From: Masami Hiramatsu <mhiramat@kernel.org>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Peter Zijlstra <peterz@infradead.org>,
linux-kernel@vger.kernel.org, Andi Kleen <ak@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)"
<x86@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>,
"Naveen N. Rao" <naveen.n.rao@linux.ibm.com>,
Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>,
"David S. Miller" <davem@davemloft.net>,
Masami Hiramatsu <mhiramat@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Andrew Morton <akpm@linux-foundation.org>,
"Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>,
Will Deacon <will@kernel.org>, Kees Cook <keescook@chromium.org>,
Arnd Bergmann <arnd@arndb.de>, Alexandre Ghiti <alex@ghiti.fr>,
Masahiro Yamada <masahiroy@kernel.org>,
Sami Tolvanen <samitolvanen@google.com>,
Peter Collingbourne <pcc@google.com>,
Krzysztof Kozlowski <krzk@kernel.org>,
Frederic Weisbecker <frederic@kernel.org>,
Stephen Boyd <sboyd@kernel.org>,
Alexei Starovoitov <ast@kernel.org>,
Mike Rapoport <rppt@linux.ibm.com>,
Sean Christopherson <sean.j.christopherson@intel.com>,
Jiri Olsa <jolsa@redhat.com>
Subject: Re: [PATCH RFC] kprobes: Remove MODULES dependency
Date: Tue, 14 Jul 2020 20:52:04 +0900 [thread overview]
Message-ID: <20200714205204.210a558f0560d8feae19e55d@kernel.org> (raw)
In-Reply-To: <20200713050549.GA956284@linux.intel.com>
On Mon, 13 Jul 2020 08:05:49 +0300
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> wrote:
> On Fri, Jul 10, 2020 at 12:49:10PM +0200, Peter Zijlstra wrote:
> > On Fri, Jul 10, 2020 at 01:36:38PM +0300, Jarkko Sakkinen wrote:
> > > Just so that I know (and learn), what did exactly disable optprobes?
> >
> > So regular, old-skool style kprobe is:
> >
> > - copy original instruction out
> > - replace instruction with breakpoint (int3 on x86)
> > - have exception handler return to the copied instruction with
> > single-step on
> > - have single step exception handler return to the original
> > instruction stream
> >
> > which is 2 exceptions.
>
> Out of pure interest, how does it handle a jump (as the original
> opcode), given that it single steps a copy?
Yes, the jump will be executed with a single-step on the copy buffer
and kprobes (on x86) fixes up the result, this means we modifies
the regs->ip. Also, there are some architectures which emulate the
jump instead of single-stepping.
>
> > optprobes avoid the single-step by not only writing a single
> > instruction, but additionally placing a JMP instruction behind it such
> > that it will automagically continue in the original instruction stream.
> >
> > This brings the requirement that the copied instruction is placed
> > within the JMP displacement of the regular kernel text (s32 on x86).
> >
> > module_alloc() ensures the memory provided is within that range.
>
> Right, a relative jump is placed instead of 0xcc to the breakpoint?
Yes, a relative (far) jump is used. So the target address (copied buffer)
must be in +-2GB range from the jump.
Thank you,
--
Masami Hiramatsu <mhiramat@kernel.org>
next prev parent reply other threads:[~2020-07-14 11:52 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-09 23:45 [PATCH RFC] kprobes: Remove MODULES dependency Jarkko Sakkinen
2020-07-10 9:03 ` Peter Zijlstra
2020-07-10 10:36 ` Jarkko Sakkinen
2020-07-10 10:49 ` Peter Zijlstra
2020-07-13 5:05 ` Jarkko Sakkinen
2020-07-13 10:17 ` Peter Zijlstra
2020-07-14 11:52 ` Masami Hiramatsu [this message]
2020-07-10 10:32 ` Masami Hiramatsu
2020-07-10 11:32 ` Peter Zijlstra
2020-07-10 13:04 ` Christoph Hellwig
2020-07-13 5:52 ` Jarkko Sakkinen
2020-07-10 13:18 ` Masami Hiramatsu
2020-07-10 13:22 ` Steven Rostedt
2020-07-13 5:55 ` Jarkko Sakkinen
2020-07-13 5:49 ` Jarkko Sakkinen
2020-07-14 11:45 ` Masami Hiramatsu
2020-07-10 15:51 ` Kees Cook
2020-07-13 5:56 ` Jarkko Sakkinen
2020-07-13 5:39 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200714205204.210a558f0560d8feae19e55d@kernel.org \
--to=mhiramat@kernel.org \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=alex@ghiti.fr \
--cc=aneesh.kumar@linux.ibm.com \
--cc=anil.s.keshavamurthy@intel.com \
--cc=arnd@arndb.de \
--cc=ast@kernel.org \
--cc=bp@alien8.de \
--cc=davem@davemloft.net \
--cc=frederic@kernel.org \
--cc=hpa@zytor.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jolsa@redhat.com \
--cc=keescook@chromium.org \
--cc=krzk@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=mingo@redhat.com \
--cc=naveen.n.rao@linux.ibm.com \
--cc=pcc@google.com \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=rppt@linux.ibm.com \
--cc=samitolvanen@google.com \
--cc=sboyd@kernel.org \
--cc=sean.j.christopherson@intel.com \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.