From: "Madhavan T. Venkataraman" <madvenka@linux.microsoft.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: mark.rutland@arm.com, broonie@kernel.org, jpoimboe@redhat.com,
ardb@kernel.org, nobuta.keiya@fujitsu.com,
sjitindarsingh@gmail.com, catalin.marinas@arm.com,
will@kernel.org, jmorris@namei.org,
linux-arm-kernel@lists.infradead.org,
live-patching@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH v1 0/9] arm64: livepatch: Use DWARF Call Frame Information for frame pointer validation
Date: Mon, 11 Apr 2022 12:35:33 -0500 [thread overview]
Message-ID: <209888b9-fa98-2012-9f4c-1e37fd3283cd@linux.microsoft.com> (raw)
In-Reply-To: <YlAlK+94gBlVlv2J@hirez.programming.kicks-ass.net>
On 4/8/22 07:06, Peter Zijlstra wrote:
> On Thu, Apr 07, 2022 at 03:25:09PM -0500, madvenka@linux.microsoft.com wrote:
>> The solution
>> ============
>>
>> The goal here is to use the absolute minimum CFI needed to compute the FP at
>> every instruction address. The unwinder can compute the FP in each frame,
>> compare the actual FP with the computed one and validate the actual FP.
>>
>> Objtool is enhanced to parse the CFI, extract just the rules required,
>> encode them in compact data structures and create special sections for
>> the rules. The unwinder uses the special sections to find the rules for
>> a given instruction address and compute the FP.
>>
>> Objtool can be invoked as follows:
>>
>> objtool dwarf generate <object-file>
>>
>> The version of the DWARF standard supported in this work is version 4. The
>> official documentation for this version is here:
>>
>> https://dwarfstd.org/doc/DWARF4.pdf
>>
>> Section 6.4 contains the description of the CFI.
>
> The problem is of course that DWARF is only available for compiler
> generated code and doesn't cover assembly code, of which is there is
> always lots.
>
Yes. But assembly functions are of two types:
SYM_CODE_*() functions
SYM_FUNC_*() functions
SYM_CODE functions are, by definition, special functions that don't follow any ABI rules.
They don't set up a frame. Based on the opinion of ARM64 experts, these need to be
recognized by the unwinder and, if they are present in a stack trace, the stack trace
must be considered unreliable. I have, in fact, submitted a patch to implement that.
So, only SYM_FUNC*() functions are relevant for this part. I will look into these for arm64
and check if any of them can occur frequently in stack traces. If any of them is likely
to occur frequently in stack traces, I must address them. If there are only a few such
functions, unwind hints may be sufficient. I will get back to you on this.
> I suppose you can go add DWARF annotations to all the assembly, but IIRC
> those are pretty terrible. We were *REALLY* happy to delete all that
> nasty from the x86 code.
>
DWARF annotations are a PITA to maintain. I will never recommend that!
> On top of that, AFAIK compilers don't generally consider DWARF
> generation to be a correctness issue. For them it's debug info and
> having it be correct is nice but not required. So using it as input for
> something that's required to be correct, seems unfortunate.
It is only debug info. But if that info can be verified, then it is usable for livepatch
purposes. I am thinking of implementing a verifier since DWARF reliability is a valid
concern. I will keep you posted.
Thanks!
Madhavan
prev parent reply other threads:[~2022-04-11 17:35 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <95691cae4f4504f33d0fc9075541b1e7deefe96f>
2022-01-17 14:55 ` [PATCH v13 00/11] arm64: Reorganize the unwinder and implement stack trace reliability checks madvenka
2022-01-17 14:55 ` [PATCH v13 01/11] arm64: Remove NULL task check from unwind_frame() madvenka
2022-01-17 14:55 ` [PATCH v13 02/11] arm64: Rename unwinder functions madvenka
2022-01-17 14:56 ` [PATCH v13 03/11] arm64: Rename stackframe to unwind_state madvenka
2022-01-17 14:56 ` [PATCH v13 04/11] arm64: Split unwind_init() madvenka
2022-02-02 18:44 ` Mark Brown
2022-02-03 0:26 ` Madhavan T. Venkataraman
2022-02-03 0:39 ` Madhavan T. Venkataraman
2022-02-03 11:29 ` Mark Brown
2022-02-15 13:07 ` Mark Rutland
