[PATCH] tracing/syscalls: Clang cfi enable syscall events

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] tracing/syscalls: Clang cfi enable syscall events
@ 2021-07-20 22:15 treasure4paddy
  2021-07-26 15:17 ` Sami Tolvanen
  0 siblings, 1 reply; 3+ messages in thread
From: treasure4paddy @ 2021-07-20 22:15 UTC (permalink / raw)
  To: rostedt, mingo
  Cc: samitolvanen, treasure4paddy, Padmanabha Srinivasaiah,
	Nathan Chancellor, Nick Desaulniers, linux-kernel,
	clang-built-linux

From: Padmanabha Srinivasaiah <padmanabha.srinivasaiah@harman.com>

With clang cfi syscall symbols are appended with <syscall>.cfi_jt,
hence syscall tracer can not find corresponding syscall name.
And results in no syscall ftrace events with CFI.

To fix this issue, this introduces custom cleanup_syscall_symbol_name()
to strip postfix ".cfi_jt" before comparing syscall and symbol name.

Signed-off-by: Padmanabha Srinivasaiah <padmanabha.srinivasaiah@harman.com>
---
 kernel/trace/trace_syscalls.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/kernel/trace/trace_syscalls.c b/kernel/trace/trace_syscalls.c
index 8bfcd3b09422..dbc253fea34d 100644
--- a/kernel/trace/trace_syscalls.c
+++ b/kernel/trace/trace_syscalls.c
@@ -79,6 +79,27 @@ trace_get_syscall_nr(struct task_struct *task, struct pt_regs *regs)
 }
 #endif /* ARCH_TRACE_IGNORE_COMPAT_SYSCALLS */
 
+#if defined(CONFIG_CFI_CLANG) && defined(CONFIG_LTO_CLANG_THIN)
+/*
+ * For a syscall symbol, clang generated non-canonical local jump tables
+ * will have entry as <syscall>.cfi_jt and address of this entry
+ * will be used to replace references to the syscall symbol.
+ * so we will strip the postfix from appended symbol name.
+ */
+static inline bool cleanup_syscall_symbol_name(char *s)
+{
+	char *res;
+
+	res = strrchr(s, '.');
+	if (res)
+		*res = '\0';
+
+	return res != NULL;
+}
+#else
+static inline bool cleanup_syscall_symbol_name(char *s) { return false; }
+#endif
+
 static __init struct syscall_metadata *
 find_syscall_meta(unsigned long syscall)
 {
@@ -90,6 +111,7 @@ find_syscall_meta(unsigned long syscall)
 	start = __start_syscalls_metadata;
 	stop = __stop_syscalls_metadata;
 	kallsyms_lookup(syscall, NULL, NULL, NULL, str);
+	cleanup_syscall_symbol_name(str);
 
 	if (arch_syscall_match_sym_name(str, "sys_ni_syscall"))
 		return NULL;
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] tracing/syscalls: Clang cfi enable syscall events
  2021-07-20 22:15 [PATCH] tracing/syscalls: Clang cfi enable syscall events treasure4paddy
@ 2021-07-26 15:17 ` Sami Tolvanen
  2021-07-27 16:59   ` Padmanabha Srinivasaiah
  0 siblings, 1 reply; 3+ messages in thread
From: Sami Tolvanen @ 2021-07-26 15:17 UTC (permalink / raw)
  To: treasure4paddy
  Cc: Steven Rostedt, Ingo Molnar, Padmanabha Srinivasaiah,
	Nathan Chancellor, Nick Desaulniers, LKML, clang-built-linux

Hi,

On Tue, Jul 20, 2021 at 3:16 PM <treasure4paddy@gmail.com> wrote:
>
> From: Padmanabha Srinivasaiah <padmanabha.srinivasaiah@harman.com>
>
> With clang cfi syscall symbols are appended with <syscall>.cfi_jt,
> hence syscall tracer can not find corresponding syscall name.
> And results in no syscall ftrace events with CFI.
>
> To fix this issue, this introduces custom cleanup_syscall_symbol_name()
> to strip postfix ".cfi_jt" before comparing syscall and symbol name.
>
> Signed-off-by: Padmanabha Srinivasaiah <padmanabha.srinivasaiah@harman.com>
> ---
>  kernel/trace/trace_syscalls.c | 22 ++++++++++++++++++++++
>  1 file changed, 22 insertions(+)
>
> diff --git a/kernel/trace/trace_syscalls.c b/kernel/trace/trace_syscalls.c
> index 8bfcd3b09422..dbc253fea34d 100644
> --- a/kernel/trace/trace_syscalls.c
> +++ b/kernel/trace/trace_syscalls.c
> @@ -79,6 +79,27 @@ trace_get_syscall_nr(struct task_struct *task, struct pt_regs *regs)
>  }
>  #endif /* ARCH_TRACE_IGNORE_COMPAT_SYSCALLS */
>
> +#if defined(CONFIG_CFI_CLANG) && defined(CONFIG_LTO_CLANG_THIN)
> +/*
> + * For a syscall symbol, clang generated non-canonical local jump tables
> + * will have entry as <syscall>.cfi_jt and address of this entry
> + * will be used to replace references to the syscall symbol.
> + * so we will strip the postfix from appended symbol name.
> + */
> +static inline bool cleanup_syscall_symbol_name(char *s)
> +{
> +       char *res;
> +
> +       res = strrchr(s, '.');
> +       if (res)
> +               *res = '\0';
> +
> +       return res != NULL;
> +}
> +#else
> +static inline bool cleanup_syscall_symbol_name(char *s) { return false; }
> +#endif
> +
>  static __init struct syscall_metadata *
>  find_syscall_meta(unsigned long syscall)
>  {
> @@ -90,6 +111,7 @@ find_syscall_meta(unsigned long syscall)
>         start = __start_syscalls_metadata;
>         stop = __stop_syscalls_metadata;
>         kallsyms_lookup(syscall, NULL, NULL, NULL, str);
> +       cleanup_syscall_symbol_name(str);

