work is not easy, but if we're going to do it, it must be done right. Luis