From: Masami Hiramatsu <mhiramat@kernel.org>
To: James Morse <james.morse@arm.com>
Cc: Pratyush Anand <panand@redhat.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
linux-kernel <linux-kernel@vger.kernel.org>,
"David A . Long" <dave.long@linaro.org>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH 1/3] arm64: kprobes: Move extable address check into arch_prepare_kprobe()
Date: Wed, 9 Jan 2019 11:05:00 +0900 [thread overview]
Message-ID: <20190109110500.b4b5049f4c67dfc85b9ced4e@kernel.org> (raw)
In-Reply-To: <b4109104-c438-f4c2-352a-d8b0ec47db37@arm.com>
Hi James,
On Tue, 8 Jan 2019 17:13:36 +0000
James Morse <james.morse@arm.com> wrote:
> Hi!
>
> On 08/01/2019 02:39, Masami Hiramatsu wrote:
> > On Thu, 3 Jan 2019 17:05:18 +0000
> > James Morse <james.morse@arm.com> wrote:
> >> On 17/12/2018 06:40, Masami Hiramatsu wrote:
> >>> Move extable address check into arch_prepare_kprobe() from
> >>> arch_within_kprobe_blacklist().
> >>
> >> I'm trying to work out the pattern for what should go in the blacklist, and what
> >> should be rejected by the arch code.
> >>
> >> It seems address-ranges should be blacklisted as the contents don't matter.
> >> easy-example: the idmap text.
> >
> > Yes, more precisely, the code smaller than a function (symbol), it must be
> > rejected by arch_prepare_kprobe(), since blacklist is poplated based on
> > kallsyms.
>
> Ah, okay, so the pattern is the blacklist should only be for whole symbols,
> (which explains why its usually based on sections).
Correct. Actually, the blacklist is generated based on the symbol info
from symbol address.
> I see kprobe_add_ksym_blacklist() would go wrong if you give it something like:
> platform_drv_probe+0x50/0xb0, as it will log platform_drv_probe+0x50 as the
> start_addr and platform_drv_probe+0x50+0xb0 as the end.
Yes, it expects given address is the entry of a symbol.
>
> But how does anything from the arch code's blacklist get into the
> kprobe_blacklist list?
It should be done via arch_populate_kprobe_blacklist().
>
> We don't have an arch_populate_kprobe_blacklist(), so rely on
> within_kprobe_blacklist() calling arch_within_kprobe_blacklist() with the
> address, as well as walking kprobe_blacklist.
>
> Is this cleanup ahead of a series that does away with
> arch_within_kprobe_blacklist() so that debugfs list is always complete?
Right, after this cleanup, I will send arch_populate_kprobe_blacklist()
patch for arm64 and others. My plan is to move all arch_within_kprobe_blacklist()
to arch_populate_kprobe_blacklist() so that user can get more precise blacklist
via debugfs.
> > As I pointed, the exception_table contains some range of code which inside
> > functions, must be smaller than function.
> > Since those instructions are expected to cause exception (that is main reason
> > why it can not be probed on arm64), I thought such situation was similar to
> > the limitation of instruction.
> >
> > So I think below will be better.
> > ----
> > Please do not blacklisting instructions on exception_table,
> > since those are smaller than one function.
> > ----
>
> I keep tripping over this because the exception_table lists addresses that are
> allowed to fault. Nothing looks at the instruction, and we happily kprobe the
> same instruction elsewhere.
Thanks!
>
> (based on my assumptions about where you are going next!,), How about:
> | The blacklist is exposed via debugfs as a list of symbols. extable entries are
> | smaller, so must be filtered out by arch_prepare_kprobe().
This looks much better for me too :)
Should I resend with the description?
Thank you!
>
> (only we currently have more than one blacklist...)
>
>
> Thanks,
>
> James
--
Masami Hiramatsu <mhiramat@kernel.org>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-01-09 2:05 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-17 6:40 [PATCH 0/3] arm64: kprobes: Fix blacklist checking on arm64 Masami Hiramatsu
2018-12-17 6:40 ` [PATCH 1/3] arm64: kprobes: Move extable address check into arch_prepare_kprobe() Masami Hiramatsu
2019-01-03 17:05 ` James Morse
2019-01-08 2:39 ` Masami Hiramatsu
2019-01-08 17:13 ` James Morse
2019-01-09 2:05 ` Masami Hiramatsu [this message]
2019-01-11 18:22 ` James Morse
2019-01-15 5:49 ` Masami Hiramatsu
2018-12-17 6:41 ` [PATCH 2/3] arm64: kprobes: Remove unneeded RODATA check Masami Hiramatsu
2019-01-03 17:07 ` James Morse
2018-12-17 6:41 ` [PATCH 3/3] arm64: kprobes: Move exception_text check in blacklist Masami Hiramatsu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190109110500.b4b5049f4c67dfc85b9ced4e@kernel.org \
--to=mhiramat@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=dave.long@linaro.org \
--cc=james.morse@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=panand@redhat.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.