linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH -tip v7 00/13] kprobes: Fix stacktrace with kretprobes on x86
@ 2021-05-27  6:39 Masami Hiramatsu
  2021-05-27  6:39 ` [PATCH -tip v7 01/13] ia64: kprobes: Fix to pass correct trampoline address to the handler Masami Hiramatsu
                   ` (14 more replies)
  0 siblings, 15 replies; 33+ messages in thread
From: Masami Hiramatsu @ 2021-05-27  6:39 UTC (permalink / raw)
  To: Steven Rostedt, Ingo Molnar
  Cc: X86 ML, Masami Hiramatsu, Daniel Xu, linux-kernel, bpf, kuba,
	mingo, ast, tglx, kernel-team, yhs, Josh Poimboeuf, linux-ia64,
	Abhishek Sagar, Andrii Nakryiko

Hello,

Here is the 7th version of the series to fix the stacktrace with kretprobe on x86.

The previous version is;

 https://lore.kernel.org/bpf/162201612941.278331.5293566981784464165.stgit@devnote2/

This version is adding Tested-by from Andrii and do minor cleanups to solve some
warnings from kernel test bots.

Changes from v6:
For x86 and generic patch:
  - Add Andrii's Tested-by. (Andrii, I think you have tested only x86, is it OK?)
[11/13]:
  - Remove superfluous #include <linux/kprobes.h>.
[13/13]:
  - Add a prototype for arch_kretprobe_fixup_return().


With this series, unwinder can unwind stack correctly from ftrace as below;

  # cd /sys/kernel/debug/tracing
  # echo > trace
  # echo 1 > options/sym-offset
  # echo r vfs_read >> kprobe_events
  # echo r full_proxy_read >> kprobe_events
  # echo traceoff:1 > events/kprobes/r_vfs_read_0/trigger
  # echo stacktrace:1 > events/kprobes/r_full_proxy_read_0/trigger
  # echo 1 > events/kprobes/enable
  # cat /sys/kernel/debug/kprobes/list
ffffffff8133b740  r  full_proxy_read+0x0    [FTRACE]
ffffffff812560b0  r  vfs_read+0x0    [FTRACE]
  # echo 0 > events/kprobes/enable
  # cat trace
# tracer: nop
#
# entries-in-buffer/entries-written: 3/3   #P:8
#
#                                _-----=> irqs-off
#                               / _----=> need-resched
#                              | / _---=> hardirq/softirq
#                              || / _--=> preempt-depth
#                              ||| /     delay
#           TASK-PID     CPU#  ||||   TIMESTAMP  FUNCTION
#              | |         |   ||||      |         |
           <...>-134     [007] ...1    16.185877: r_full_proxy_read_0: (vfs_read+0x98/0x180 <- full_proxy_read)
           <...>-134     [007] ...1    16.185901: <stack trace>
 => kretprobe_trace_func+0x209/0x300
 => kretprobe_dispatcher+0x4a/0x70
 => __kretprobe_trampoline_handler+0xd4/0x170
 => trampoline_handler+0x43/0x60
 => kretprobe_trampoline+0x2a/0x50
 => vfs_read+0x98/0x180
 => ksys_read+0x5f/0xe0
 => do_syscall_64+0x37/0x90
 => entry_SYSCALL_64_after_hwframe+0x44/0xae
           <...>-134     [007] ...1    16.185902: r_vfs_read_0: (ksys_read+0x5f/0xe0 <- vfs_read)

This shows the double return probes (vfs_read and full_proxy_read) on the stack
correctly unwinded. (vfs_read will return to ksys_read+0x5f and full_proxy_read
will return to vfs_read+0x98)

This actually changes the kretprobe behavisor a bit, now the instraction pointer in
the pt_regs passed to kretprobe user handler is correctly set the real return
address. So user handlers can get it via instruction_pointer() API.

You can also get this series from 
 git://git.kernel.org/pub/scm/linux/kernel/git/mhiramat/linux.git kprobes/kretprobe-stackfix-v7


Thank you,

---

Josh Poimboeuf (1):
      x86/kprobes: Add UNWIND_HINT_FUNC on kretprobe_trampoline code

Masami Hiramatsu (12):
      ia64: kprobes: Fix to pass correct trampoline address to the handler
      kprobes: treewide: Replace arch_deref_entry_point() with dereference_symbol_descriptor()
      kprobes: treewide: Remove trampoline_address from kretprobe_trampoline_handler()
      kprobes: Add kretprobe_find_ret_addr() for searching return address
      ARC: Add instruction_pointer_set() API
      ia64: Add instruction_pointer_set() API
      arm: kprobes: Make a space for regs->ARM_pc at kretprobe_trampoline
      kprobes: Setup instruction pointer in __kretprobe_trampoline_handler
      x86/kprobes: Push a fake return address at kretprobe_trampoline
      x86/unwind: Recover kretprobe trampoline entry
      tracing: Show kretprobe unknown indicator only for kretprobe_trampoline
      x86/kprobes: Fixup return address in generic trampoline handler