Shouldn't this happen in the kallsyms code instead? We already have
code there to clean up function names, and it seems like we should
just strip the postfix there before returning the name.

Sami

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] tracing/syscalls: Clang cfi enable syscall events
  2021-07-26 15:17 ` Sami Tolvanen
@ 2021-07-27 16:59   ` Padmanabha Srinivasaiah
  0 siblings, 0 replies; 3+ messages in thread
From: Padmanabha Srinivasaiah @ 2021-07-27 16:59 UTC (permalink / raw)
  To: Sami Tolvanen
  Cc: Steven Rostedt, Ingo Molnar, Padmanabha Srinivasaiah,
	Nathan Chancellor, Nick Desaulniers, LKML, clang-built-linux

On Mon, Jul 26, 2021 at 08:17:45AM -0700, Sami Tolvanen wrote:
> Hi,
> 
> On Tue, Jul 20, 2021 at 3:16 PM <treasure4paddy@gmail.com> wrote:
> >
> > From: Padmanabha Srinivasaiah <padmanabha.srinivasaiah@harman.com>
> >
> > With clang cfi syscall symbols are appended with <syscall>.cfi_jt,
> > hence syscall tracer can not find corresponding syscall name.
> > And results in no syscall ftrace events with CFI.
> >
> > To fix this issue, this introduces custom cleanup_syscall_symbol_name()
> > to strip postfix ".cfi_jt" before comparing syscall and symbol name.
> >
> > Signed-off-by: Padmanabha Srinivasaiah <padmanabha.srinivasaiah@harman.com>
> > ---
> >  kernel/trace/trace_syscalls.c | 22 ++++++++++++++++++++++
> >  1 file changed, 22 insertions(+)
> >
> > diff --git a/kernel/trace/trace_syscalls.c b/kernel/trace/trace_syscalls.c
> > index 8bfcd3b09422..dbc253fea34d 100644
> > --- a/kernel/trace/trace_syscalls.c
> > +++ b/kernel/trace/trace_syscalls.c
> > @@ -79,6 +79,27 @@ trace_get_syscall_nr(struct task_struct *task, struct pt_regs *regs)
> >  }
> >  #endif /* ARCH_TRACE_IGNORE_COMPAT_SYSCALLS */
> >
> > +#if defined(CONFIG_CFI_CLANG) && defined(CONFIG_LTO_CLANG_THIN)
> > +/*
> > + * For a syscall symbol, clang generated non-canonical local jump tables
> > + * will have entry as <syscall>.cfi_jt and address of this entry
> > + * will be used to replace references to the syscall symbol.
> > + * so we will strip the postfix from appended symbol name.
> > + */
> > +static inline bool cleanup_syscall_symbol_name(char *s)
> > +{
> > +       char *res;
> > +
> > +       res = strrchr(s, '.');
> > +       if (res)
> > +               *res = '\0';
> > +
> > +       return res != NULL;
> > +}
> > +#else
> > +static inline bool cleanup_syscall_symbol_name(char *s) { return false; }
> > +#endif
> > +
> >  static __init struct syscall_metadata *
> >  find_syscall_meta(unsigned long syscall)
> >  {
> > @@ -90,6 +111,7 @@ find_syscall_meta(unsigned long syscall)
> >         start = __start_syscalls_metadata;
> >         stop = __stop_syscalls_metadata;
> >         kallsyms_lookup(syscall, NULL, NULL, NULL, str);
> > +       cleanup_syscall_symbol_name(str);
> 
> Shouldn't this happen in the kallsyms code instead? We already have
> code there to clean up function names, and it seems like we should
> just strip the postfix there before returning the name.
> 
> Sami

Thanks Sami for the input, yes have regenrated patch:
https://lore.kernel.org/lkml/20210727140618.19130-1-treasure4paddy@gmail.com/T/#u


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2021-07-27 16:59 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-07-20 22:15 [PATCH] tracing/syscalls: Clang cfi enable syscall events treasure4paddy
2021-07-26 15:17 ` Sami Tolvanen
2021-07-27 16:59   ` Padmanabha Srinivasaiah

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox