[PATCH stable v6.6] riscv: Pass patch_text() the length in bytes

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH stable v6.6] riscv: Pass patch_text() the length in bytes
@ 2025-05-06 20:17 Nam Cao
  2025-05-08 16:17 ` Sasha Levin
  0 siblings, 1 reply; 2+ messages in thread
From: Nam Cao @ 2025-05-06 20:17 UTC (permalink / raw)
  To: Greg Kroah-Hartman, stable
  Cc: Kai Zhang, Paul Walmsley, Palmer Dabbelt, Albert Ou,
	Alexandre Ghiti, linux-riscv, linux-kernel, Samuel Holland,
	Björn Töpel, Conor Dooley, Palmer Dabbelt, Nam Cao

From: Samuel Holland <samuel.holland@sifive.com>

[ Upstream commit 51781ce8f4486c3738a6c85175b599ad1be71f89 ]

patch_text_nosync() already handles an arbitrary length of code, so this
removes a superfluous loop and reduces the number of icache flushes.

Reviewed-by: Björn Töpel <bjorn@rivosinc.com>
Signed-off-by: Samuel Holland <samuel.holland@sifive.com>
Reviewed-by: Conor Dooley <conor.dooley@microchip.com>
Link: https://lore.kernel.org/r/20240327160520.791322-6-samuel.holland@sifive.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
[apply to v6.6]
Signed-off-by: Nam Cao <namcao@linutronix.de>
---
this patch fixes a bug introduced by commit b1756750a397 ("riscv: kprobes: Use
patch_text_nosync() for insn slots"), which replaced patch_text() with
patch_text_nosync(). That is broken, because patch_text() and
patch_text_nosync() takes different parameters (number of instruction vs
patched length in bytes).

This bug was reported in:
https://lore.kernel.org/stable/c7e463c0-8cad-4f4e-addd-195c06b7b6de@iscas.ac.cn/
---
 arch/riscv/include/asm/patch.h     |  2 +-
 arch/riscv/kernel/patch.c          | 14 +++++---------
 arch/riscv/kernel/probes/kprobes.c | 18 ++++++++++--------
 arch/riscv/net/bpf_jit_comp64.c    |  7 ++++---
 4 files changed, 20 insertions(+), 21 deletions(-)

diff --git a/arch/riscv/include/asm/patch.h b/arch/riscv/include/asm/patch.h
index 9f5d6e14c405..7228e266b9a1 100644
--- a/arch/riscv/include/asm/patch.h
+++ b/arch/riscv/include/asm/patch.h
@@ -9,7 +9,7 @@
 int patch_insn_write(void *addr, const void *insn, size_t len);
 int patch_text_nosync(void *addr, const void *insns, size_t len);
 int patch_text_set_nosync(void *addr, u8 c, size_t len);
-int patch_text(void *addr, u32 *insns, int ninsns);
+int patch_text(void *addr, u32 *insns, size_t len);
 
 extern int riscv_patch_in_stop_machine;
 
diff --git a/arch/riscv/kernel/patch.c b/arch/riscv/kernel/patch.c
index 78387d843aa5..aeda87240dbc 100644
--- a/arch/riscv/kernel/patch.c
+++ b/arch/riscv/kernel/patch.c
@@ -19,7 +19,7 @@
 struct patch_insn {
 	void *addr;
 	u32 *insns;
-	int ninsns;
+	size_t len;
 	atomic_t cpu_count;
 };
 
@@ -234,14 +234,10 @@ NOKPROBE_SYMBOL(patch_text_nosync);
 static int patch_text_cb(void *data)
 {
 	struct patch_insn *patch = data;
-	unsigned long len;
-	int i, ret = 0;
+	int ret = 0;
 
 	if (atomic_inc_return(&patch->cpu_count) == num_online_cpus()) {
-		for (i = 0; ret == 0 && i < patch->ninsns; i++) {
-			len = GET_INSN_LENGTH(patch->insns[i]);
-			ret = patch_insn_write(patch->addr + i * len, &patch->insns[i], len);
-		}
+		ret = patch_insn_write(patch->addr, patch->insns, patch->len);
 		/*
 		 * Make sure the patching store is effective *before* we
 		 * increment the counter which releases all waiting CPUs
@@ -262,13 +258,13 @@ static int patch_text_cb(void *data)
 }
 NOKPROBE_SYMBOL(patch_text_cb);
 
