From: Mark Rutland <mark.rutland@arm.com>
To: madvenka@linux.microsoft.com
Cc: broonie@kernel.org, jpoimboe@redhat.com, ardb@kernel.org,
nobuta.keiya@fujitsu.com, sjitindarsingh@gmail.com,
catalin.marinas@arm.com, will@kernel.org, jmorris@namei.org,
linux-arm-kernel@lists.infradead.org,
live-patching@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v10 08/11] arm64: Rename unwinder functions, prevent them from being traced and kprobed
Date: Wed, 27 Oct 2021 18:53:25 +0100 [thread overview]
Message-ID: <20211027175325.GC58503@C02TD0UTHF1T.local> (raw)
In-Reply-To: <20211015025847.17694-9-madvenka@linux.microsoft.com>
On Thu, Oct 14, 2021 at 09:58:44PM -0500, madvenka@linux.microsoft.com wrote:
> From: "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com>
>
> Rename unwinder functions for consistency and better naming.
>
> - Rename start_backtrace() to unwind_start().
> - Rename unwind_frame() to unwind_next().
> - Rename walk_stackframe() to unwind().
This looks good to me.
Could we split this from the krpbes/tracing changes? I think this stands
on it's own, and (as below) the kprobes/tracing changes need some more
explanation, and would make sense as a separate patch.
> Prevent the following unwinder functions from being traced:
>
> - unwind_start()
> - unwind_next()
>
> unwind() is already prevented from being traced.
This could do with an explanation in the commis message as to why we
need to do this. If this is fixing a latent issue, it should be in a
preparatory patch that we can backport.
I dug into this a bit, and from taking a look, we prohibited ftrace in commit:
0c32706dac1b0a72 ("arm64: stacktrace: avoid tracing arch_stack_walk()")
... which is just one special case of graph return stack unbalancing,
and should be addressed by using HAVE_FUNCTION_GRAPH_RET_ADDR_PTR, so
with the patch making us use HAVE_FUNCTION_GRAPH_RET_ADDR_PTR, that's
no longer necessary.
So we no longer seem to have a specific reason to prohibit ftrace
here.
> Prevent the following unwinder functions from being kprobed:
>
> - unwind_start()
>
> unwind_next() and unwind() are already prevented from being kprobed.
Likewise, I think this needs some explanation. From diggin, we
prohibited kprobes in commit:
ee07b93e7721ccd5 ("arm64: unwind: Prohibit probing on return_address()")
... and the commit message says we need to do this because this is
(transitively) called by trace_hardirqs_off(), which is kprobes
blacklisted, but doesn't explain the actual problem this results in.
AFAICT x86 directly uses __builtin_return_address() here, but that won't
recover rewritten addresses, which seems like a bug (or at least a
limitation) on x86, assuming I've read that correctly.
Thanks,
Mark.
> Signed-off-by: Madhavan T. Venkataraman <madvenka@linux.microsoft.com>
> ---
> arch/arm64/kernel/stacktrace.c | 34 +++++++++++++++++++---------------
> 1 file changed, 19 insertions(+), 15 deletions(-)
>
> diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c
> index 7d32cee9ef4b..f4f3575f71fd 100644
> --- a/arch/arm64/kernel/stacktrace.c
> +++ b/arch/arm64/kernel/stacktrace.c
> @@ -33,8 +33,8 @@
> */
>
>
> -static void start_backtrace(struct stackframe *frame, unsigned long fp,
> - unsigned long pc)
> +static void notrace unwind_start(struct stackframe *frame, unsigned long fp,
> + unsigned long pc)
> {
> frame->fp = fp;
> frame->pc = pc;
> @@ -45,7 +45,7 @@ static void start_backtrace(struct stackframe *frame, unsigned long fp,
> /*
> * Prime the first unwind.
