kprobe does not handle events happening in real mode.
As exception entry points are running with MMU disabled,
blacklist them.
Signed-off-by: Christophe Leroy <[email protected]>
---
arch/powerpc/kernel/entry_32.S | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
index 94f78c03cb79..9a1a45d6038a 100644
--- a/arch/powerpc/kernel/entry_32.S
+++ b/arch/powerpc/kernel/entry_32.S
@@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
mfspr r0,SPRN_DSRR1
stw r0,_DSRR1(r11)
/* fall through */
+_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
.globl debug_transfer_to_handler
debug_transfer_to_handler:
@@ -59,6 +60,7 @@ debug_transfer_to_handler:
mfspr r0,SPRN_CSRR1
stw r0,_CSRR1(r11)
/* fall through */
+_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
.globl crit_transfer_to_handler
crit_transfer_to_handler:
@@ -94,6 +96,7 @@ crit_transfer_to_handler:
rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
stw r0,KSP_LIMIT(r8)
/* fall through */
+_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
#endif
#ifdef CONFIG_40x
@@ -115,6 +118,7 @@ crit_transfer_to_handler:
rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
stw r0,KSP_LIMIT(r8)
/* fall through */
+_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
#endif
/*
@@ -127,6 +131,7 @@ crit_transfer_to_handler:
.globl transfer_to_handler_full
transfer_to_handler_full:
SAVE_NVGPRS(r11)
+_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
/* fall through */
.globl transfer_to_handler
@@ -286,6 +291,8 @@ reenable_mmu:
lwz r2, GPR2(r11)
b fast_exception_return
#endif
+_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
+_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
#ifndef CONFIG_VMAP_STACK
/*
--
2.25.0
Christophe Leroy wrote:
> kprobe does not handle events happening in real mode.
>
> As exception entry points are running with MMU disabled,
> blacklist them.
>
> Signed-off-by: Christophe Leroy <[email protected]>
> ---
> arch/powerpc/kernel/entry_32.S | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S
> index 94f78c03cb79..9a1a45d6038a 100644
> --- a/arch/powerpc/kernel/entry_32.S
> +++ b/arch/powerpc/kernel/entry_32.S
> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
> mfspr r0,SPRN_DSRR1
> stw r0,_DSRR1(r11)
> /* fall through */
> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>
> .globl debug_transfer_to_handler
> debug_transfer_to_handler:
> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
> mfspr r0,SPRN_CSRR1
> stw r0,_CSRR1(r11)
> /* fall through */
> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>
> .globl crit_transfer_to_handler
> crit_transfer_to_handler:
> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
> stw r0,KSP_LIMIT(r8)
> /* fall through */
> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
> #endif
>
> #ifdef CONFIG_40x
> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
> stw r0,KSP_LIMIT(r8)
> /* fall through */
> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
> #endif
>
> /*
> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
> .globl transfer_to_handler_full
> transfer_to_handler_full:
> SAVE_NVGPRS(r11)
> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
> /* fall through */
>
> .globl transfer_to_handler
> @@ -286,6 +291,8 @@ reenable_mmu:
> lwz r2, GPR2(r11)
> b fast_exception_return
> #endif
> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
These are added after 'reenable_mmu', which is itself not blacklisted.
Is that intentional?
- Naveen
Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
> Christophe Leroy wrote:
>> kprobe does not handle events happening in real mode.
>>
>> As exception entry points are running with MMU disabled,
>> blacklist them.
>>
>> Signed-off-by: Christophe Leroy <[email protected]>
>> ---
>> arch/powerpc/kernel/entry_32.S | 7 +++++++
>> 1 file changed, 7 insertions(+)
>>
>> diff --git a/arch/powerpc/kernel/entry_32.S
>> b/arch/powerpc/kernel/entry_32.S
>> index 94f78c03cb79..9a1a45d6038a 100644
>> --- a/arch/powerpc/kernel/entry_32.S
>> +++ b/arch/powerpc/kernel/entry_32.S
>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>> mfspr r0,SPRN_DSRR1
>> stw r0,_DSRR1(r11)
>> /* fall through */
>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>
>> .globl debug_transfer_to_handler
>> debug_transfer_to_handler:
>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>> mfspr r0,SPRN_CSRR1
>> stw r0,_CSRR1(r11)
>> /* fall through */
>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>
>> .globl crit_transfer_to_handler
>> crit_transfer_to_handler:
>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>> stw r0,KSP_LIMIT(r8)
>> /* fall through */
>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>> #endif
>>
>> #ifdef CONFIG_40x
>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>> stw r0,KSP_LIMIT(r8)
>> /* fall through */
>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>> #endif
>>
>> /*
>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>> .globl transfer_to_handler_full
>> transfer_to_handler_full:
>> SAVE_NVGPRS(r11)
>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>> /* fall through */
>>
>> .globl transfer_to_handler
>> @@ -286,6 +291,8 @@ reenable_mmu:
>> lwz r2, GPR2(r11)
>> b fast_exception_return
>> #endif
>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>
> These are added after 'reenable_mmu', which is itself not blacklisted.
