From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B67DDECAAA1 for ; Fri, 9 Sep 2022 11:49:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231274AbiIILtl (ORCPT ); Fri, 9 Sep 2022 07:49:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38306 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231273AbiIILth (ORCPT ); Fri, 9 Sep 2022 07:49:37 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7A7FD13E13 for ; Fri, 9 Sep 2022 04:49:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=T24rfweRwMUEYoRSKe7a3EP0QE2CQRmkvfQQd2k+xMo=; b=wIH4w3CGmWBD9FyxNfoPSCmls0 zmIwaPiOGaA+goVjUp4m4Fhx0wjzEXKewIpRTZ0pQhSeabhqGh+EQru90eu3hIExyMiCGo61BiDWD lRwrvBv4liRHgTZLyZiBFawvlFpYvb4Vo2a+dbcNhnSPnQVw3QlsLHjjt5NZic8fb945+Vs5VU6Uk i06vslhUTUdOvvlZAqEdAQea7TevMQPC8Kuk7tAcPERG0VUJ2FXdbd1T0dM2TZceKDBE+tP1Lc5TD Jhj09lp9F13st+TP9J7KmiZTRK9AtiSoiX7/r1SSJRxb087ydZxmavvqq3atAz6Dkabi5w4IdEe7z VyY9YCVQ==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1oWcVc-00DEIj-4s; Fri, 09 Sep 2022 11:49:20 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id B3FB2300074; Fri, 9 Sep 2022 13:49:16 +0200 (CEST) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 9AD8B29A24303; Fri, 9 Sep 2022 13:49:16 +0200 (CEST) Date: Fri, 9 Sep 2022 13:49:16 +0200 From: Peter Zijlstra To: Jiri Olsa Cc: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martynas Pumputis , bpf@vger.kernel.org, Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , "Masami Hiramatsu (Google)" Subject: Re: [PATCHv3 bpf-next 4/6] bpf: Adjust kprobe_multi entry_ip for CONFIG_X86_KERNEL_IBT Message-ID: References: <20220909101245.347173-1-jolsa@kernel.org> <20220909101245.347173-5-jolsa@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220909101245.347173-5-jolsa@kernel.org> Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org On Fri, Sep 09, 2022 at 12:12:43PM +0200, Jiri Olsa wrote: > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > index 68e5cdd24cef..bcada91b0b3b 100644 > --- a/kernel/trace/bpf_trace.c > +++ b/kernel/trace/bpf_trace.c > @@ -2419,6 +2419,10 @@ kprobe_multi_link_handler(struct fprobe *fp, unsigned long entry_ip, > { > struct bpf_kprobe_multi_link *link; > > +#ifdef CONFIG_X86_KERNEL_IBT > + if (is_endbr(*((u32 *) entry_ip - 1))) > + entry_ip -= ENDBR_INSN_SIZE; > +#endif > link = container_of(fp, struct bpf_kprobe_multi_link, fp); > kprobe_multi_link_prog_run(link, entry_ip, regs); > } Strictly speaking this can explode if this function is one without ENDBR and it's on a page-edge and -1 is a guard page or something silly like that (could conceivably happen for a module or so). I'm also thinking this function might be a bit clearer if the argument were called fentry_ip -- that way it would be clearer this is an ftrace __fentry__ ip. The canonical way to get at +0 would be something like: kallsyms_lookup_size_offset(fentry_ip, &size, &offset); entry_ip = fentry_ip - offset; But I appreciate that might be too expensive here; is this a hot path? Could you store this information in struct bpf_kprobe_multi_link?