> *
> - * In unwind_frame() we'll check that the FP points to a valid stack,
> + * In unwind_next() we'll check that the FP points to a valid stack,
> * which can't be STACK_TYPE_UNKNOWN, and the first unwind will be
> * treated as a transition to whichever stack that happens to be. The
> * prev_fp value won't be used, but we set it to 0 such that it is
> @@ -56,6 +56,8 @@ static void start_backtrace(struct stackframe *frame, unsigned long fp,
> frame->prev_type = STACK_TYPE_UNKNOWN;
> }
>
> +NOKPROBE_SYMBOL(unwind_start);
> +
> /*
> * Unwind from one frame record (A) to the next frame record (B).
> *
> @@ -63,8 +65,8 @@ static void start_backtrace(struct stackframe *frame, unsigned long fp,
> * records (e.g. a cycle), determined based on the location and fp value of A
> * and the location (but not the fp value) of B.
> */
> -static int notrace unwind_frame(struct task_struct *tsk,
> - struct stackframe *frame)
> +static int notrace unwind_next(struct task_struct *tsk,
> + struct stackframe *frame)
> {
> unsigned long fp = frame->fp;
> struct stack_info info;
> @@ -104,7 +106,7 @@ static int notrace unwind_frame(struct task_struct *tsk,
>
> /*
> * Record this frame record's values and location. The prev_fp and
> - * prev_type are only meaningful to the next unwind_frame() invocation.
> + * prev_type are only meaningful to the next unwind_next() invocation.
> */
> frame->fp = READ_ONCE_NOCHECK(*(unsigned long *)(fp));
> frame->pc = READ_ONCE_NOCHECK(*(unsigned long *)(fp + 8));
> @@ -132,28 +134,30 @@ static int notrace unwind_frame(struct task_struct *tsk,
>
> return 0;
> }
> -NOKPROBE_SYMBOL(unwind_frame);
>
> -static void notrace walk_stackframe(struct task_struct *tsk,
> - unsigned long fp, unsigned long pc,
> - bool (*fn)(void *, unsigned long),
> - void *data)
> +NOKPROBE_SYMBOL(unwind_next);
> +
> +static void notrace unwind(struct task_struct *tsk,
> + unsigned long fp, unsigned long pc,
> + bool (*fn)(void *, unsigned long),
> + void *data)
> {
> struct stackframe frame;
>
> - start_backtrace(&frame, fp, pc);
> + unwind_start(&frame, fp, pc);
>
> while (1) {
> int ret;
>
> if (!fn(data, frame.pc))
> break;
> - ret = unwind_frame(tsk, &frame);
> + ret = unwind_next(tsk, &frame);
> if (ret < 0)
> break;
> }
> }
> -NOKPROBE_SYMBOL(walk_stackframe);
> +
> +NOKPROBE_SYMBOL(unwind);
>
> static bool dump_backtrace_entry(void *arg, unsigned long where)
> {
> @@ -208,7 +212,7 @@ noinline notrace void arch_stack_walk(stack_trace_consume_fn consume_entry,
> fp = thread_saved_fp(task);
> pc = thread_saved_pc(task);
> }
> - walk_stackframe(task, fp, pc, consume_entry, cookie);
> + unwind(task, fp, pc, consume_entry, cookie);
>
> }
>
> --
> 2.25.1
>
next prev parent reply other threads:[~2021-10-27 17:53 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <c05ce30dcc9be1bd6b5e24a2ca8fe1d66246980b>
2021-10-15 2:34 ` [PATCH v9 00/11] arm64: Reorganize the unwinder and implement stack trace reliability checks madvenka
2021-10-15 2:34 ` [PATCH v9 01/11] arm64: Select STACKTRACE in arch/arm64/Kconfig madvenka
2021-10-15 2:34 ` [PATCH v9 10/11] arm64: Introduce stack trace reliability checks in the unwinder madvenka
2021-10-15 2:34 ` [PATCH v9 11/11] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka
2021-10-15 2:34 ` [PATCH v9 02/11] arm64: Make perf_callchain_kernel() use arch_stack_walk() madvenka