> Is that intentional?
Yes I put it as the complete end of the entry part, ie just before
stack_ovf which is a function by itself.
Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, that's
the reason why I put it close to the symbol itself in my first series.
Could you have a look at the code and tell me what looks the most
appropriate as a location to you ?
https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230
Thanks
Christophe
Le 30/03/2020 à 20:33, Christophe Leroy a écrit :
>
>
> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>> Christophe Leroy wrote:
>>> kprobe does not handle events happening in real mode.
>>>
>>> As exception entry points are running with MMU disabled,
>>> blacklist them.
>>>
>>> Signed-off-by: Christophe Leroy <[email protected]>
>>> ---
>>> arch/powerpc/kernel/entry_32.S | 7 +++++++
>>> 1 file changed, 7 insertions(+)
>>>
>>> diff --git a/arch/powerpc/kernel/entry_32.S
>>> b/arch/powerpc/kernel/entry_32.S
>>> index 94f78c03cb79..9a1a45d6038a 100644
>>> --- a/arch/powerpc/kernel/entry_32.S
>>> +++ b/arch/powerpc/kernel/entry_32.S
>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>> mfspr r0,SPRN_DSRR1
>>> stw r0,_DSRR1(r11)
>>> /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>
>>> .globl debug_transfer_to_handler
>>> debug_transfer_to_handler:
>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>> mfspr r0,SPRN_CSRR1
>>> stw r0,_CSRR1(r11)
>>> /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>
>>> .globl crit_transfer_to_handler
>>> crit_transfer_to_handler:
>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>> stw r0,KSP_LIMIT(r8)
>>> /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>> #endif
>>>
>>> #ifdef CONFIG_40x
>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>> stw r0,KSP_LIMIT(r8)
>>> /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>> #endif
>>>
>>> /*
>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>> .globl transfer_to_handler_full
>>> transfer_to_handler_full:
>>> SAVE_NVGPRS(r11)
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>> /* fall through */
>>>
>>> .globl transfer_to_handler
>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>> lwz r2, GPR2(r11)
>>> b fast_exception_return
>>> #endif
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>
>> These are added after 'reenable_mmu', which is itself not blacklisted.
>> Is that intentional?
>
> Yes I put it as the complete end of the entry part, ie just before
> stack_ovf which is a function by itself.
>
> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
>
> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, that's
> the reason why I put it close to the symbol itself in my first series.
>
> Could you have a look at the code and tell me what looks the most
> appropriate as a location to you ?
>
> https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230
Ok, thinking about it once more, I guess we have a problem as everything
after that reenable_mmu will be visible.
So I'll respin
Christophe
Christophe Leroy wrote:
>
>
> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>> Christophe Leroy wrote:
>>> kprobe does not handle events happening in real mode.
>>>
>>> As exception entry points are running with MMU disabled,
>>> blacklist them.
>>>
>>> Signed-off-by: Christophe Leroy <[email protected]>
>>> ---
>>> arch/powerpc/kernel/entry_32.S | 7 +++++++
>>> 1 file changed, 7 insertions(+)
>>>
>>> diff --git a/arch/powerpc/kernel/entry_32.S
>>> b/arch/powerpc/kernel/entry_32.S
>>> index 94f78c03cb79..9a1a45d6038a 100644
>>> --- a/arch/powerpc/kernel/entry_32.S
>>> +++ b/arch/powerpc/kernel/entry_32.S
>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>> mfspr r0,SPRN_DSRR1
>>> stw r0,_DSRR1(r11)
>>> /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>
>>> .globl debug_transfer_to_handler
>>> debug_transfer_to_handler:
>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>> mfspr r0,SPRN_CSRR1
>>> stw r0,_CSRR1(r11)
>>> /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>
>>> .globl crit_transfer_to_handler
>>> crit_transfer_to_handler:
>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>> stw r0,KSP_LIMIT(r8)
>>> /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>> #endif
>>>
>>> #ifdef CONFIG_40x
>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>> stw r0,KSP_LIMIT(r8)
>>> /* fall through */
>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>> #endif
>>>
>>> /*
>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>> .globl transfer_to_handler_full
>>> transfer_to_handler_full:
>>> SAVE_NVGPRS(r11)
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>> /* fall through */
>>>
>>> .globl transfer_to_handler
>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>> lwz r2, GPR2(r11)
>>> b fast_exception_return
>>> #endif
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>
>> These are added after 'reenable_mmu', which is itself not blacklisted.
