From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753783AbdCAXan (ORCPT <rfc822;w@1wt.eu>);
        Wed, 1 Mar 2017 18:30:43 -0500
Received: from mail.kernel.org ([198.145.29.136]:46268 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1753760AbdCAXaj (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 1 Mar 2017 18:30:39 -0500
Date: Thu, 2 Mar 2017 08:30:28 +0900
From: Masami Hiramatsu <mhiramat@kernel.org>
To: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>, Borislav Petkov <bp@alien8.de>,
        linux-kernel@vger.kernel.org, Ingo Molnar <mingo@kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [RFC PATCH 2/2] kprobes/x86: Exit single-stepping before trying
 fixup_exception
Message-Id: <20170302083028.bbd015d78e15df5d89aa0c2e@kernel.org>
In-Reply-To: <148821206816.15765.7737579843541819311.stgit@devbox>
References: <20170224174827.GS6500@twins.programming.kicks-ass.net>
        <148821206816.15765.7737579843541819311.stgit@devbox>
X-Mailer: Sylpheed 3.5.0 (GTK+ 2.24.30; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 28 Feb 2017 01:14:38 +0900
Masami Hiramatsu <mhiramat@kernel.org> wrote:

> Exit single-stepping out of line and get back regs->ip to original
> (probed) address before trying fixup_exception() if the exception
> happened on the singlestep buffer, since the fixup_exception()
> depends on regs->ip to search an entry on __ex_table.
> 
> Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
> ---
>  arch/x86/include/asm/kprobes.h |    1 
>  arch/x86/kernel/kprobes/core.c |   83 +++++++++++++++++++++++++---------------
>  arch/x86/kernel/traps.c        |   19 +++++++++
>  3 files changed, 71 insertions(+), 32 deletions(-)
> 
> diff --git a/arch/x86/include/asm/kprobes.h b/arch/x86/include/asm/kprobes.h
> index d1d1e50..79e121a 100644
> --- a/arch/x86/include/asm/kprobes.h
> +++ b/arch/x86/include/asm/kprobes.h
> @@ -111,6 +111,7 @@ struct kprobe_ctlblk {
>  	struct prev_kprobe prev_kprobe;
>  };
>  
> +extern int kprobe_exit_singlestep(struct pt_regs *regs);
>  extern int kprobe_fault_handler(struct pt_regs *regs, int trapnr);
>  extern int kprobe_exceptions_notify(struct notifier_block *self,
>  				    unsigned long val, void *data);
> diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c
> index 34d3a52..f2a3f3b 100644
> --- a/arch/x86/kernel/kprobes/core.c
> +++ b/arch/x86/kernel/kprobes/core.c
> @@ -949,43 +949,62 @@ int kprobe_debug_handler(struct pt_regs *regs)
>  }
>  NOKPROBE_SYMBOL(kprobe_debug_handler);
>  
> -int kprobe_fault_handler(struct pt_regs *regs, int trapnr)
> +/* Fixup current ip register and reset current kprobe, if needed. */
> +int kprobe_exit_singlestep(struct pt_regs *regs)
>  {
> -	struct kprobe *cur = kprobe_running();
>  	struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
> +	struct kprobe *cur = kprobe_running();
>  
> -	if (unlikely(regs->ip == (unsigned long)cur->ainsn.insn)) {
> -		/* This must happen on single-stepping */
> -		WARN_ON(kcb->kprobe_status != KPROBE_HIT_SS &&
> -			kcb->kprobe_status != KPROBE_REENTER);
> -		/*
> -		 * We are here because the instruction being single
> -		 * stepped caused a page fault. We reset the current
> -		 * kprobe and the ip points back to the probe address
> -		 * and allow the page fault handler to continue as a
> -		 * normal page fault.
> -		 */
> -		regs->ip = (unsigned long)cur->addr;
> -		/*
> -		 * Trap flag (TF) has been set here because this fault
> -		 * happened where the single stepping will be done.
> -		 * So clear it by resetting the current kprobe:
> -		 */
> -		regs->flags &= ~X86_EFLAGS_TF;
> +	if (unlikely(regs->ip != (unsigned long)cur->ainsn.insn))

Oops, this is not unlikely, this is likely case (since I inverted the condition).

Thanks,


-- 
Masami Hiramatsu <mhiramat@kernel.org>