From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7BB04ECAAD3 for ; Mon, 5 Sep 2022 15:52:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238452AbiIEPwk (ORCPT ); Mon, 5 Sep 2022 11:52:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238008AbiIEPwh (ORCPT ); Mon, 5 Sep 2022 11:52:37 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 923845D11E for ; Mon, 5 Sep 2022 08:52:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=jX+1wDdolT+cB5BzVJqFbVISJb28cjQt6PL6hAv6HA8=; b=L8pZyX2VaVt1MEb7hb+m5WLNDr r09CBMjgPa3XXov1irmiB1AaBAnNfZNErD8mg49AHwTJIp9woIDvLVItdmyVfV/y6Ig+iSgF+KzFQ q1vcAcPiafsB1aoj429XhbGdT0dgHWNIx2Q4wspTzkSRxfq/NN2+WfNCMmSuOP9gZyHX66wTYG6fE H+IRPT9Z8jujxd8Vbvam/JcKx9Z3uHG7o/SJgPsGbjS+uTFoPiPS3gvJPUGVPi/9yGxBiebb7sVsB gDFfm+un3Zbmx0CDoa8knA80eKeLPFmSEBYUuz55SNlVJAw5hs38/NuKKKnSwpGHpWrOCqXnw4Rvc 7GV/zN+w==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1oVEOl-009bp4-VY; Mon, 05 Sep 2022 15:52:32 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id 6525F300244; Mon, 5 Sep 2022 17:52:29 +0200 (CEST) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 19165209EC608; Mon, 5 Sep 2022 17:52:29 +0200 (CEST) Date: Mon, 5 Sep 2022 17:52:29 +0200 From: Peter Zijlstra To: Masami Hiramatsu Cc: Borislav Petkov , Josh Poimboeuf , linux-kernel@vger.kernel.org, Steven Rostedt , Ingo Molnar Subject: Re: CONFIG_RETHUNK int3 filling prevents kprobes in function body Message-ID: References: <20220904230713.a461f8fe85329663226c755f@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 05, 2022 at 05:09:16PM +0200, Peter Zijlstra wrote: > > This is because kprobes decodes function body to ensure the probed address > > is an instruction boundary, and if it finds the 0xcc (int3), it stops > > decoding and reject probing because the int3 is usually used for a > > software breakpoint and is replacing some other instruction. Without > > recovering the instruction, it can not continue decoding safely. > > I can't follow this logic. Decoding the single byte int3 instruction is > trivial. If you want a sanity check, follow the branches you found while > decoding the instruction starting at +0. Specifically, kprobe is the only one scribbling random [*] instructions with int3 in kernel text, so if kprobes doesn't know about the int3, it must be padding. [*] there's also static_call, jump_label and ftrace that use text_poke_bp() to scribble instructions but those are well known locations.