linux-mips
[Top] [All Lists]

Re: [PATCH 2/4] MIPS Kprobes: Deny probes on ll/sc instructions

To: David Daney <david.daney@cavium.com>
Subject: Re: [PATCH 2/4] MIPS Kprobes: Deny probes on ll/sc instructions
From: Victor Kamensky <kamensky@cisco.com>
Date: Tue, 8 Nov 2011 15:26:42 -0800 (PST)
Cc: "manesoni@cisco.com" <manesoni@cisco.com>, Ralf Baechle <ralf@linux-mips.org>, "ananth@in.ibm.com" <ananth@in.ibm.com>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, "linux-mips@linux-mips.org" <linux-mips@linux-mips.org>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=kamensky@cisco.com; l=13031; q=dns/txt; s=iport; t=1320795620; x=1322005220; h=date:from:to:cc:subject:in-reply-to:message-id: references:mime-version; bh=rbFEG0Hpl8OoHup74MkoIz9O3VUxZO4SkmZELTdpvN8=; b=Iyln65FAO6hb9BK4zOYELFt4SOITvxrep5BH/f9/Ryva5ah3lV36SklG x+IM3ZGGZZsejxbCeSjxUEHKV19wOCEpsQH1Hlqm/bHRQkR/HHsTvdjqV E7sq5n7cStPL29RdQMAjext54xEo2GGFOwEMN00rqKjfcN1/OCo3JpvXT Q=;
In-reply-to: <4EB98A8E.4060900@cavium.com>
References: <20111108170336.GA16526@cisco.com> <20111108170535.GC16526@cisco.com> <4EB98A8E.4060900@cavium.com>
Sender: linux-mips-bounce@linux-mips.org
Hi David,

Thank you for your feedback! Please see response inline.

On Tue, 8 Nov 2011, David Daney wrote:

> On 11/08/2011 09:05 AM, Maneesh Soni wrote:
> >
> > From: Maneesh Soni<manesoni@cisco.com>
> >
> > Deny probes on ll/sc instructions for MIPS kprobes
> >
> > As ll/sc instruction are for atomic read-modify-write operations, allowing
> > probes on top of these insturctions is a bad idea.
> >
>
> s/insturctions/instructions/
>
> Not only is it a bad idea, it will probably make them fail 100% of the time.
>
> It is also an equally bad idea to place a probe between any LL and SC
> instructions.  How do you prevent that?

As per below code comment we don't prevent that. There is no way to do
that.

> If you cannot prevent probes between LL and SC, why bother with this at all?

We just trying to be a bit practical here. It is better than nothing,
right? Breakpoint on top of ll/sc simply won't work and that is the fact.
Breakpoint between related pair of ll/sc won't work too, but nothing we
can do about that.

We run into this situation with SystemTap function wildcard based tracing,
as per attached unit test note. Basically SystemTap wildcard probe picked
inline assembler function which had first 'll' instruction and as result
it was spinning there till SystemTap module reached threshold and shut
itself off so code proceeded after that. Note attached unit test presents
simplified version of real issue we run into, so it may look a bit
artificial. Note it is highly unlikely that SystemTap wildcard tracing
would pick up anything between related pair of ll/sc. In order to have
breakpoint between ll/sc user had use 'statement' SystemTap directive and
it would be specifically targeting given address and therefore could be
removed easily. In case of wildcard tracing there is no easy workaround
for user to drop functions that start with 'll'.

Ideally we would want to push this check into SystemTap compile time,
along with check for branch delay slot instruction, but currently in
SystemTap there is no infrastructure that would check instruction opcode
at compile time. I believe that disallowed instruction check in SystemTap
compiler is missing for any CPU. Adding it would be small feature that we
did not have time to pursue.

Thanks,
Victor

> David Daney
>
> > Signed-off-by: Victor Kamensky<kamensky@cisco.com>
> > Signed-off-by: Maneesh Soni<manesoni@cisco.com>
> > ---
> >   arch/mips/kernel/kprobes.c |   31 +++++++++++++++++++++++++++++++
> >   1 files changed, 31 insertions(+), 0 deletions(-)
> >
> > diff --git a/arch/mips/kernel/kprobes.c b/arch/mips/kernel/kprobes.c
> > index 9fb1876..0ab1a5f 100644
> > --- a/arch/mips/kernel/kprobes.c
> > +++ b/arch/mips/kernel/kprobes.c
> > @@ -113,6 +113,30 @@ insn_ok:
> >     return 0;
> >   }
> >
> > +/*
> > + * insn_has_ll_or_sc function checks whether instruction is ll or sc
> > + * one; putting breakpoint on top of atomic ll/sc pair is bad idea;
> > + * so we need to prevent it and refuse kprobes insertion for such
> > + * instructions; cannot do much about breakpoint in the middle of
> > + * ll/sc pair; it is upto user to avoid those places
> > + */
> > +static int __kprobes insn_has_ll_or_sc(union mips_instruction insn)
> > +{
> > +   int ret = 0;
> > +
> > +   switch (insn.i_format.opcode) {
> > +   case ll_op:
> > +   case lld_op:
> > +   case sc_op:
> > +   case scd_op:
> > +           ret = 1;
> > +           break;
> > +   default:
> > +           break;
> > +   }
> > +   return ret;
> > +}
> > +
> >   int __kprobes arch_prepare_kprobe(struct kprobe *p)
> >   {
> >     union mips_instruction insn;
> > @@ -121,6 +145,13 @@ int __kprobes arch_prepare_kprobe(struct kprobe *p)
> >
> >     insn = p->addr[0];
> >
> > +   if (insn_has_ll_or_sc(insn)) {
> > +           pr_notice("Kprobes for ll and sc instructions are not"
> > +                     "supported\n");
> > +           ret = -EINVAL;
> > +           goto out;
> > +   }
> > +
> >     if (insn_has_delayslot(insn)) {
> >             pr_notice("Kprobes for branch and jump instructions are not"
> >                       "supported\n");
>
>

Attachment: kprobes_ll_sc_testing.txt
Description: Text document

<Prev in Thread] Current Thread [Next in Thread>