From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752788AbbFGSiE (ORCPT ); Sun, 7 Jun 2015 14:38:04 -0400 Received: from mga09.intel.com ([134.134.136.24]:15833 "EHLO mga09.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751435AbbFGSgu (ORCPT ); Sun, 7 Jun 2015 14:36:50 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.13,569,1427785200"; d="scan'208";a="722695939" Subject: [PATCH 09/19] x86, mpx: trace entry to bounds exception paths To: linux-kernel@vger.kernel.org Cc: x86@kernel.org, tglx@linutronix.de, Dave Hansen , dave.hansen@linux.intel.com From: Dave Hansen Date: Sun, 07 Jun 2015 11:37:03 -0700 References: <20150607183700.7E78D631@viggo.jf.intel.com> In-Reply-To: <20150607183700.7E78D631@viggo.jf.intel.com> Message-Id: <20150607183703.027BB9B0@viggo.jf.intel.com> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Dave Hansen There are two basic things that can happen as the result of a bounds exception (#BR): 1. We allocate a new bounds table 2. We pass up a bounds exception to userspace. This patch adds a trace point for the case where we are passing the exception up to userspace with a signal. We are also explicit that we're printing out the inverse of the 'upper' that we encounter. If you want to filter, for instance, you need to ~ the value first. The reason we do this is because of how 'upper' is stored in the bounds table. If a pointer's range is: 0x1000 -> 0x2000 it is stored in the bounds table as (32-bits here for brevity): lower: 0x00001000 upper: 0xffffdfff That is so that an all 0's entry: lower: 0x00000000 upper: 0x00000000 corresponds to the "init" bounds which store a *range* of: 0x00000000 -> 0xffffffff That is, by far, the common case, and that lets us use the zero page, or deduplicate the memory, etc... The 'upper' stored in the table is gibberish to print by itself, so we print ~upper to get the *actual*, logical, human-readable value printed out. Signed-off-by: Dave Hansen Reviewed-by: Thomas Gleixner --- b/arch/x86/include/asm/trace/mpx.h | 34 ++++++++++++++++++++++++++++++++++ b/arch/x86/mm/mpx.c | 1 + 2 files changed, 35 insertions(+) diff -puN arch/x86/include/asm/trace/mpx.h~x86-mpx-trace-1 arch/x86/include/asm/trace/mpx.h --- a/arch/x86/include/asm/trace/mpx.h~x86-mpx-trace-1 2015-06-01 10:24:06.504833616 -0700 +++ b/arch/x86/include/asm/trace/mpx.h 2015-06-01 10:24:06.509833841 -0700 @@ -8,6 +8,40 @@ #ifdef CONFIG_X86_INTEL_MPX +TRACE_EVENT(mpx_bounds_register_exception, + + TP_PROTO(void *addr_referenced, + const struct bndreg *bndreg), + TP_ARGS(addr_referenced, bndreg), + + TP_STRUCT__entry( + __field(void *, addr_referenced) + __field(u64, lower_bound) + __field(u64, upper_bound) + ), + + TP_fast_assign( + __entry->addr_referenced = addr_referenced; + __entry->lower_bound = bndreg->lower_bound; + __entry->upper_bound = bndreg->upper_bound; + ), + /* + * Note that we are printing out the '~' of the upper + * bounds register here. It is actually stored in its + * one's complement form so that its 'init' state + * corresponds to all 0's. But, that looks like + * gibberish when printed out, so print out the 1's + * complement instead of the actual value here. Note + * though that you still need to specify filters for the + * actual value, not the displayed one. + */ + TP_printk("address referenced: 0x%p bounds: lower: 0x%llx ~upper: 0x%llx", + __entry->addr_referenced, + __entry->lower_bound, + ~__entry->upper_bound + ) +); + TRACE_EVENT(bounds_exception_mpx, TP_PROTO(const struct bndcsr *bndcsr), diff -puN arch/x86/mm/mpx.c~x86-mpx-trace-1 arch/x86/mm/mpx.c --- a/arch/x86/mm/mpx.c~x86-mpx-trace-1 2015-06-01 10:24:06.506833706 -0700 +++ b/arch/x86/mm/mpx.c 2015-06-01 10:24:06.510833886 -0700 @@ -335,6 +335,7 @@ siginfo_t *mpx_generate_siginfo(struct p err = -EINVAL; goto err_out; } + trace_mpx_bounds_register_exception(info->si_addr, bndreg); return info; err_out: /* info might be NULL, but kfree() handles that */ _