2022-02-15 18:04 ` Madhavan T. Venkataraman
2022-01-17 14:56 ` [PATCH v13 05/11] arm64: Copy the task argument to unwind_state madvenka
2022-02-02 18:45 ` Mark Brown
2022-02-15 13:22 ` Mark Rutland
2022-02-22 16:53 ` Madhavan T. Venkataraman
2022-01-17 14:56 ` [PATCH v13 06/11] arm64: Use stack_trace_consume_fn and rename args to unwind() madvenka
2022-02-02 18:46 ` Mark Brown
2022-02-03 0:34 ` Madhavan T. Venkataraman
2022-02-03 11:30 ` Mark Brown
2022-02-03 14:45 ` Madhavan T. Venkataraman
2022-02-15 13:39 ` Mark Rutland
2022-02-15 18:12 ` Madhavan T. Venkataraman
2022-03-07 16:51 ` Madhavan T. Venkataraman
2022-03-07 17:01 ` Mark Brown
2022-03-08 22:00 ` Madhavan T. Venkataraman
2022-03-09 11:47 ` Mark Brown
2022-03-09 15:34 ` Madhavan T. Venkataraman
2022-03-10 8:33 ` Miroslav Benes
2022-03-10 12:36 ` Madhavan T. Venkataraman
2022-03-16 3:43 ` Josh Poimboeuf
2022-04-08 14:44 ` Mark Rutland
2022-04-08 17:58 ` Mark Rutland
2022-04-10 17:42 ` Madhavan T. Venkataraman
2022-04-10 17:33 ` Madhavan T. Venkataraman
2022-04-10 17:45 ` Madhavan T. Venkataraman
2022-01-17 14:56 ` [PATCH v13 07/11] arm64: Make the unwind loop in unwind() similar to other architectures madvenka
2022-01-17 14:56 ` [PATCH v13 08/11] arm64: Introduce stack trace reliability checks in the unwinder madvenka
2022-01-17 14:56 ` [PATCH v13 09/11] arm64: Create a list of SYM_CODE functions, check return PC against list madvenka
2022-01-17 14:56 ` [PATCH v13 10/11] arm64: Introduce arch_stack_walk_reliable() madvenka
2022-01-17 14:56 ` [PATCH v13 11/11] arm64: Select HAVE_RELIABLE_STACKTRACE madvenka
2022-01-25 5:21 ` nobuta.keiya
2022-01-25 13:43 ` Madhavan T. Venkataraman
2022-01-26 10:20 ` nobuta.keiya
2022-01-26 17:14 ` Madhavan T. Venkataraman
2022-01-27 1:13 ` nobuta.keiya
2022-01-26 17:16 ` Mark Brown
2022-04-07 20:25 ` [RFC PATCH v1 0/9] arm64: livepatch: Use DWARF Call Frame Information for frame pointer validation madvenka
2022-04-07 20:25 ` [RFC PATCH v1 1/9] objtool: Parse DWARF Call Frame Information in object files madvenka
2022-04-07 20:25 ` [RFC PATCH v1 2/9] objtool: Generate DWARF rules and place them in a special section madvenka
2022-04-07 20:25 ` [RFC PATCH v1 3/9] dwarf: Build the kernel with DWARF information madvenka
2022-04-07 20:25 ` [RFC PATCH v1 4/9] dwarf: Implement DWARF rule processing in the kernel madvenka
2022-04-07 20:25 ` [RFC PATCH v1 5/9] dwarf: Implement DWARF support for modules madvenka
2022-04-07 20:25 ` [RFC PATCH v1 6/9] arm64: unwinder: Add a reliability check in the unwinder based on DWARF CFI madvenka
2022-04-07 20:25 ` [RFC PATCH v1 7/9] arm64: dwarf: Implement unwind hints madvenka
2022-04-07 20:25 ` [RFC PATCH v1 8/9] dwarf: Miscellaneous changes required for enabling livepatch madvenka
2022-04-07 20:25 ` [RFC PATCH v1 9/9] dwarf: Enable livepatch for ARM64 madvenka
2022-04-08 0:21 ` [RFC PATCH v1 0/9] arm64: livepatch: Use DWARF Call Frame Information for frame pointer validation Josh Poimboeuf
2022-04-08 11:41 ` Peter Zijlstra
2022-04-11 17:26 ` Madhavan T. Venkataraman
2022-04-11 17:18 ` Madhavan T. Venkataraman
2022-04-12 8:32 ` Chen Zhongjin
2022-04-16 0:56 ` Josh Poimboeuf
2022-04-18 12:28 ` Chen Zhongjin
2022-04-18 16:11 ` Josh Poimboeuf
2022-04-18 18:38 ` Madhavan T. Venkataraman
[not found] ` <844b3ede-eddb-cbe6-80e0-3529e2da2eb6@huawei.com>
2022-04-12 17:27 ` Madhavan T. Venkataraman
2022-04-16 1:07 ` Josh Poimboeuf
2022-04-14 14:11 ` Madhavan T. Venkataraman
2022-04-08 10:55 ` Peter Zijlstra
2022-04-08 11:54 ` Peter Zijlstra
2022-04-08 14:34 ` Josh Poimboeuf
2022-04-10 17:47 ` Madhavan T. Venkataraman
2022-04-11 16:34 ` Josh Poimboeuf
2022-04-08 12:06 ` Peter Zijlstra
2022-04-11 17:35 ` Madhavan T. Venkataraman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=209888b9-fa98-2012-9f4c-1e37fd3283cd@linux.microsoft.com \
--to=madvenka@linux.microsoft.com \
--cc=ardb@kernel.org \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=jmorris@namei.org \
--cc=jpoimboe@redhat.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=nobuta.keiya@fujitsu.com \
--cc=peterz@infradead.org \
--cc=sjitindarsingh@gmail.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).