lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 7 Nov 2022 16:06:26 +0000
From:   Mark Rutland <mark.rutland@....com>
To:     Will Deacon <will@...nel.org>
Cc:     Jianlin Lv <iecedge@...il.com>, corbet@....net,
        catalin.marinas@....com, rostedt@...dmis.org, mingo@...hat.com,
        naveen.n.rao@...ux.ibm.com, anil.s.keshavamurthy@...el.com,
        davem@...emloft.net, mhiramat@...nel.org, arnd@...db.de,
        zhengzengkai@...wei.com, jianlv@...y.com,
        linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH] arm64/kprobes: Add support for KPROBES_ON_FTRACE

On Mon, Nov 07, 2022 at 03:35:07PM +0000, Will Deacon wrote:
> On Mon, Nov 07, 2022 at 03:32:24PM +0000, Mark Rutland wrote:
> > On Mon, Nov 07, 2022 at 02:49:31PM +0000, Will Deacon wrote:
> > > [+Mark R]
> > > 
> > > On Thu, Jul 28, 2022 at 02:02:50AM +0000, Jianlin Lv wrote:
> > > > This is the arm64 version of ftrace-based kprobes to avoid the overhead
> > > > with regular kprobes, by using the ftrace infrastructure.
> > > > 
> > > > Signed-off-by: Jianlin Lv <iecedge@...il.com>
> > > > ---
> > > >  .../debug/kprobes-on-ftrace/arch-support.txt  |  2 +-
> > > >  arch/arm64/Kconfig                            |  1 +
> > > >  arch/arm64/kernel/probes/Makefile             |  1 +
> > > >  arch/arm64/kernel/probes/kprobes-ftrace.c     | 81 +++++++++++++++++++
> > > >  include/linux/kprobes.h                       |  2 +
> > > >  kernel/kprobes.c                              |  4 +-
> > > >  6 files changed, 88 insertions(+), 3 deletions(-)
> > > >  create mode 100644 arch/arm64/kernel/probes/kprobes-ftrace.c
> > > 
> > > Sorry for the slow reply on this, but I think this deserved to be split
> > > into two patches: the first one reworking the core check_ftrace_location()
> > > logic to work properly with branch-and-link style architectures, and the
> > > second one adding support for arm64.
> > 
> > I'd prefer we don't do this at all; there a bunch of issues with kprobes *not*
> > taking an exception, since we get a dodgy not-quite-real pt_regs, and to clean
> > up the existing issues the plan is:
> > 
> > 1) Move ftrace over to ftrace_regs
> > 2) Implement fprobes using ftrace_regs
> > 3) Remove kretprobes
> > 
> > ... and regular kprobes will need to take an exception (via BRK) to get a real
> > pt_regs, so that can't be optimized to use ftrace.
> 
> OKey doke. Does that mean that other architectures will follow the same
> approach of taking an exception,

I think once everyone has FPROBE, KPROBES_ON_FTRACE becomes redundant, and
could be removed (leaving kprobes to always follow a take-an-exception flow on
all architectures).

> or do they somehow work by magic?

Some architectures don't need to take an exception to be able to create a full
pt_regs (e.g. x86's flags are accessible in a way arm64's PSTATE isn't), but
that needs to be generated / restored differently to exception entry/return,
and so even where it's possible it can be painful to maintain (and slower than
using ftrace_regs), so I suspect KPROBES_ON_FTRACE would be removed.

So different constaints more than magic.

Thanks,
Mark.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