[PATCH] uprobes/x86: allow to probe a "nop" insn with 0x66 prefix

[PATCH] uprobes/x86: allow to probe a "nop" insn with 0x66 prefix

[Oleg Nesterov]

From: Denys Vlasenko <dvlasenk@redhat.com>

Intel icc -hotpatch inserts 2-byte "0x66 0x90" NOP at the start of each
function to reserve extra space for hot-patching, and currently it is not
possible to probe these functions because branch_setup_xol_ops() wrongly
nacks NOP with REP prefix.

Fixes: 250bbd12c2fe ("uprobes/x86: Refuse to attach uprobe to "word-sized" branch insns")
Reported-by: Seiji Nishikawa <snishika@redhat.com>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
 arch/x86/kernel/uprobes.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c
index b63cf8f7745e..6c07f6daaa22 100644
--- a/arch/x86/kernel/uprobes.c
+++ b/arch/x86/kernel/uprobes.c
@@ -722,8 +722,9 @@ static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
 	switch (opc1) {
 	case 0xeb:	/* jmp 8 */
 	case 0xe9:	/* jmp 32 */
-	case 0x90:	/* prefix* + nop; same as jmp with .offs = 0 */
 		break;
+	case 0x90:	/* prefix* + nop; same as jmp with .offs = 0 */
+		goto setup;
 
 	case 0xe8:	/* call relative */
 		branch_clear_offset(auprobe, insn);
@@ -753,6 +754,7 @@ static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
 			return -ENOTSUPP;
 	}
 
+setup:
 	auprobe->branch.opc1 = opc1;
 	auprobe->branch.ilen = insn->length;
 	auprobe->branch.offs = insn->immediate.value;
-- 
2.25.1.362.g51ebf55

Re: [PATCH] uprobes/x86: allow to probe a "nop" insn with 0x66 prefix

[Masami Hiramatsu]

On Thu, 1 Dec 2022 15:26:44 +0100
Oleg Nesterov <oleg@redhat.com> wrote:

> From: Denys Vlasenko <dvlasenk@redhat.com>
> 
> Intel icc -hotpatch inserts 2-byte "0x66 0x90" NOP at the start of each
> function to reserve extra space for hot-patching, and currently it is not
> possible to probe these functions because branch_setup_xol_ops() wrongly
> nacks NOP with REP prefix.

Looks good to me.

Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>

Thank you!

> 
> Fixes: 250bbd12c2fe ("uprobes/x86: Refuse to attach uprobe to "word-sized" branch insns")
> Reported-by: Seiji Nishikawa <snishika@redhat.com>
> Signed-off-by: Oleg Nesterov <oleg@redhat.com>
> ---
>  arch/x86/kernel/uprobes.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c
> index b63cf8f7745e..6c07f6daaa22 100644
> --- a/arch/x86/kernel/uprobes.c
> +++ b/arch/x86/kernel/uprobes.c
> @@ -722,8 +722,9 @@ static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
>  	switch (opc1) {
>  	case 0xeb:	/* jmp 8 */
>  	case 0xe9:	/* jmp 32 */
> -	case 0x90:	/* prefix* + nop; same as jmp with .offs = 0 */
>  		break;
> +	case 0x90:	/* prefix* + nop; same as jmp with .offs = 0 */
> +		goto setup;
>  
>  	case 0xe8:	/* call relative */
>  		branch_clear_offset(auprobe, insn);
> @@ -753,6 +754,7 @@ static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
>  			return -ENOTSUPP;
>  	}
>  
> +setup:
>  	auprobe->branch.opc1 = opc1;
>  	auprobe->branch.ilen = insn->length;
>  	auprobe->branch.offs = insn->immediate.value;
> -- 
> 2.25.1.362.g51ebf55
> 
> 


-- 
Masami Hiramatsu (Google) <mhiramat@kernel.org>

Re: [PATCH] uprobes/x86: allow to probe a "nop" insn with 0x66 prefix

[Thomas Gleixner]

On Thu, Dec 01 2022 at 15:26, Oleg Nesterov wrote:

> From: Denys Vlasenko <dvlasenk@redhat.com>
>
> Intel icc -hotpatch inserts 2-byte "0x66 0x90" NOP at the start of each
> function to reserve extra space for hot-patching, and currently it is not
> possible to probe these functions because branch_setup_xol_ops() wrongly
> nacks NOP with REP prefix.
>
> Fixes: 250bbd12c2fe ("uprobes/x86: Refuse to attach uprobe to "word-sized" branch insns")
> Reported-by: Seiji Nishikawa <snishika@redhat.com>
> Signed-off-by: Oleg Nesterov <oleg@redhat.com>

The SOB chain is invalid as it lacks the author's signoff.

Re: [PATCH] uprobes/x86: allow to probe a "nop" insn with 0x66 prefix

[Oleg Nesterov]

On 12/02, Thomas Gleixner wrote:
>
> On Thu, Dec 01 2022 at 15:26, Oleg Nesterov wrote:
>
> > From: Denys Vlasenko <dvlasenk@redhat.com>
> >
> > Intel icc -hotpatch inserts 2-byte "0x66 0x90" NOP at the start of each
> > function to reserve extra space for hot-patching, and currently it is not
> > possible to probe these functions because branch_setup_xol_ops() wrongly
> > nacks NOP with REP prefix.
> >
> > Fixes: 250bbd12c2fe ("uprobes/x86: Refuse to attach uprobe to "word-sized" branch insns")
> > Reported-by: Seiji Nishikawa <snishika@redhat.com>
> > Signed-off-by: Oleg Nesterov <oleg@redhat.com>
>
> The SOB chain is invalid as it lacks the author's signoff.

Denys, can we have your signed-off-by?

Re: [PATCH] uprobes/x86: allow to probe a "nop" insn with 0x66 prefix

[Oleg Nesterov]

On 12/02, Oleg Nesterov wrote:
>
> On 12/02, Thomas Gleixner wrote:
> >
> > On Thu, Dec 01 2022 at 15:26, Oleg Nesterov wrote:
> >
> > > From: Denys Vlasenko <dvlasenk@redhat.com>
> > >
> > > Intel icc -hotpatch inserts 2-byte "0x66 0x90" NOP at the start of each
> > > function to reserve extra space for hot-patching, and currently it is not
> > > possible to probe these functions because branch_setup_xol_ops() wrongly
> > > nacks NOP with REP prefix.
> > >
> > > Fixes: 250bbd12c2fe ("uprobes/x86: Refuse to attach uprobe to "word-sized" branch insns")
> > > Reported-by: Seiji Nishikawa <snishika@redhat.com>
> > > Signed-off-by: Oleg Nesterov <oleg@redhat.com>
> >
> > The SOB chain is invalid as it lacks the author's signoff.
>
> Denys, can we have your signed-off-by?

OK, let me turn "From" into "Suggested-by" if this can help to merge this fix.

After all, the patch is really simple, I don't think Denys will object when he
returns.

I am sending v2 with Masami's ack applied.

Oleg.

[PATCH v2] uprobes/x86: allow to probe a "nop" insn with 0x66 prefix

[Oleg Nesterov]

Intel icc -hotpatch inserts 2-byte "0x66 0x90" NOP at the start of each
function to reserve extra space for hot-patching, and currently it is not
possible to probe these functions because branch_setup_xol_ops() wrongly
nacks NOP with REP prefix.

Fixes: 250bbd12c2fe ("uprobes/x86: Refuse to attach uprobe to "word-sized" branch insns")
Reported-by: Seiji Nishikawa <snishika@redhat.com>
Suggested-by: Denys Vlasenko <dvlasenk@redhat.com>
Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
 arch/x86/kernel/uprobes.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c
index b63cf8f7745e..6c07f6daaa22 100644
--- a/arch/x86/kernel/uprobes.c
+++ b/arch/x86/kernel/uprobes.c
@@ -722,8 +722,9 @@ static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
 	switch (opc1) {
 	case 0xeb:	/* jmp 8 */
 	case 0xe9:	/* jmp 32 */
-	case 0x90:	/* prefix* + nop; same as jmp with .offs = 0 */
 		break;
+	case 0x90:	/* prefix* + nop; same as jmp with .offs = 0 */
+		goto setup;
 
 	case 0xe8:	/* call relative */
 		branch_clear_offset(auprobe, insn);
@@ -753,6 +754,7 @@ static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
 			return -ENOTSUPP;
 	}
 
+setup:
 	auprobe->branch.opc1 = opc1;
 	auprobe->branch.ilen = insn->length;
 	auprobe->branch.offs = insn->immediate.value;
-- 
2.25.1.362.g51ebf55

[tip: x86/urgent] uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix

[tip-bot2 for Oleg Nesterov]

The following commit has been merged into the x86/urgent branch of tip:

Commit-ID:     cefa72129e45313655d53a065b8055aaeb01a0c9
Gitweb:        https://git.kernel.org/tip/cefa72129e45313655d53a065b8055aaeb01a0c9
Author:        Oleg Nesterov <oleg@redhat.com>
AuthorDate:    Sun, 04 Dec 2022 18:39:33 +01:00
Committer:     Thomas Gleixner <tglx@linutronix.de>
CommitterDate: Mon, 05 Dec 2022 11:55:18 +01:00

uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix

Intel ICC -hotpatch inserts 2-byte "0x66 0x90" NOP at the start of each
function to reserve extra space for hot-patching, and currently it is not
possible to probe these functions because branch_setup_xol_ops() wrongly
rejects NOP with REP prefix as it treats them like word-sized branch
instructions.

Fixes: 250bbd12c2fe ("uprobes/x86: Refuse to attach uprobe to "word-sized" branch insns")
Reported-by: Seiji Nishikawa <snishika@redhat.com>
Suggested-by: Denys Vlasenko <dvlasenk@redhat.com>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Link: https://lore.kernel.org/r/20221204173933.GA31544@redhat.com

---
 arch/x86/kernel/uprobes.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/uprobes.c b/arch/x86/kernel/uprobes.c
index b63cf8f..6c07f6d 100644
--- a/arch/x86/kernel/uprobes.c
+++ b/arch/x86/kernel/uprobes.c
@@ -722,8 +722,9 @@ static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
 	switch (opc1) {
 	case 0xeb:	/* jmp 8 */
 	case 0xe9:	/* jmp 32 */
-	case 0x90:	/* prefix* + nop; same as jmp with .offs = 0 */
 		break;
+	case 0x90:	/* prefix* + nop; same as jmp with .offs = 0 */
+		goto setup;
 
 	case 0xe8:	/* call relative */
 		branch_clear_offset(auprobe, insn);
@@ -753,6 +754,7 @@ static int branch_setup_xol_ops(struct arch_uprobe *auprobe, struct insn *insn)
 			return -ENOTSUPP;
 	}
 
+setup:
 	auprobe->branch.opc1 = opc1;
 	auprobe->branch.ilen = insn->length;
 	auprobe->branch.offs = insn->immediate.value;