From: Ravi Bangoria <ravi.bangoria@linux.ibm.com>
To: Christophe Leroy <christophe.leroy@csgroup.eu>
Cc: Ravi Bangoria <ravi.bangoria@linux.ibm.com>,
jniethe5@gmail.com, oleg@redhat.com, rostedt@goodmis.org,
linux-kernel@vger.kernel.org, paulus@samba.org,
sandipan@linux.ibm.com, naveen.n.rao@linux.ibm.com,
linuxppc-dev@lists.ozlabs.org
Subject: Re: [PATCH v3] powerpc/uprobes: Validation for prefixed instruction
Date: Thu, 4 Mar 2021 16:32:47 +0530 [thread overview]
Message-ID: <1f873079-2aa1-3818-3070-bce459034cec@linux.ibm.com> (raw)
In-Reply-To: <f1a61cd9-436e-b486-b99c-0c06f2956a89@csgroup.eu>
On 3/4/21 4:21 PM, Christophe Leroy wrote:
>
>
> Le 04/03/2021 à 11:13, Ravi Bangoria a écrit :
>>
>>
>> On 3/4/21 1:02 PM, Christophe Leroy wrote:
>>>
>>>
>>> Le 04/03/2021 à 06:05, Ravi Bangoria a écrit :
>>>> As per ISA 3.1, prefixed instruction should not cross 64-byte
>>>> boundary. So don't allow Uprobe on such prefixed instruction.
>>>>
>>>> There are two ways probed instruction is changed in mapped pages.
>>>> First, when Uprobe is activated, it searches for all the relevant
>>>> pages and replace instruction in them. In this case, if that probe
>>>> is on the 64-byte unaligned prefixed instruction, error out
>>>> directly. Second, when Uprobe is already active and user maps a
>>>> relevant page via mmap(), instruction is replaced via mmap() code
>>>> path. But because Uprobe is invalid, entire mmap() operation can
>>>> not be stopped. In this case just print an error and continue.
>>>>
>>>> Signed-off-by: Ravi Bangoria <ravi.bangoria@linux.ibm.com>
>>>> ---
>>>> v2: https://lore.kernel.org/r/20210204104703.273429-1-ravi.bangoria@linux.ibm.com
>>>> v2->v3:
>>>> - Drop restriction for Uprobe on suffix of prefixed instruction.
>>>> It needs lot of code change including generic code but what
>>>> we get in return is not worth it.
>>>>
>>>> arch/powerpc/kernel/uprobes.c | 8 ++++++++
>>>> 1 file changed, 8 insertions(+)
>>>>
>>>> diff --git a/arch/powerpc/kernel/uprobes.c b/arch/powerpc/kernel/uprobes.c
>>>> index e8a63713e655..c400971ebe70 100644
>>>> --- a/arch/powerpc/kernel/uprobes.c
>>>> +++ b/arch/powerpc/kernel/uprobes.c
>>>> @@ -41,6 +41,14 @@ int arch_uprobe_analyze_insn(struct arch_uprobe *auprobe,
>>>> if (addr & 0x03)
>>>> return -EINVAL;
>>>> + if (!IS_ENABLED(CONFIG_PPC64) || !cpu_has_feature(CPU_FTR_ARCH_31))
>>>
>>> cpu_has_feature(CPU_FTR_ARCH_31) should return 'false' when CONFIG_PPC64 is not enabled, no need to double check.
>>
>> Ok.
>>
>> I'm going to drop CONFIG_PPC64 check because it's not really
>> required as I replied to Naveen. So, I'll keep CPU_FTR_ARCH_31
>> check as is.
>>
>>>
>>>> + return 0;
>>>> +
>>>> + if (ppc_inst_prefixed(auprobe->insn) && (addr & 0x3F) == 0x3C) {
>>>
>>> Maybe 3C instead of 4F ? : (addr & 0x3C) == 0x3C
>>
>> Didn't follow. It's not (addr & 0x3C), it's (addr & 0x3F).
>
> Sorry I meant 3c instead of 3f (And usually we don't use capital letters for that).
> The last two bits are supposed to always be 0, so it doesn't really matter, I just thought it would look better having the same value both sides of the test, ie (addr & 0x3c) == 0x3c.
Ok yeah makes sense. Thanks.
>
>>
>>>
>>> What about
>>>
>>> (addr & (SZ_64 - 4)) == SZ_64 - 4 to make it more explicit ?
>>
>> Yes this is bit better. Though, it should be:
>>
>> (addr & (SZ_64 - 1)) == SZ_64 - 4
>
> -1 or -4 should give the same results as instructions are always 32 bits aligned though.
Got it.
Ravi
prev parent reply other threads:[~2021-03-04 11:04 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-04 5:05 [PATCH v3] powerpc/uprobes: Validation for prefixed instruction Ravi Bangoria
2021-03-03 8:38 ` Naveen N. Rao
2021-03-04 7:39 ` Ravi Bangoria
2021-03-04 7:32 ` Christophe Leroy
2021-03-04 10:13 ` Ravi Bangoria
2021-03-04 10:51 ` Christophe Leroy
2021-03-04 11:02 ` Ravi Bangoria [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1f873079-2aa1-3818-3070-bce459034cec@linux.ibm.com \
--to=ravi.bangoria@linux.ibm.com \
--cc=christophe.leroy@csgroup.eu \
--cc=jniethe5@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=naveen.n.rao@linux.ibm.com \
--cc=oleg@redhat.com \
--cc=paulus@samba.org \
--cc=rostedt@goodmis.org \
--cc=sandipan@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).