From: Andy Lutomirski <luto@amacapital.net>
To: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Cc: Steven Rostedt <rostedt@goodmis.org>,
Miroslav Benes <mbenes@suse.cz>,
Peter Zijlstra <peterz@infradead.org>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Borislav Petkov <bp@suse.de>, Dave Hansen <dave.hansen@intel.com>,
x86-ml <x86@kernel.org>, lkml <linux-kernel@vger.kernel.org>,
Alexei Starovoitov <ast@kernel.org>,
live-patching@vger.kernel.org
Subject: Re: [GIT PULL] x86/urgent for v5.11-rc7
Date: Tue, 9 Feb 2021 08:55:51 -0800 [thread overview]
Message-ID: <73175691-4AE1-496D-80D1-DC85AE1E9C27@amacapital.net> (raw)
In-Reply-To: <CAADnVQK-qdE6mHUogeaQo9Av_58cLptosmfUVmdMzW7gJn5UVw@mail.gmail.com>
> On Feb 9, 2021, at 8:45 AM, Alexei Starovoitov <alexei.starovoitov@gmail.com> wrote:
>
> On Tue, Feb 9, 2021 at 6:49 AM Steven Rostedt <rostedt@goodmis.org> wrote:
>>
>>> On Tue, 9 Feb 2021 09:32:34 +0100 (CET)
>>> Miroslav Benes <mbenes@suse.cz> wrote:
>>>
>>> powerpc has this
>>>
>>> static inline unsigned long klp_get_ftrace_location(unsigned long faddr)
>>> {
>>> /*
>>> * Live patch works only with -mprofile-kernel on PPC. In this case,
>>> * the ftrace location is always within the first 16 bytes.
>>> */
>>> return ftrace_location_range(faddr, faddr + 16);
>>> }
>>>
>>>>> I suppose the trivial fix is to see if it points to endbr64 and if so,
>>>>> increment the addr by the length of that.
>>>>
>>>> I thought of that too. But one thing that may be possible, is to use
>>>> kallsym. I believe you can get the range of a function (start and end of
>>>> the function) from kallsyms. Then ask ftrace for the addr in that range
>>>> (there should only be one).
>>>
>>> And we can do this if a hard-coded value live above is not welcome. If I
>>> remember correctly, we used to have exactly this in the old versions of
>>> kGraft. We walked through all ftrace records, called
>>> kallsyms_lookup_size_offset() on every record's ip and if the offset+ip
>>> matched faddr (in this case), we returned the ip.
>>
>> Either way is fine. Question is, should we just wait till CET is
>> implemented for the kernel before making any of these changes? Just knowing
>> that we have a solution to handle it may be good enough for now.
>
> I think the issue is more fundamental than what appears on the surface.
> According to endbr64 documentation it's not just any instruction.
> The cpu will wait for it and if it's replaced with int3 or not seen at
> the branch target the cpu will throw an exception.
> If I understood the doc correctly it means that endbr64 can never be
> replaced with a breakpoint. If that's the case text_poke_bp and kprobe
> need to do extra safety checks.
Ugh.
Or we hack up #CP to handle this case. I don’t quite know how I feel about this.
next prev parent reply other threads:[~2021-02-09 16:56 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20210207104022.GA32127@zn.tnic>
[not found] ` <CAHk-=widXSyJ8W3vRrqO-zNP12A+odxg2J2_-oOUskz33wtfqA@mail.gmail.com>
[not found] ` <20210207175814.GF32127@zn.tnic>
[not found] ` <CAHk-=wi5z9S7x94SKYNj6qSHBqz+OD76GW=MDzo-KN2Fzm-V4Q@mail.gmail.com>
[not found] ` <20210207224540.ercf5657pftibyaw@treble>
[not found] ` <20210208100206.3b74891e@gandalf.local.home>
2021-02-08 15:33 ` [GIT PULL] x86/urgent for v5.11-rc7 Josh Poimboeuf
2021-02-08 15:47 ` Peter Zijlstra
2021-02-08 16:15 ` Steven Rostedt
2021-02-09 8:32 ` Miroslav Benes
2021-02-09 14:49 ` Steven Rostedt
2021-02-09 15:16 ` Miroslav Benes
2021-02-09 16:45 ` Alexei Starovoitov
2021-02-09 16:55 ` Andy Lutomirski [this message]
2021-02-09 18:09 ` Linus Torvalds
2021-02-09 18:26 ` Andy Lutomirski
2021-02-09 18:39 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=73175691-4AE1-496D-80D1-DC85AE1E9C27@amacapital.net \
--to=luto@amacapital.net \
--cc=alexei.starovoitov@gmail.com \
--cc=ast@kernel.org \
--cc=bp@suse.de \
--cc=dave.hansen@intel.com \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=mbenes@suse.cz \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).