| Message ID | 1457501543-24197-9-git-send-email-dave.long@linaro.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Hi, >From: Sandeepa Prabhu <sandeepa.s.prabhu@gmail.com> > >The pre-handler of this special 'trampoline' kprobe executes the return >probe handler functions and restores original return address in ELR_EL1. >This way the saved pt_regs still hold the original register context to be >carried back to the probed kernel function. This patch seems not well separated. >diff --git a/arch/arm64/kernel/kprobes.c b/arch/arm64/kernel/kprobes.c >index bd3f233..13d3333 100644 >--- a/arch/arm64/kernel/kprobes.c >+++ b/arch/arm64/kernel/kprobes.c [snip] >+void __kprobes arch_prepare_kretprobe(struct kretprobe_instance *ri, >+ struct pt_regs *regs) >+{ >+ ri->ret_addr = (kprobe_opcode_t *)regs->regs[30]; >+ >+ /* replace return addr (x30) with trampoline */ >+ regs->regs[30] = (long)&kretprobe_trampoline; So, where is the kretprobe_trampoline? It seems that function is defined in other patch. >+} >+ >+int __kprobes arch_trampoline_kprobe(struct kprobe *p) >+{ >+ return 0; > } And what this function is for?? Thank you, > > int __init arch_init_kprobes(void) >-- >2.5.0 > > >_______________________________________________ >linux-arm-kernel mailing list >linux-arm-kernel@lists.infradead.org >http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
>From: ???? / HIRAMATU?MASAMI [mailto:masami.hiramatsu.pt@hitachi.com] > >Hi, > >>From: Sandeepa Prabhu <sandeepa.s.prabhu@gmail.com> >> >>The pre-handler of this special 'trampoline' kprobe executes the return >>probe handler functions and restores original return address in ELR_EL1. >>This way the saved pt_regs still hold the original register context to be >>carried back to the probed kernel function. > >This patch seems not well separated. > >>diff --git a/arch/arm64/kernel/kprobes.c b/arch/arm64/kernel/kprobes.c >>index bd3f233..13d3333 100644 >>--- a/arch/arm64/kernel/kprobes.c >>+++ b/arch/arm64/kernel/kprobes.c > >[snip] > >>+void __kprobes arch_prepare_kretprobe(struct kretprobe_instance *ri, >>+ struct pt_regs *regs) >>+{ >>+ ri->ret_addr = (kprobe_opcode_t *)regs->regs[30]; >>+ >>+ /* replace return addr (x30) with trampoline */ >>+ regs->regs[30] = (long)&kretprobe_trampoline; > >So, where is the kretprobe_trampoline? It seems that function is >defined in other patch. > >>+} >>+ >>+int __kprobes arch_trampoline_kprobe(struct kprobe *p) >>+{ >>+ return 0; >> } > >And what this function is for?? Ah, sorry, this was my fault. Yes, this function is required. But this implementation also means there is an asm-based trampoline function which should be included in this patch. David, could you tell me the repository which I can get the latest version of this series? I'd like to see the whole code of kprobes/arm64. Thank you,
On 03/17/2016 08:58 AM, ???? / HIRAMATU?MASAMI wrote: >> From: ???? / HIRAMATU?MASAMI [mailto:masami.hiramatsu.pt@hitachi.com] >> >> Hi, >> >>> From: Sandeepa Prabhu <sandeepa.s.prabhu@gmail.com> >>> >>> The pre-handler of this special 'trampoline' kprobe executes the return >>> probe handler functions and restores original return address in ELR_EL1. >>> This way the saved pt_regs still hold the original register context to be >>> carried back to the probed kernel function. >> >> This patch seems not well separated. >> >>> diff --git a/arch/arm64/kernel/kprobes.c b/arch/arm64/kernel/kprobes.c >>> index bd3f233..13d3333 100644 >>> --- a/arch/arm64/kernel/kprobes.c >>> +++ b/arch/arm64/kernel/kprobes.c >> >> [snip] >> >>> +void __kprobes arch_prepare_kretprobe(struct kretprobe_instance *ri, >>> + struct pt_regs *regs) >>> +{ >>> + ri->ret_addr = (kprobe_opcode_t *)regs->regs[30]; >>> + >>> + /* replace return addr (x30) with