2021-10-15 2:34 ` [PATCH v9 03/11] arm64: Make get_wchan() " madvenka
2021-10-15 2:34 ` [PATCH v9 04/11] arm64: Make return_address() " madvenka
2021-10-15 2:34 ` [PATCH v9 05/11] arm64: Make dump_stacktrace() " madvenka
2021-10-15 2:34 ` [PATCH v9 06/11] arm64: Make profile_pc() " madvenka
2021-10-15 2:34 ` [PATCH v9 07/11] arm64: Call stack_backtrace() only from within walk_stackframe() madvenka
2021-10-15 2:34 ` [PATCH v9 08/11] arm64: Rename unwinder functions, prevent them from being traced and kprobed madvenka
2021-10-15 2:34 ` [PATCH v9 09/11] arm64: Make the unwind loop in unwind() similar to other architectures madvenka
2021-10-15 2:53 ` [PATCH v9 00/11] arm64: Reorganize the unwinder and implement stack trace reliability checks Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 " madvenka
2021-10-15 2:58 ` [PATCH v10 01/11] arm64: Select STACKTRACE in arch/arm64/Kconfig madvenka
2021-10-15 18:28 ` Mark Brown
2021-10-21 12:28 ` Madhavan T. Venkataraman
2021-10-22 18:02 ` Mark Rutland
2021-11-12 17:44 ` Mark Rutland
2021-11-14 16:15 ` Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 02/11] arm64: Make perf_callchain_kernel() use arch_stack_walk() madvenka
2021-10-20 14:59 ` Mark Brown
2021-10-21 12:28 ` Madhavan T. Venkataraman
2021-10-22 18:11 ` Mark Rutland
2021-10-23 12:49 ` Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 03/11] arm64: Make get_wchan() " madvenka
2021-10-20 16:10 ` Mark Brown
2021-10-21 12:30 ` Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 04/11] arm64: Make return_address() " madvenka
2021-10-20 15:03 ` Mark Brown
2021-10-21 12:29 ` Madhavan T. Venkataraman
2021-10-22 18:51 ` Mark Rutland
2021-10-23 12:51 ` Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 05/11] arm64: Make dump_stacktrace() " madvenka
2021-10-25 16:49 ` Mark Rutland
2021-10-26 12:05 ` Mark Rutland
2021-10-27 16:09 ` Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 06/11] arm64: Make profile_pc() " madvenka
2021-10-25 2:18 ` nobuta.keiya
2021-10-27 16:10 ` Madhavan T. Venkataraman
2021-10-27 13:32 ` Mark Rutland
2021-10-27 16:15 ` Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 07/11] arm64: Call stack_backtrace() only from within walk_stackframe() madvenka
2021-10-15 2:58 ` [PATCH v10 08/11] arm64: Rename unwinder functions, prevent them from being traced and kprobed madvenka
2021-10-27 17:53 ` Mark Rutland [this message]
2021-10-27 20:07 ` Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 09/11] arm64: Make the unwind loop in unwind() similar to other architectures madvenka
2021-10-15 2:58 ` [PATCH v10 10/11] arm64: Introduce stack trace reliability checks in the unwinder madvenka
2021-11-04 12:39 ` nobuta.keiya
2021-11-10 3:13 ` Madhavan T. Venkataraman
2021-10-15 2:58 ` [PATCH v10 11/11] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka
2021-10-15 17:00 ` [PATCH v10 00/11] arm64: Reorganize the unwinder and implement stack trace reliability checks Madhavan T. Venkataraman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211027175325.GC58503@C02TD0UTHF1T.local \
--to=mark.rutland@arm.com \
--cc=ardb@kernel.org \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=jmorris@namei.org \
--cc=jpoimboe@redhat.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=madvenka@linux.microsoft.com \
--cc=nobuta.keiya@fujitsu.com \
--cc=sjitindarsingh@gmail.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).