Live-Patching Archive on lore.kernel.org
 help / color / Atom feed
* Re: [PATCH v8 0/5] arm64: ftrace with regs
       [not found]       ` <20190409175238.GE9255@fuggles.cambridge.arm.com>
@ 2019-07-10 12:27         ` Ruslan Bilovol
  2019-07-24 16:15           ` Mark Rutland
  0 siblings, 1 reply; 8+ messages in thread
From: Ruslan Bilovol @ 2019-07-10 12:27 UTC (permalink / raw)
  To: Will Deacon
  Cc: Mark Rutland, Torsten Duwe, Catalin Marinas, Steven Rostedt,
	Julien Thierry, Josh Poimboeuf, Ingo Molnar, Ard Biesheuvel,
	Arnd Bergmann, AKASHI Takahiro, Amit Daniel Kachhap,
	linux-arm-kernel, linux-kernel, live-patching

On Tue, Apr 9, 2019 at 8:52 PM Will Deacon <will.deacon@arm.com> wrote:
>
> On Mon, Apr 08, 2019 at 04:36:28PM +0100, Mark Rutland wrote:
> > On Mon, Mar 11, 2019 at 12:49:46PM +0100, Torsten Duwe wrote:
> > > On Wed, Feb 13, 2019 at 11:11:04AM +0000, Julien Thierry wrote:
> > > > Hi Torsten,
> > > >
> > > > On 08/02/2019 15:08, Torsten Duwe wrote:
> > > > > Patch series v8, as discussed.
> > > > > The whole series applies cleanly on 5.0-rc5
> > >
> > > So what's the status now? Besides debatable minor style
> > > issues there were no more objections to v8. Would this
> > > go through the ARM repo or via the ftrace repo?
> >
> > Sorry agains for the delay on this. I'm now back in the office and in
> > front of a computer daily, so I can spend a bit more time on this.
> >
> > Regardless of anything else, I think that we should queue the first
> > three patches now. I've poked the relevant maintainers for their acks so
> > that those can be taken via the arm64 tree.
> >
> > I'm happy to do the trivial cleanups on the last couple of patches (e.g.
> > s/lr/x30), and I'm actively looking at the API rework I requested.
>
> Ok, I've picked up patches 1-3 and I'll wait for you to spin updates to the
> last two.

Ok, I see that patches 1-3 are picked up and are already present in recent
kernels.

Is there any progress on remaining two patches?
Any help required?

Thanks,
Ruslan

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v8 0/5] arm64: ftrace with regs
  2019-07-10 12:27         ` [PATCH v8 0/5] arm64: ftrace with regs Ruslan Bilovol
@ 2019-07-24 16:15           ` Mark Rutland
  2019-10-16 11:42             ` Jiri Kosina
  0 siblings, 1 reply; 8+ messages in thread
From: Mark Rutland @ 2019-07-24 16:15 UTC (permalink / raw)
  To: Ruslan Bilovol
  Cc: Will Deacon, Torsten Duwe, Catalin Marinas, Steven Rostedt,
	Julien Thierry, Josh Poimboeuf, Ingo Molnar, Ard Biesheuvel,
	Arnd Bergmann, AKASHI Takahiro, Amit Daniel Kachhap,
	linux-arm-kernel, linux-kernel, live-patching

Hi Ruslan,

On Wed, Jul 10, 2019 at 03:27:58PM +0300, Ruslan Bilovol wrote:
> On Tue, Apr 9, 2019 at 8:52 PM Will Deacon <will.deacon@arm.com> wrote:
> >
> > On Mon, Apr 08, 2019 at 04:36:28PM +0100, Mark Rutland wrote:
> > > On Mon, Mar 11, 2019 at 12:49:46PM +0100, Torsten Duwe wrote:
> > > > On Wed, Feb 13, 2019 at 11:11:04AM +0000, Julien Thierry wrote:
> > > > > Hi Torsten,
> > > > >
> > > > > On 08/02/2019 15:08, Torsten Duwe wrote:
> > > > > > Patch series v8, as discussed.
> > > > > > The whole series applies cleanly on 5.0-rc5
> > > >
> > > > So what's the status now? Besides debatable minor style
> > > > issues there were no more objections to v8. Would this
> > > > go through the ARM repo or via the ftrace repo?
> > >
> > > Sorry agains for the delay on this. I'm now back in the office and in
> > > front of a computer daily, so I can spend a bit more time on this.
> > >
> > > Regardless of anything else, I think that we should queue the first
> > > three patches now. I've poked the relevant maintainers for their acks so
> > > that those can be taken via the arm64 tree.
> > >
> > > I'm happy to do the trivial cleanups on the last couple of patches (e.g.
> > > s/lr/x30), and I'm actively looking at the API rework I requested.
> >
> > Ok, I've picked up patches 1-3 and I'll wait for you to spin updates to the
> > last two.
> 
> Ok, I see that patches 1-3 are picked up and are already present in recent
> kernels.
> 
> Is there any progress on remaining two patches?

