Re: [tip:perf/urgent] uprobes: Fix uprobes on MIPS, allow for a cache flush after ixol breakpoint creation

[Ralf Baechle <ralf@linux-mips.org>]

On Tue, Dec 20, 2016 at 06:50:05PM +0100, Oleg Nesterov wrote:

> >>> Commit:
> >>>
> >>>   72e6ae285a1d ('ARM: 8043/1: uprobes need icache flush after xol write'
> >>>
> >>> ... has introduced an arch-specific method to ensure all caches are
> >>> flushed appropriately after an instruction is written to an XOL page.
> >>
> >> when this page is already mmaped,
> >>
> >>> However, when the XOL area is created and the out-of-line breakpoint
> >>> instruction is copied, caches are not flushed at all and stale data may
> >>> be found in icache.
> >>
> >> but in this case the page is not mmaped yet, the probed application will
> >> take a page fault if it tries to execute this insn,
> >
> > In case of MIPS (and AFAICT ARM as well, and these are the only  
> > architectures that implement arch_uprobe_copy_ixol), the cache flushing  
> > is done through the kernel addresses of that page, so the fact that it  
> > is not mapped yet is not an issue.
> 
> OK, thanks,
> 
> > Do I understand correctly that your statement implies that after the  
> > page fault and mmapping the xol page, the page is guaranteed to be  
> > updated in the cache? As definitely that is not something that is  
> > happening at the moment.
> 
> Well, I do not know. Let me repeat I don't understand this flush_.*cache
> magic.
> 
> But. do_read_fault() does
> 
> 	__do_fault(..., &fault_page, ...);
> 
> 	alloc_set_pte(fault_page);
> 
> and alloc_set_pte() does flush_icache_page(vma, page)... Hmm, which is nop
> on MIPS.
> 
> >> OK, I know nothing about MIPS, but could you help me understand this change?
> >>
> >> See above. If we really need flush_icache_range() here then perhaps we should
> >> modify install_special_mapping() and/or __do_fault/special_mapping_fault paths
> >> instead?
> >
> > Are you suggesting that those should be updated to force a cache update?
> 
> Again, I do not know. But perhaps it makes more sense to actually implement
> flush_icache_page() ? Otherwise another user of install_special_mapping()
> can hit the same problem?

Documentation/cachetlb.txt says about flush_icache_page:

  void flush_icache_page(struct vm_area_struct *vma, struct page *page)
        All the functionality of flush_icache_page can be implemented in
        flush_dcache_page and update_mmu_cache. In the future, the hope
        is to remove this interface completely.

And that's exactly what MIPS already does, thus flush_icache_page() is a
no-op.  The new interfaces flush_dcache_page and update_mmu_cache
generally are much more efficient.

  Ralf