trampoline */ >>> + regs->regs[30] = (long)&kretprobe_trampoline; >> >> So, where is the kretprobe_trampoline? It seems that function is >> defined in other patch. >> >>> +} >>> + >>> +int __kprobes arch_trampoline_kprobe(struct kprobe *p) >>> +{ >>> + return 0; >>> } >> >> And what this function is for?? > > Ah, sorry, this was my fault. Yes, this function is required. > But this implementation also means there is an asm-based trampoline > function which should be included in this patch. > > David, could you tell me the repository which I can get the latest > version of this series? I'd like to see the whole code of kprobes/arm64. > > Thank you, > It can be found in: http://git.linaro.org/people/dave.long/linux.git ...in the kprobes64-v11 branch. Thanks, -dl
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index c395386..72412de 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -82,6 +82,7 @@ config ARM64 select HAVE_RCU_TABLE_FREE select HAVE_SYSCALL_TRACEPOINTS select HAVE_KPROBES + select HAVE_KRETPROBES if HAVE_KPROBES select IOMMU_DMA if IOMMU_SUPPORT select IRQ_DOMAIN select IRQ_FORCED_THREADING diff --git a/arch/arm64/kernel/kprobes.c b/arch/arm64/kernel/kprobes.c index bd3f233..13d3333 100644 --- a/arch/arm64/kernel/kprobes.c +++ b/arch/arm64/kernel/kprobes.c @@ -534,7 +534,80 @@ int __kprobes longjmp_break_handler(struct kprobe *p, struct pt_regs *regs) void __kprobes __used *trampoline_probe_handler(struct pt_regs *regs) { - return NULL; + struct kretprobe_instance *ri = NULL; + struct hlist_head *head, empty_rp; + struct hlist_node *tmp; + unsigned long flags, orig_ret_addr = 0; + unsigned long trampoline_address = + (unsigned long)&kretprobe_trampoline; + + INIT_HLIST_HEAD(&empty_rp); + kretprobe_hash_lock(current, &head, &flags); + + /* + * It is possible to have multiple instances associated with a given + * task either because multiple functions in the call path have + * a return probe installed on them, and/or more than one return + * probe was registered for a target function. + * + * We can handle this because: + * - instances are always inserted at the head of the list + * - when multiple return probes are registered for the same + * function, the first instance's ret_addr will point to the + * real return address, and all the rest will point to + * kretprobe_trampoline + */ + hlist_for_each_entry_safe(ri, tmp, head, hlist) { + if (ri->task != current) + /* another task is sharing our hash bucket */ + continue; + + if (ri->rp && ri->rp->handler) { + __this_cpu_write(current_kprobe, &ri->rp->kp); + get_kprobe_ctlblk()->kprobe_status = KPROBE_HIT_ACTIVE; + ri->rp->handler(ri, regs); + __this_cpu_write(current_kprobe, NULL); + } + + orig_ret_addr = (unsigned long)ri->ret_addr; + recycle_rp_inst(ri, &empty_rp); + + if (orig_ret_addr != trampoline_address) + /* + * This is the real return address. Any other + * instances associated with this task are for + * other calls deeper on the call stack + */ + break; + } + + kretprobe_assert(ri, orig_ret_addr, trampoline_address); + /* restore the original return address */ + instruction_pointer(regs) = orig_ret_addr; + reset_current_kprobe(); + kretprobe_hash_unlock(current, &flags); + + hlist_for_each_entry_safe(ri, tmp, &empty_rp, hlist) { + hlist_del(&ri->hlist); + kfree(ri); + } + + /* return 1 so that post handlers not called */ + return (void *) orig_ret_addr; +} + +void __kprobes arch_prepare_kretprobe(struct kretprobe_instance *ri, + struct pt_regs *regs) +{ + ri->ret_addr = (kprobe_opcode_t *)regs->regs[30]; + + /* replace return addr (x30) with trampoline */ + regs->regs[30] = (long)&kretprobe_trampoline; +} + +int __kprobes arch_trampoline_kprobe(struct kprobe *p) +{ + return 0; } int __init arch_init_kprobes(void)