I'm afraid that I've been distracted on other fronts, so I haven't made
progress there.

> Any help required?

If you'd be happy to look at the cleanup I previously suggested for the
core, that would be great. When I last looked, it was simple to rework
things so that arch code doesn't have to define MCOUNT_ADDR, but I
hadn't figured out exactly how to split the core mcount assumptions from
the important state machine bits.

I'll take another look and see if I can provide more detail. :)

Thanks,
Mark.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v8 0/5] arm64: ftrace with regs
  2019-07-24 16:15           ` Mark Rutland
@ 2019-10-16 11:42             ` Jiri Kosina
  2019-10-16 17:58               ` Mark Rutland
  0 siblings, 1 reply; 8+ messages in thread
From: Jiri Kosina @ 2019-10-16 11:42 UTC (permalink / raw)
  To: Mark Rutland
  Cc: Ruslan Bilovol, Will Deacon, Torsten Duwe, Catalin Marinas,
	Steven Rostedt, Julien Thierry, Josh Poimboeuf, Ingo Molnar,
	Ard Biesheuvel, Arnd Bergmann, AKASHI Takahiro,
	Amit Daniel Kachhap, linux-arm-kernel, linux-kernel,
	live-patching

On Wed, 24 Jul 2019, Mark Rutland wrote:

> > > > > So what's the status now? Besides debatable minor style
> > > > > issues there were no more objections to v8. Would this
> > > > > go through the ARM repo or via the ftrace repo?
> > > >
> > > > Sorry agains for the delay on this. I'm now back in the office and in
> > > > front of a computer daily, so I can spend a bit more time on this.
> > > >
> > > > Regardless of anything else, I think that we should queue the first
> > > > three patches now. I've poked the relevant maintainers for their acks so
> > > > that those can be taken via the arm64 tree.
> > > >
> > > > I'm happy to do the trivial cleanups on the last couple of patches (e.g.
> > > > s/lr/x30), and I'm actively looking at the API rework I requested.
> > >
> > > Ok, I've picked up patches 1-3 and I'll wait for you to spin updates to the
> > > last two.
> > 
> > Ok, I see that patches 1-3 are picked up and are already present in recent
> > kernels.
> > 
> > Is there any progress on remaining two patches?
> 
> I'm afraid that I've been distracted on other fronts, so I haven't made
> progress there.
> 
> > Any help required?
> 
> If you'd be happy to look at the cleanup I previously suggested for the
> core, that would be great. When I last looked, it was simple to rework
> things so that arch code doesn't have to define MCOUNT_ADDR, but I
> hadn't figured out exactly how to split the core mcount assumptions from
> the important state machine bits.
> 
> I'll take another look and see if I can provide more detail. :)

Hi Mark,

has any progress been made on any front? Feels like this got stuck a bit.

Thanks,

-- 
Jiri Kosina
SUSE Labs


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v8 0/5] arm64: ftrace with regs
  2019-10-16 11:42             ` Jiri Kosina
@ 2019-10-16 17:58               ` Mark Rutland
  2019-10-18 17:41                 ` Mark Rutland
  0 siblings, 1 reply; 8+ messages in thread
From: Mark Rutland @ 2019-10-16 17:58 UTC (permalink / raw)
  To: Jiri Kosina
  Cc: Ruslan Bilovol, Will Deacon, Torsten Duwe, Catalin Marinas,
	Steven Rostedt, Julien Thierry, Josh Poimboeuf, Ingo Molnar,
	Ard Biesheuvel, Arnd Bergmann, AKASHI Takahiro,
	Amit Daniel Kachhap, linux-arm-kernel, linux-kernel,
	live-patching

On Wed, Oct 16, 2019 at 01:42:59PM +0200, Jiri Kosina wrote:
> On Wed, 24 Jul 2019, Mark Rutland wrote:
> 
> > > > > > So what's the status now? Besides debatable minor style
> > > > > > issues there were no more objections to v8. Would this
> > > > > > go through the ARM repo or via the ftrace repo?
> > > > >
> > > > > Sorry agains for the delay on this. I'm now back in the office and in
> > > > > front of a computer daily, so I can spend a bit more time on this.
> > > > >
> > > > > Regardless of anything else, I think that we should queue the first
> > > > > three patches now. I've poked the relevant maintainers for their acks so
> > > > > that those can be taken via the arm64 tree.
> > > > >
> > > > > I'm happy to do the trivial cleanups on the last couple of patches (e.g.
> > > > > s/lr/x30), and I'm actively looking at the API rework I requested.
> > > >
> > > > Ok, I've picked up patches 1-3 and I'll wait for you to spin updates to the
> > > > last two.
> > > 
> > > Ok, I see that patches 1-3 are picked up and are already present in recent
> > > kernels.
> > > 
> > > Is there any progress on remaining two patches?
> > 
> > I'm afraid that I've been distracted on other fronts, so I haven't made
> > progress there.
> > 
> > > Any help required?
> > 
> > If you'd be happy to look at the cleanup I previously suggested for the
> > core, that would be great. When I last looked, it was simple to rework
> > things so that arch code doesn't have to define MCOUNT_ADDR, but I
> > hadn't figured out exactly how to split the core mcount assumptions from
> > the important state machine bits.
> > 
> > I'll take another look and see if I can provide more detail. :)
> 
> Hi Mark,

Hi Jiri,

> has any progress been made on any front? Feels like this got stuck a bit.

Sorry about this; I've been a bit distracted.

I've just done the core (non-arm64) bits today, and pushed that out:

  https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/ftrace-with-regs

... I'll fold the remainging bits of patches 4 and 5 together tomorrow
atop of that.

Thanks,
Mark.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v8 0/5] arm64: ftrace with regs
  2019-10-16 17:58               ` Mark Rutland
@ 2019-10-18 17:41                 ` Mark Rutland
  2019-10-19 11:01                   ` Torsten Duwe
  0 siblings, 1 reply; 8+ messages in thread
From: Mark Rutland @ 2019-10-18 17:41 UTC (permalink / raw)
  To: Jiri Kosina
  Cc: Arnd Bergmann, Julien Thierry, Catalin Marinas, Ard Biesheuvel,
	Will Deacon, linux-kernel, Steven Rostedt, AKASHI Takahiro,
	Ingo Molnar, Torsten Duwe, Ruslan Bilovol, Josh Poimboeuf,
	Amit Daniel Kachhap, live-patching, linux-arm-kernel

On Wed, Oct 16, 2019 at 06:58:42PM +0100, Mark Rutland wrote:
> I've just done the core (non-arm64) bits today, and pushed that out:
> 
>   https://git.kernel.org/pub/scm/linux/kernel/git/mark/linux.git/log/?h=arm64/ftrace-with-regs
> 
> ... I'll fold the remainging bits of patches 4 and 5 together tomorrow
> atop of that.

I've just force-pushed an updated version with the actual arm64
FTRACE_WITH_REGS bits. There are a couple of bits I still need to
verify, but I'm hoping that I can send this out for real next week.

In the process of reworking this I spotted some issues that will get in
the way of livepatching. Notably:

* When modules can be loaded far away from the kernel, we'll potentially
  need a PLT for each function within a module, if each can be patched
  to a unique function. Currently we have a fixed number, which is only
  sufficient for the two ftrace entry trampolines.

  IIUC, the new code being patched in is itself a module, in which case
  we'd need a PLT for each function in the main kernel image.

  We have a few options here, e.g. changing which memory size model we
  use, or reserving space for a PLT before each function using
  -f patchable-function-entry=N,M.

* There are windows where backtracing will miss the callsite's caller,
  as its address is not live in the LR or existing chain of frame
  records. Thus we cannot claim to have a reliable stacktrace.

  I suspect we'll have to teach the stacktrace code to handle this as a
  special-case.

  I'll try to write these up, as similar probably applies to other
  architectures with a link register.

Thanks,
Mark.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v8 0/5] arm64: ftrace with regs
  2019-10-18 17:41                 ` Mark Rutland
@ 2019-10-19 11:01                   ` Torsten Duwe
  2019-10-21 11:37                     ` Mark Rutland
  2019-10-21 13:20                     ` Josh Poimboeuf
  0 siblings, 2 replies; 8+ messages in thread
From: Torsten Duwe @ 2019-10-19 11:01 UTC (permalink / raw)
  To: Mark Rutland
  Cc: Jiri Kosina, Arnd Bergmann, Julien Thierry, Catalin Marinas,
	Ard Biesheuvel, Will Deacon, linux-kernel, Steven Rostedt,
	AKASHI Takahiro, Ingo Molnar, Ruslan Bilovol, Josh Poimboeuf,
	Amit Daniel Kachhap, live-patching, linux-arm-kernel

Hi Mark!

On Fri, 18 Oct 2019 18:41:02 +0100 Mark Rutland
<mark.rutland@arm.com> wrote:

> In the process of reworking this I spotted some issues that will get
> in the way of livepatching. Notably:
> 
> * When modules can be loaded far away from the kernel, we'll
> potentially need a PLT for each function within a module, if each can
> be patched to a unique function. Currently we have a fixed number,
> which is only sufficient for the two ftrace entry trampolines.
> 
>   IIUC, the new code being patched in is itself a module, in which
> case we'd need a PLT for each function in the main kernel image.

When no live patching is involved, obviously all cases need to have
been handled so far. And when a live patching module comes in, there
are calls in and out of the new patch code:

Calls going into the live patch are not aware of this. They are caught
by an active ftrace intercept, and the actual call into the LP module
is done in klp_arch_set_pc, by manipulating the intercept (call site)
return address (in case thread lives in the "new world", for
completeness' sake). This is an unsigned long write in C.

All calls going _out_ from the KLP module are newly generated, as part
of the KLP module building process, and are thus aware of them being
"extern" -- a PLT entry should be generated and accounted for in the
KLP module.

>   We have a few options here, e.g. changing which memory size model we
>   use, or reserving space for a PLT before each function using
>   -f patchable-function-entry=N,M.

Nonetheless I'm happy I once added the ,M option here. You never know :)

> * There are windows where backtracing will miss the callsite's caller,
>   as its address is not live in the LR or existing chain of frame
>   records. Thus we cannot claim to have a reliable stacktrace.
> 
>   I suspect we'll have to teach the stacktrace code to handle this as
> a special-case.

Yes, that's where I had to step back. The unwinder needs to stop where
the chain is even questionable. In _all_ cases. Missing only one race
condition means a lurking inconsistency.

OTOH it's not a problem to report "not reliable" when in doubt; the
thread in question will then get woken up and unwind itself.
It is only an optimisation to let all kernel threads which are
guaranteed to not contain any patched functions sleep on.

>   I'll try to write these up, as similar probably applies to other
>   architectures with a link register.

I thought I'd quickly give you my feedback upfront here.

	Torsten


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v8 0/5] arm64: ftrace with regs
  2019-10-19 11:01                   ` Torsten Duwe
@ 2019-10-21 11:37                     ` Mark Rutland
  2019-10-21 13:20                     ` Josh Poimboeuf
  1 sibling, 0 replies; 8+ messages in thread
From: Mark Rutland @ 2019-10-21 11:37 UTC (permalink / raw)
  To: Torsten Duwe
  Cc: Jiri Kosina, Arnd Bergmann, Julien Thierry, Catalin Marinas,
	Ard Biesheuvel, Will Deacon, linux-kernel, Steven Rostedt,
	AKASHI Takahiro, Ingo Molnar, Ruslan Bilovol, Josh Poimboeuf,
	Amit Daniel Kachhap, live-patching, linux-arm-kernel

On Sat, Oct 19, 2019 at 01:01:35PM +0200, Torsten Duwe wrote:
> Hi Mark!

Hi Torsten!
 
> On Fri, 18 Oct 2019 18:41:02 +0100 Mark Rutland
> <mark.rutland@arm.com> wrote:
> 
> > In the process of reworking this I spotted some issues that will get
> > in the way of livepatching. Notably:
> > 
> > * When modules can be loaded far away from the kernel, we'll
> > potentially need a PLT for each function within a module, if each can
> > be patched to a unique function. Currently we have a fixed number,
> > which is only sufficient for the two ftrace entry trampolines.
> > 
> >   IIUC, the new code being patched in is itself a module, in which
> > case we'd need a PLT for each function in the main kernel image.
> 
> When no live patching is involved, obviously all cases need to have
> been handled so far. And when a live patching module comes in, there
> are calls in and out of the new patch code:
> 
> Calls going into the live patch are not aware of this. They are caught
> by an active ftrace intercept, and the actual call into the LP module
> is done in klp_arch_set_pc, by manipulating the intercept (call site)
> return address (in case thread lives in the "new world", for
> completeness' sake). This is an unsigned long write in C.