-int patch_text(void *addr, u32 *insns, int ninsns)
+int patch_text(void *addr, u32 *insns, size_t len)
 {
 	int ret;
 	struct patch_insn patch = {
 		.addr = addr,
 		.insns = insns,
-		.ninsns = ninsns,
+		.len = len,
 		.cpu_count = ATOMIC_INIT(0),
 	};
 
diff --git a/arch/riscv/kernel/probes/kprobes.c b/arch/riscv/kernel/probes/kprobes.c
index 4fbc70e823f0..297427ffc4e0 100644
--- a/arch/riscv/kernel/probes/kprobes.c
+++ b/arch/riscv/kernel/probes/kprobes.c
@@ -23,13 +23,13 @@ post_kprobe_handler(struct kprobe *, struct kprobe_ctlblk *, struct pt_regs *);
 
 static void __kprobes arch_prepare_ss_slot(struct kprobe *p)
 {
+	size_t len = GET_INSN_LENGTH(p->opcode);
 	u32 insn = __BUG_INSN_32;
-	unsigned long offset = GET_INSN_LENGTH(p->opcode);
 
-	p->ainsn.api.restore = (unsigned long)p->addr + offset;
+	p->ainsn.api.restore = (unsigned long)p->addr + len;
 
-	patch_text_nosync(p->ainsn.api.insn, &p->opcode, 1);
-	patch_text_nosync((void *)p->ainsn.api.insn + offset, &insn, 1);
+	patch_text_nosync(p->ainsn.api.insn, &p->opcode, len);
+	patch_text_nosync((void *)p->ainsn.api.insn + len, &insn, GET_INSN_LENGTH(insn));
 }
 
 static void __kprobes arch_prepare_simulate(struct kprobe *p)
@@ -116,16 +116,18 @@ void *alloc_insn_page(void)
 /* install breakpoint in text */
 void __kprobes arch_arm_kprobe(struct kprobe *p)
 {
-	u32 insn = (p->opcode & __INSN_LENGTH_MASK) == __INSN_LENGTH_32 ?
-		   __BUG_INSN_32 : __BUG_INSN_16;
+	size_t len = GET_INSN_LENGTH(p->opcode);
+	u32 insn = len == 4 ? __BUG_INSN_32 : __BUG_INSN_16;
 
-	patch_text(p->addr, &insn, 1);
+	patch_text(p->addr, &insn, len);
 }
 
 /* remove breakpoint from text */
 void __kprobes arch_disarm_kprobe(struct kprobe *p)
 {
-	patch_text(p->addr, &p->opcode, 1);
+	size_t len = GET_INSN_LENGTH(p->opcode);
+
+	patch_text(p->addr, &p->opcode, len);
 }
 
 void __kprobes arch_remove_kprobe(struct kprobe *p)
diff --git a/arch/riscv/net/bpf_jit_comp64.c b/arch/riscv/net/bpf_jit_comp64.c
index 26eeb3973631..16eb4cd11cbd 100644
--- a/arch/riscv/net/bpf_jit_comp64.c
+++ b/arch/riscv/net/bpf_jit_comp64.c
@@ -14,6 +14,7 @@
 #include "bpf_jit.h"
 
 #define RV_FENTRY_NINSNS 2
+#define RV_FENTRY_NBYTES (RV_FENTRY_NINSNS * 4)
 
 #define RV_REG_TCC RV_REG_A6
 #define RV_REG_TCC_SAVED RV_REG_S6 /* Store A6 in S6 if program do calls */
@@ -681,7 +682,7 @@ int bpf_arch_text_poke(void *ip, enum bpf_text_poke_type poke_type,
 	if (ret)
 		return ret;
 
-	if (memcmp(ip, old_insns, RV_FENTRY_NINSNS * 4))
+	if (memcmp(ip, old_insns, RV_FENTRY_NBYTES))
 		return -EFAULT;
 
 	ret = gen_jump_or_nops(new_addr, ip, new_insns, is_call);
@@ -690,8 +691,8 @@ int bpf_arch_text_poke(void *ip, enum bpf_text_poke_type poke_type,
 
 	cpus_read_lock();
 	mutex_lock(&text_mutex);
-	if (memcmp(ip, new_insns, RV_FENTRY_NINSNS * 4))
-		ret = patch_text(ip, new_insns, RV_FENTRY_NINSNS);
+	if (memcmp(ip, new_insns, RV_FENTRY_NBYTES))
+		ret = patch_text(ip, new_insns, RV_FENTRY_NBYTES);
 	mutex_unlock(&text_mutex);
 	cpus_read_unlock();
 
-- 
2.39.5


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH stable v6.6] riscv: Pass patch_text() the length in bytes
  2025-05-06 20:17 [PATCH stable v6.6] riscv: Pass patch_text() the length in bytes Nam Cao
@ 2025-05-08 16:17 ` Sasha Levin
  0 siblings, 0 replies; 2+ messages in thread
From: Sasha Levin @ 2025-05-08 16:17 UTC (permalink / raw)
  To: stable; +Cc: Nam Cao, Sasha Levin

[ Sasha's backport helper bot ]

Hi,

✅ All tests passed successfully. No issues detected.
No action required from the submitter.

The upstream commit SHA1 provided is correct: 51781ce8f4486c3738a6c85175b599ad1be71f89

WARNING: Author mismatch between patch and upstream commit:
Backport author: Nam Cao<namcao@linutronix.de>
Commit author: Samuel Holland<samuel.holland@sifive.com>

Status in newer kernel trees:
6.14.y | Present (exact SHA1)
6.12.y | Present (exact SHA1)

Note: The patch differs from the upstream commit:
---
1:  51781ce8f4486 ! 1:  1bc29061a4457 riscv: Pass patch_text() the length in bytes
    @@ Metadata
      ## Commit message ##
         riscv: Pass patch_text() the length in bytes
     
    +    [ Upstream commit 51781ce8f4486c3738a6c85175b599ad1be71f89 ]
    +
         patch_text_nosync() already handles an arbitrary length of code, so this
         removes a superfluous loop and reduces the number of icache flushes.
     
    @@ Commit message
         Reviewed-by: Conor Dooley <conor.dooley@microchip.com>
         Link: https://lore.kernel.org/r/20240327160520.791322-6-samuel.holland@sifive.com
         Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
    +    [apply to v6.6]
    +    Signed-off-by: Nam Cao <namcao@linutronix.de>
     
      ## arch/riscv/include/asm/patch.h ##
     @@
    @@ arch/riscv/kernel/probes/kprobes.c: post_kprobe_handler(struct kprobe *, struct
     +	p->ainsn.api.restore = (unsigned long)p->addr + len;
      
     -	patch_text_nosync(p->ainsn.api.insn, &p->opcode, 1);
    --	patch_text_nosync(p->ainsn.api.insn + offset, &insn, 1);
    +-	patch_text_nosync((void *)p->ainsn.api.insn + offset, &insn, 1);
     +	patch_text_nosync(p->ainsn.api.insn, &p->opcode, len);
    -+	patch_text_nosync(p->ainsn.api.insn + len, &insn, GET_INSN_LENGTH(insn));
    ++	patch_text_nosync((void *)p->ainsn.api.insn + len, &insn, GET_INSN_LENGTH(insn));
      }
      
      static void __kprobes arch_prepare_simulate(struct kprobe *p)
    -@@ arch/riscv/kernel/probes/kprobes.c: int __kprobes arch_prepare_kprobe(struct kprobe *p)
    +@@ arch/riscv/kernel/probes/kprobes.c: void *alloc_insn_page(void)
      /* install breakpoint in text */
      void __kprobes arch_arm_kprobe(struct kprobe *p)
      {
---

Results of testing on various branches:

| Branch                    | Patch Apply | Build Test |
|---------------------------|-------------|------------|
| stable/linux-6.6.y        |  Success    |  Success   |

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2025-05-08 16:17 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-06 20:17 [PATCH stable v6.6] riscv: Pass patch_text() the length in bytes Nam Cao
2025-05-08 16:17 ` Sasha Levin

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox