* Re: [GIT PULL] x86/urgent for v5.11-rc7 [not found] ` <20210208100206.3b74891e@gandalf.local.home> @ 2021-02-08 15:33 ` Josh Poimboeuf 2021-02-08 15:47 ` Peter Zijlstra 0 siblings, 1 reply; 11+ messages in thread From: Josh Poimboeuf @ 2021-02-08 15:33 UTC (permalink / raw) To: Steven Rostedt Cc: Linus Torvalds, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Mon, Feb 08, 2021 at 10:02:06AM -0500, Steven Rostedt wrote: > On Sun, 7 Feb 2021 16:45:40 -0600 > Josh Poimboeuf <jpoimboe@redhat.com> wrote: > > > > I do suspect involved people should start thinking about how they want > > > to deal with functions starting with > > > > > > endbr64 > > > call __fentry__ > > > > > > instead of the call being at the very top of the function. > > > > FWIW, objtool's already fine with it (otherwise we would have discovered > > the need to disable fcf-protection much sooner). > > And this doesn't really affect tracing (note, another user that might be > affected is live kernel patching). Good point, livepatch is indeed affected. Is there a better way to get the "call __fentry__" address for a given function? /* * Convert a function address into the appropriate ftrace location. * * Usually this is just the address of the function, but on some architectures * it's more complicated so allow them to provide a custom behaviour. */ #ifndef klp_get_ftrace_location static unsigned long klp_get_ftrace_location(unsigned long faddr) { return faddr; } #endif -- Josh ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-08 15:33 ` [GIT PULL] x86/urgent for v5.11-rc7 Josh Poimboeuf @ 2021-02-08 15:47 ` Peter Zijlstra 2021-02-08 16:15 ` Steven Rostedt 0 siblings, 1 reply; 11+ messages in thread From: Peter Zijlstra @ 2021-02-08 15:47 UTC (permalink / raw) To: Josh Poimboeuf Cc: Steven Rostedt, Linus Torvalds, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Mon, Feb 08, 2021 at 09:33:00AM -0600, Josh Poimboeuf wrote: > On Mon, Feb 08, 2021 at 10:02:06AM -0500, Steven Rostedt wrote: > > On Sun, 7 Feb 2021 16:45:40 -0600 > > Josh Poimboeuf <jpoimboe@redhat.com> wrote: > > > > > > I do suspect involved people should start thinking about how they want > > > > to deal with functions starting with > > > > > > > > endbr64 > > > > call __fentry__ > > > > > > > > instead of the call being at the very top of the function. > > > > > > FWIW, objtool's already fine with it (otherwise we would have discovered > > > the need to disable fcf-protection much sooner). > > > > And this doesn't really affect tracing (note, another user that might be > > affected is live kernel patching). > > Good point, livepatch is indeed affected. Is there a better way to get > the "call __fentry__" address for a given function? > > > /* > * Convert a function address into the appropriate ftrace location. > * > * Usually this is just the address of the function, but on some architectures > * it's more complicated so allow them to provide a custom behaviour. > */ > #ifndef klp_get_ftrace_location > static unsigned long klp_get_ftrace_location(unsigned long faddr) > { > return faddr; > } > #endif I suppose the trivial fix is to see if it points to endbr64 and if so, increment the addr by the length of that. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-08 15:47 ` Peter Zijlstra @ 2021-02-08 16:15 ` Steven Rostedt 2021-02-09 8:32 ` Miroslav Benes 0 siblings, 1 reply; 11+ messages in thread From: Steven Rostedt @ 2021-02-08 16:15 UTC (permalink / raw) To: Peter Zijlstra Cc: Josh Poimboeuf, Linus Torvalds, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Mon, 8 Feb 2021 16:47:05 +0100 Peter Zijlstra <peterz@infradead.org> wrote: > > /* > > * Convert a function address into the appropriate ftrace location. > > * > > * Usually this is just the address of the function, but on some architectures > > * it's more complicated so allow them to provide a custom behaviour. > > */ > > #ifndef klp_get_ftrace_location > > static unsigned long klp_get_ftrace_location(unsigned long faddr) > > { > > return faddr; > > } > > #endif > > I suppose the trivial fix is to see if it points to endbr64 and if so, > increment the addr by the length of that. I thought of that too. But one thing that may be possible, is to use kallsym. I believe you can get the range of a function (start and end of the function) from kallsyms. Then ask ftrace for the addr in that range (there should only be one). -- Steve ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-08 16:15 ` Steven Rostedt @ 2021-02-09 8:32 ` Miroslav Benes 2021-02-09 14:49 ` Steven Rostedt 0 siblings, 1 reply; 11+ messages in thread From: Miroslav Benes @ 2021-02-09 8:32 UTC (permalink / raw) To: Steven Rostedt Cc: Peter Zijlstra, Josh Poimboeuf, Linus Torvalds, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Mon, 8 Feb 2021, Steven Rostedt wrote: > On Mon, 8 Feb 2021 16:47:05 +0100 > Peter Zijlstra <peterz@infradead.org> wrote: > > > > /* > > > * Convert a function address into the appropriate ftrace location. > > > * > > > * Usually this is just the address of the function, but on some architectures > > > * it's more complicated so allow them to provide a custom behaviour. > > > */ > > > #ifndef klp_get_ftrace_location > > > static unsigned long klp_get_ftrace_location(unsigned long faddr) > > > { > > > return faddr; > > > } > > > #endif powerpc has this static inline unsigned long klp_get_ftrace_location(unsigned long faddr) { /* * Live patch works only with -mprofile-kernel on PPC. In this case, * the ftrace location is always within the first 16 bytes. */ return ftrace_location_range(faddr, faddr + 16); } > > I suppose the trivial fix is to see if it points to endbr64 and if so, > > increment the addr by the length of that. > > I thought of that too. But one thing that may be possible, is to use > kallsym. I believe you can get the range of a function (start and end of > the function) from kallsyms. Then ask ftrace for the addr in that range > (there should only be one). And we can do this if a hard-coded value live above is not welcome. If I remember correctly, we used to have exactly this in the old versions of kGraft. We walked through all ftrace records, called kallsyms_lookup_size_offset() on every record's ip and if the offset+ip matched faddr (in this case), we returned the ip. Miroslav ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-09 8:32 ` Miroslav Benes @ 2021-02-09 14:49 ` Steven Rostedt 2021-02-09 15:16 ` Miroslav Benes 2021-02-09 16:45 ` Alexei Starovoitov 0 siblings, 2 replies; 11+ messages in thread From: Steven Rostedt @ 2021-02-09 14:49 UTC (permalink / raw) To: Miroslav Benes Cc: Peter Zijlstra, Josh Poimboeuf, Linus Torvalds, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Tue, 9 Feb 2021 09:32:34 +0100 (CET) Miroslav Benes <mbenes@suse.cz> wrote: > powerpc has this > > static inline unsigned long klp_get_ftrace_location(unsigned long faddr) > { > /* > * Live patch works only with -mprofile-kernel on PPC. In this case, > * the ftrace location is always within the first 16 bytes. > */ > return ftrace_location_range(faddr, faddr + 16); > } > > > > I suppose the trivial fix is to see if it points to endbr64 and if so, > > > increment the addr by the length of that. > > > > I thought of that too. But one thing that may be possible, is to use > > kallsym. I believe you can get the range of a function (start and end of > > the function) from kallsyms. Then ask ftrace for the addr in that range > > (there should only be one). > > And we can do this if a hard-coded value live above is not welcome. If I > remember correctly, we used to have exactly this in the old versions of > kGraft. We walked through all ftrace records, called > kallsyms_lookup_size_offset() on every record's ip and if the offset+ip > matched faddr (in this case), we returned the ip. Either way is fine. Question is, should we just wait till CET is implemented for the kernel before making any of these changes? Just knowing that we have a solution to handle it may be good enough for now. -- Steve ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-09 14:49 ` Steven Rostedt @ 2021-02-09 15:16 ` Miroslav Benes 2021-02-09 16:45 ` Alexei Starovoitov 1 sibling, 0 replies; 11+ messages in thread From: Miroslav Benes @ 2021-02-09 15:16 UTC (permalink / raw) To: Steven Rostedt Cc: Peter Zijlstra, Josh Poimboeuf, Linus Torvalds, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Tue, 9 Feb 2021, Steven Rostedt wrote: > On Tue, 9 Feb 2021 09:32:34 +0100 (CET) > Miroslav Benes <mbenes@suse.cz> wrote: > > > powerpc has this > > > > static inline unsigned long klp_get_ftrace_location(unsigned long faddr) > > { > > /* > > * Live patch works only with -mprofile-kernel on PPC. In this case, > > * the ftrace location is always within the first 16 bytes. > > */ > > return ftrace_location_range(faddr, faddr + 16); > > } > > > > > > I suppose the trivial fix is to see if it points to endbr64 and if so, > > > > increment the addr by the length of that. > > > > > > I thought of that too. But one thing that may be possible, is to use > > > kallsym. I believe you can get the range of a function (start and end of > > > the function) from kallsyms. Then ask ftrace for the addr in that range > > > (there should only be one). > > > > And we can do this if a hard-coded value live above is not welcome. If I > > remember correctly, we used to have exactly this in the old versions of > > kGraft. We walked through all ftrace records, called > > kallsyms_lookup_size_offset() on every record's ip and if the offset+ip > > matched faddr (in this case), we returned the ip. > > Either way is fine. Question is, should we just wait till CET is > implemented for the kernel before making any of these changes? Just knowing > that we have a solution to handle it may be good enough for now. I'd prefer it to be a part of CET enablement patch set. Miroslav ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-09 14:49 ` Steven Rostedt 2021-02-09 15:16 ` Miroslav Benes @ 2021-02-09 16:45 ` Alexei Starovoitov 2021-02-09 16:55 ` Andy Lutomirski 1 sibling, 1 reply; 11+ messages in thread From: Alexei Starovoitov @ 2021-02-09 16:45 UTC (permalink / raw) To: Steven Rostedt Cc: Miroslav Benes, Peter Zijlstra, Josh Poimboeuf, Linus Torvalds, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Tue, Feb 9, 2021 at 6:49 AM Steven Rostedt <rostedt@goodmis.org> wrote: > > On Tue, 9 Feb 2021 09:32:34 +0100 (CET) > Miroslav Benes <mbenes@suse.cz> wrote: > > > powerpc has this > > > > static inline unsigned long klp_get_ftrace_location(unsigned long faddr) > > { > > /* > > * Live patch works only with -mprofile-kernel on PPC. In this case, > > * the ftrace location is always within the first 16 bytes. > > */ > > return ftrace_location_range(faddr, faddr + 16); > > } > > > > > > I suppose the trivial fix is to see if it points to endbr64 and if so, > > > > increment the addr by the length of that. > > > > > > I thought of that too. But one thing that may be possible, is to use > > > kallsym. I believe you can get the range of a function (start and end of > > > the function) from kallsyms. Then ask ftrace for the addr in that range > > > (there should only be one). > > > > And we can do this if a hard-coded value live above is not welcome. If I > > remember correctly, we used to have exactly this in the old versions of > > kGraft. We walked through all ftrace records, called > > kallsyms_lookup_size_offset() on every record's ip and if the offset+ip > > matched faddr (in this case), we returned the ip. > > Either way is fine. Question is, should we just wait till CET is > implemented for the kernel before making any of these changes? Just knowing > that we have a solution to handle it may be good enough for now. I think the issue is more fundamental than what appears on the surface. According to endbr64 documentation it's not just any instruction. The cpu will wait for it and if it's replaced with int3 or not seen at the branch target the cpu will throw an exception. If I understood the doc correctly it means that endbr64 can never be replaced with a breakpoint. If that's the case text_poke_bp and kprobe need to do extra safety checks. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-09 16:45 ` Alexei Starovoitov @ 2021-02-09 16:55 ` Andy Lutomirski 2021-02-09 18:09 ` Linus Torvalds 0 siblings, 1 reply; 11+ messages in thread From: Andy Lutomirski @ 2021-02-09 16:55 UTC (permalink / raw) To: Alexei Starovoitov Cc: Steven Rostedt, Miroslav Benes, Peter Zijlstra, Josh Poimboeuf, Linus Torvalds, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching > On Feb 9, 2021, at 8:45 AM, Alexei Starovoitov <alexei.starovoitov@gmail.com> wrote: > > On Tue, Feb 9, 2021 at 6:49 AM Steven Rostedt <rostedt@goodmis.org> wrote: >> >>> On Tue, 9 Feb 2021 09:32:34 +0100 (CET) >>> Miroslav Benes <mbenes@suse.cz> wrote: >>> >>> powerpc has this >>> >>> static inline unsigned long klp_get_ftrace_location(unsigned long faddr) >>> { >>> /* >>> * Live patch works only with -mprofile-kernel on PPC. In this case, >>> * the ftrace location is always within the first 16 bytes. >>> */ >>> return ftrace_location_range(faddr, faddr + 16); >>> } >>> >>>>> I suppose the trivial fix is to see if it points to endbr64 and if so, >>>>> increment the addr by the length of that. >>>> >>>> I thought of that too. But one thing that may be possible, is to use >>>> kallsym. I believe you can get the range of a function (start and end of >>>> the function) from kallsyms. Then ask ftrace for the addr in that range >>>> (there should only be one). >>> >>> And we can do this if a hard-coded value live above is not welcome. If I >>> remember correctly, we used to have exactly this in the old versions of >>> kGraft. We walked through all ftrace records, called >>> kallsyms_lookup_size_offset() on every record's ip and if the offset+ip >>> matched faddr (in this case), we returned the ip. >> >> Either way is fine. Question is, should we just wait till CET is >> implemented for the kernel before making any of these changes? Just knowing >> that we have a solution to handle it may be good enough for now. > > I think the issue is more fundamental than what appears on the surface. > According to endbr64 documentation it's not just any instruction. > The cpu will wait for it and if it's replaced with int3 or not seen at > the branch target the cpu will throw an exception. > If I understood the doc correctly it means that endbr64 can never be > replaced with a breakpoint. If that's the case text_poke_bp and kprobe > need to do extra safety checks. Ugh. Or we hack up #CP to handle this case. I don’t quite know how I feel about this. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-09 16:55 ` Andy Lutomirski @ 2021-02-09 18:09 ` Linus Torvalds 2021-02-09 18:26 ` Andy Lutomirski 0 siblings, 1 reply; 11+ messages in thread From: Linus Torvalds @ 2021-02-09 18:09 UTC (permalink / raw) To: Andy Lutomirski Cc: Alexei Starovoitov, Steven Rostedt, Miroslav Benes, Peter Zijlstra, Josh Poimboeuf, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Tue, Feb 9, 2021 at 8:55 AM Andy Lutomirski <luto@amacapital.net> wrote: > > Or we hack up #CP to handle this case. I don’t quite know how I feel about this. I think that's the sane model - if we've replaced the instruction with 'int3', and we end up getting #CP due to that, just do the #BP handling. Anything else would just be insanely complicated, I feel. Linus ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-09 18:09 ` Linus Torvalds @ 2021-02-09 18:26 ` Andy Lutomirski 2021-02-09 18:39 ` Linus Torvalds 0 siblings, 1 reply; 11+ messages in thread From: Andy Lutomirski @ 2021-02-09 18:26 UTC (permalink / raw) To: Linus Torvalds Cc: Alexei Starovoitov, Steven Rostedt, Miroslav Benes, Peter Zijlstra, Josh Poimboeuf, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching > On Feb 9, 2021, at 10:09 AM, Linus Torvalds <torvalds@linux-foundation.org> wrote: > > On Tue, Feb 9, 2021 at 8:55 AM Andy Lutomirski <luto@amacapital.net> wrote: >> >> Or we hack up #CP to handle this case. I don’t quite know how I feel about this. > > I think that's the sane model - if we've replaced the instruction with > 'int3', and we end up getting #CP due to that, just do the #BP > handling. > > Anything else would just be insanely complicated, I feel. The other model is “don’t do that then.” I suppose a nice property of patching ENDBR to INT3 is that, not only is it atomic, but ENDBR is sort of a NOP, so we don’t need to replace the ENDBR with anything. > > Linus ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [GIT PULL] x86/urgent for v5.11-rc7 2021-02-09 18:26 ` Andy Lutomirski @ 2021-02-09 18:39 ` Linus Torvalds 0 siblings, 0 replies; 11+ messages in thread From: Linus Torvalds @ 2021-02-09 18:39 UTC (permalink / raw) To: Andy Lutomirski Cc: Alexei Starovoitov, Steven Rostedt, Miroslav Benes, Peter Zijlstra, Josh Poimboeuf, Borislav Petkov, Dave Hansen, x86-ml, lkml, Alexei Starovoitov, live-patching On Tue, Feb 9, 2021 at 10:26 AM Andy Lutomirski <luto@amacapital.net> wrote: > > > > Anything else would just be insanely complicated, I feel. > > The other model is “don’t do that then.” Hmm. I guess all the code that does int3 patching could just be taught to always go to the next instruction instead. I don't think advancing the rewriting is an option for the asm alternative() logic or the static call infrastructure, but those should never be about endbr anyway, so presumably that's not an issue. So if it ends up being _only_ about kprobes, then the "don't do that then" might work fine. Linus ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2021-02-09 19:01 UTC | newest] Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <20210207104022.GA32127@zn.tnic> [not found] ` <CAHk-=widXSyJ8W3vRrqO-zNP12A+odxg2J2_-oOUskz33wtfqA@mail.gmail.com> [not found] ` <20210207175814.GF32127@zn.tnic> [not found] ` <CAHk-=wi5z9S7x94SKYNj6qSHBqz+OD76GW=MDzo-KN2Fzm-V4Q@mail.gmail.com> [not found] ` <20210207224540.ercf5657pftibyaw@treble> [not found] ` <20210208100206.3b74891e@gandalf.local.home> 2021-02-08 15:33 ` [GIT PULL] x86/urgent for v5.11-rc7 Josh Poimboeuf 2021-02-08 15:47 ` Peter Zijlstra 2021-02-08 16:15 ` Steven Rostedt 2021-02-09 8:32 ` Miroslav Benes 2021-02-09 14:49 ` Steven Rostedt 2021-02-09 15:16 ` Miroslav Benes 2021-02-09 16:45 ` Alexei Starovoitov 2021-02-09 16:55 ` Andy Lutomirski 2021-02-09 18:09 ` Linus Torvalds 2021-02-09 18:26 ` Andy Lutomirski 2021-02-09 18:39 ` Linus Torvalds
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).