I was under the impression that (at some point) the patch site would be
patched to call the LP code directly. From the above I understand that's
not the case, and it will always be directed via the regular ftrace
entry code -- have I got that right?

Assuming that is the case, that sounds fine to me, and sorry for the
noise.

> All calls going _out_ from the KLP module are newly generated, as part
> of the KLP module building process, and are thus aware of them being
> "extern" -- a PLT entry should be generated and accounted for in the
> KLP module.

Yup; understood.

> >   We have a few options here, e.g. changing which memory size model we
> >   use, or reserving space for a PLT before each function using
> >   -f patchable-function-entry=N,M.
> 
> Nonetheless I'm happy I once added the ,M option here. You never know :)

Yup; we may have other reasons to need this in future (and I see parisc
uses this today).

> > * There are windows where backtracing will miss the callsite's caller,
> >   as its address is not live in the LR or existing chain of frame
> >   records. Thus we cannot claim to have a reliable stacktrace.
> > 
> >   I suspect we'll have to teach the stacktrace code to handle this as
> > a special-case.
> 
> Yes, that's where I had to step back. The unwinder needs to stop where
> the chain is even questionable. In _all_ cases. Missing only one race
> condition means a lurking inconsistency.

Sure. I'm calling this out now so that we don't miss this in future.
I've added comments to the ftrace entry asm to this effect for now.

> OTOH it's not a problem to report "not reliable" when in doubt; the
> thread in question will then get woken up and unwind itself.
> It is only an optimisation to let all kernel threads which are
> guaranteed to not contain any patched functions sleep on.

I just want to make it clear that some care will be needed if/when
adding CONFIG_HAVE_RELIABLE_STACKTRACE so that we handle this case
correctly.
 
> >   I'll try to write these up, as similar probably applies to other
> >   architectures with a link register.
> 
> I thought I'd quickly give you my feedback upfront here.

Thanks; it's much appreciated!

Mark.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v8 0/5] arm64: ftrace with regs
  2019-10-19 11:01                   ` Torsten Duwe
  2019-10-21 11:37                     ` Mark Rutland
@ 2019-10-21 13:20                     ` Josh Poimboeuf
  1 sibling, 0 replies; 8+ messages in thread
From: Josh Poimboeuf @ 2019-10-21 13:20 UTC (permalink / raw)
  To: Torsten Duwe
  Cc: Mark Rutland, Jiri Kosina, Arnd Bergmann, Julien Thierry,
	Catalin Marinas, Ard Biesheuvel, Will Deacon, linux-kernel,
	Steven Rostedt, AKASHI Takahiro, Ingo Molnar, Ruslan Bilovol,
	Amit Daniel Kachhap, live-patching, linux-arm-kernel

On Sat, Oct 19, 2019 at 01:01:35PM +0200, Torsten Duwe wrote:
> All calls going _out_ from the KLP module are newly generated, as part
> of the KLP module building process, and are thus aware of them being
> "extern" -- a PLT entry should be generated and accounted for in the
> KLP module.

Hm... for kpatch-build I assume we may need a GCC plugin to convert
local calls to global somehow?

-- 
Josh


^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, back to index

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <20190208150826.44EBC68DD2@newverein.lst.de>
     [not found] ` <0f8d2e77-7e51-fba8-b179-102318d9ff84@arm.com>
     [not found]   ` <20190311114945.GA5625@lst.de>
     [not found]     ` <20190408153628.GL6139@lakrids.cambridge.arm.com>
     [not found]       ` <20190409175238.GE9255@fuggles.cambridge.arm.com>
2019-07-10 12:27         ` [PATCH v8 0/5] arm64: ftrace with regs Ruslan Bilovol
2019-07-24 16:15           ` Mark Rutland
2019-10-16 11:42             ` Jiri Kosina
2019-10-16 17:58               ` Mark Rutland
2019-10-18 17:41                 ` Mark Rutland
2019-10-19 11:01                   ` Torsten Duwe
2019-10-21 11:37                     ` Mark Rutland
2019-10-21 13:20                     ` Josh Poimboeuf

Live-Patching Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/live-patching/0 live-patching/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 live-patching live-patching/ https://lore.kernel.org/live-patching \
		live-patching@vger.kernel.org
	public-inbox-index live-patching

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.live-patching


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git