From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.9 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED, USER_AGENT_NEOMUTT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BB939C04AAD for ; Tue, 7 May 2019 17:53:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 9BEA02054F for ; Tue, 7 May 2019 17:53:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727543AbfEGRxx (ORCPT ); Tue, 7 May 2019 13:53:53 -0400 Received: from mx1.redhat.com ([209.132.183.28]:34000 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726452AbfEGRxw (ORCPT ); Tue, 7 May 2019 13:53:52 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 38B66301EA86; Tue, 7 May 2019 17:53:51 +0000 (UTC) Received: from treble (ovpn-123-166.rdu2.redhat.com [10.10.123.166]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3CEB2600D4; Tue, 7 May 2019 17:53:45 +0000 (UTC) Date: Tue, 7 May 2019 12:53:42 -0500 From: Josh Poimboeuf To: Steven Rostedt Cc: linux-kernel@vger.kernel.org, Linus Torvalds , Peter Zijlstra , Andy Lutomirski , Ingo Molnar , Andrew Morton , Andy Lutomirski , Nicolai Stange , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , the arch/x86 maintainers , Jiri Kosina , Miroslav Benes , Petr Mladek , Joe Lawrence , Shuah Khan , Konrad Rzeszutek Wilk , Tim Chen , Sebastian Andrzej Siewior , Mimi Zohar , Juergen Gross , Nick Desaulniers , Nayna Jain , Masahiro Yamada , Joerg Roedel , "open list:KERNEL SELFTEST FRAMEWORK" , stable , Masami Hiramatsu Subject: Re: [RFC][PATCH 2/3] x86_64: Allow breakpoints to emulate call functions Message-ID: <20190507175342.fskdj2qidpao65qi@treble> References: <20190507174227.673261270@goodmis.org> <20190507174400.219947724@goodmis.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20190507174400.219947724@goodmis.org> User-Agent: NeoMutt/20180716 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Tue, 07 May 2019 17:53:51 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 07, 2019 at 01:42:29PM -0400, Steven Rostedt wrote: > From: Peter Zijlstra > > In order to allow breakpoints to emulate call functions, they need to push > the return address onto the stack. But because the breakpoint exception > frame is added to the stack when the breakpoint is hit, there's no room to > add the address onto the stack and return to the address of the emulated > called funtion. > > To handle this, copy the exception frame on entry of the breakpoint handler > and have leave a gap that can be used to add a return address to the stack > frame and return from the breakpoint to the emulated called function, > allowing for that called function to return back to the location after the > breakpoint was placed. This part is done by patch 1. > > The helper functions were also added: No longer "also" :-) > int3_emulate_push(): to push the address onto the gap in the stack > int3_emulate_jmp(): changes the location of the regs->ip to return there. > int3_emulate_call(): push the return address and change regs->ip > > Cc: Andy Lutomirski > Cc: Nicolai Stange > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: Borislav Petkov > Cc: "H. Peter Anvin" > Cc: the arch/x86 maintainers > Cc: Josh Poimboeuf > Cc: Jiri Kosina > Cc: Miroslav Benes > Cc: Petr Mladek > Cc: Joe Lawrence > Cc: Shuah Khan > Cc: Konrad Rzeszutek Wilk > Cc: Tim Chen > Cc: Sebastian Andrzej Siewior > Cc: Mimi Zohar > Cc: Juergen Gross > Cc: Nick Desaulniers > Cc: Nayna Jain > Cc: Masahiro Yamada > Cc: Joerg Roedel > Cc: "open list:KERNEL SELFTEST FRAMEWORK" > Cc: stable@vger.kernel.org > Fixes: b700e7f03df5 ("livepatch: kernel: add support for live patching") > Signed-off-by: Peter Zijlstra (Intel) > [ Modified to only work for x86_64 ] > Signed-off-by: Steven Rostedt (VMware) > --- > arch/x86/include/asm/text-patching.h | 22 ++++++++++++++++++++++ > 1 file changed, 22 insertions(+) > > diff --git a/arch/x86/include/asm/text-patching.h b/arch/x86/include/asm/text-patching.h > index e85ff65c43c3..455bf9f88233 100644 > --- a/arch/x86/include/asm/text-patching.h > +++ b/arch/x86/include/asm/text-patching.h > @@ -39,4 +39,26 @@ extern int poke_int3_handler(struct pt_regs *regs); > extern void *text_poke_bp(void *addr, const void *opcode, size_t len, void *handler); > extern int after_bootmem; > > +static inline void int3_emulate_jmp(struct pt_regs *regs, unsigned long ip) > +{ > + regs->ip = ip; > +} > + > +#define INT3_INSN_SIZE 1 > +#define CALL_INSN_SIZE 5 > + > +#ifdef CONFIG_X86_64 > +static inline void int3_emulate_push(struct pt_regs *regs, unsigned long val) > +{ > + regs->sp -= sizeof(unsigned long); > + *(unsigned long *)regs->sp = val; > +} How this works isn't really obvious. A comment is probably warranted to explain the fact that the int3 entry code reserved some space on the stack. -- Josh