 arch/arc/include/asm/ptrace.h       |    5 ++
 arch/arc/kernel/kprobes.c           |    2 -
 arch/arm/probes/kprobes/core.c      |    5 +-
 arch/arm64/kernel/probes/kprobes.c  |    3 -
 arch/csky/kernel/probes/kprobes.c   |    2 -
 arch/ia64/include/asm/ptrace.h      |    5 ++
 arch/ia64/kernel/kprobes.c          |   15 ++---
 arch/mips/kernel/kprobes.c          |    3 -
 arch/parisc/kernel/kprobes.c        |    4 +
 arch/powerpc/kernel/kprobes.c       |   13 ----
 arch/riscv/kernel/probes/kprobes.c  |    2 -
 arch/s390/kernel/kprobes.c          |    2 -
 arch/sh/kernel/kprobes.c            |    2 -
 arch/sparc/kernel/kprobes.c         |    2 -
 arch/x86/include/asm/kprobes.h      |    1 
 arch/x86/include/asm/unwind.h       |   23 +++++++
 arch/x86/include/asm/unwind_hints.h |    5 ++
 arch/x86/kernel/kprobes/core.c      |   53 +++++++++++++++--
 arch/x86/kernel/unwind_frame.c      |    3 -
 arch/x86/kernel/unwind_guess.c      |    3 -
 arch/x86/kernel/unwind_orc.c        |   18 +++++-
 include/linux/kprobes.h             |   44 ++++++++++++--
 kernel/kprobes.c                    |  108 +++++++++++++++++++++++++----------
 kernel/trace/trace_output.c         |   17 +-----
 lib/error-inject.c                  |    3 +
 25 files changed, 238 insertions(+), 105 deletions(-)

--
Masami Hiramatsu (Linaro) <mhiramat@kernel.org>

^ permalink raw reply	[flat|nested] 33+ messages in thread

end of thread, other threads:[~2021-06-18  1:03 UTC | newest]

Thread overview: 33+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-27  6:39 [PATCH -tip v7 00/13] kprobes: Fix stacktrace with kretprobes on x86 Masami Hiramatsu
2021-05-27  6:39 ` [PATCH -tip v7 01/13] ia64: kprobes: Fix to pass correct trampoline address to the handler Masami Hiramatsu
2021-05-27  6:39 ` [PATCH -tip v7 02/13] kprobes: treewide: Replace arch_deref_entry_point() with dereference_symbol_descriptor() Masami Hiramatsu
2021-05-27  6:39 ` [PATCH -tip v7 03/13] kprobes: treewide: Remove trampoline_address from kretprobe_trampoline_handler() Masami Hiramatsu
2021-06-14 15:46   ` Naveen N. Rao
2021-06-15  0:06     ` Masami Hiramatsu
2021-05-27  6:39 ` [PATCH -tip v7 04/13] kprobes: Add kretprobe_find_ret_addr() for searching return address Masami Hiramatsu
2021-05-27  6:39 ` [PATCH -tip v7 05/13] x86/kprobes: Add UNWIND_HINT_FUNC on kretprobe_trampoline code Masami Hiramatsu
2021-05-27  6:40 ` [PATCH -tip v7 06/13] ARC: Add instruction_pointer_set() API Masami Hiramatsu
2021-05-27  6:40 ` [PATCH -tip v7 07/13] ia64: " Masami Hiramatsu
2021-05-27  6:40 ` [PATCH -tip v7 08/13] arm: kprobes: Make a space for regs->ARM_pc at kretprobe_trampoline Masami Hiramatsu
2021-05-27  6:40 ` [PATCH -tip v7 09/13] kprobes: Setup instruction pointer in __kretprobe_trampoline_handler Masami Hiramatsu
2021-06-17  4:39   ` Josh Poimboeuf
2021-06-17  4:40     ` Josh Poimboeuf
2021-06-17 14:40       ` Masami Hiramatsu
2021-06-17 15:02         ` Masami Hiramatsu
2021-06-17 17:45           ` Andrii Nakryiko
2021-06-17 18:21             ` Josh Poimboeuf
2021-06-17 18:31               ` Andrii Nakryiko
2021-06-17 19:26                 ` Josh Poimboeuf
2021-06-17 19:46                   ` Andrii Nakryiko
2021-06-18  0:33                     ` Masami Hiramatsu
2021-06-18  1:03                       ` Josh Poimboeuf
2021-06-17 23:58               ` Masami Hiramatsu
2021-06-18  0:58                 ` Josh Poimboeuf
2021-05-27  6:40 ` [PATCH -tip v7 10/13] x86/kprobes: Push a fake return address at kretprobe_trampoline Masami Hiramatsu
2021-06-17  4:41   ` Josh Poimboeuf
2021-05-27  6:40 ` [PATCH -tip v7 11/13] x86/unwind: Recover kretprobe trampoline entry Masami Hiramatsu
2021-06-17  4:41   ` Josh Poimboeuf
2021-05-27  6:40 ` [PATCH -tip v7 12/13] tracing: Show kretprobe unknown indicator only for kretprobe_trampoline Masami Hiramatsu
2021-05-27  6:41 ` [PATCH -tip v7 13/13] x86/kprobes: Fixup return address in generic trampoline handler Masami Hiramatsu
2021-05-27 16:41 ` [PATCH -tip v7 00/13] kprobes: Fix stacktrace with kretprobes on x86 Andrii Nakryiko
2021-06-10  3:40 ` Masami Hiramatsu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).