>> Is that intentional?
>
> Yes I put it as the complete end of the entry part, ie just before
> stack_ovf which is a function by itself.
>
> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
>
> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, that's
> the reason why I put it close to the symbol itself in my first series.
Ok, I see what you mean. 'reenable_mmu' can probably be moved after the
end of 'transfer_to_handler_cont' (as also removing what looks to be an
unused label '1' for the branch to trace_hardirqs_off), but that's a
minor thing. From the blacklisting point, this is not an issue.
- Naveen
Christophe Leroy wrote:
>
>
> Le 30/03/2020 à 20:33, Christophe Leroy a écrit :
>>
>>
>> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>>> Christophe Leroy wrote:
>>>> kprobe does not handle events happening in real mode.
>>>>
>>>> As exception entry points are running with MMU disabled,
>>>> blacklist them.
>>>>
>>>> Signed-off-by: Christophe Leroy <[email protected]>
>>>> ---
>>>> arch/powerpc/kernel/entry_32.S | 7 +++++++
>>>> 1 file changed, 7 insertions(+)
>>>>
>>>> diff --git a/arch/powerpc/kernel/entry_32.S
>>>> b/arch/powerpc/kernel/entry_32.S
>>>> index 94f78c03cb79..9a1a45d6038a 100644
>>>> --- a/arch/powerpc/kernel/entry_32.S
>>>> +++ b/arch/powerpc/kernel/entry_32.S
>>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>>> mfspr r0,SPRN_DSRR1
>>>> stw r0,_DSRR1(r11)
>>>> /* fall through */
>>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>>
>>>> .globl debug_transfer_to_handler
>>>> debug_transfer_to_handler:
>>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>>> mfspr r0,SPRN_CSRR1
>>>> stw r0,_CSRR1(r11)
>>>> /* fall through */
>>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>>
>>>> .globl crit_transfer_to_handler
>>>> crit_transfer_to_handler:
>>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>>> stw r0,KSP_LIMIT(r8)
>>>> /* fall through */
>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>> #endif
>>>>
>>>> #ifdef CONFIG_40x
>>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>>> stw r0,KSP_LIMIT(r8)
>>>> /* fall through */
>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>> #endif
>>>>
>>>> /*
>>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>>> .globl transfer_to_handler_full
>>>> transfer_to_handler_full:
>>>> SAVE_NVGPRS(r11)
>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>>> /* fall through */
>>>>
>>>> .globl transfer_to_handler
>>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>>> lwz r2, GPR2(r11)
>>>> b fast_exception_return
>>>> #endif
>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>>
>>> These are added after 'reenable_mmu', which is itself not blacklisted.
>>> Is that intentional?
>>
>> Yes I put it as the complete end of the entry part, ie just before
>> stack_ovf which is a function by itself.
>>
>> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
>>
>> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s, that's
>> the reason why I put it close to the symbol itself in my first series.
>>
>> Could you have a look at the code and tell me what looks the most
>> appropriate as a location to you ?
>>
>> https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230
>
> Ok, thinking about it once more, I guess we have a problem as everything
> after that reenable_mmu will be visible.
I see that we reach reenable_mmu through a 'rfi' with MSR_KERNEL, which
seems safe to me. So, I figured it can be probed without issues?
- Naveen
Le 31/03/2020 à 08:17, Naveen N. Rao a écrit :
> Christophe Leroy wrote:
>>
>>
>> Le 30/03/2020 à 20:33, Christophe Leroy a écrit :
>>>
>>>
>>> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>>>> Christophe Leroy wrote:
>>>>> kprobe does not handle events happening in real mode.
>>>>>
>>>>> As exception entry points are running with MMU disabled,
>>>>> blacklist them.
>>>>>
>>>>> Signed-off-by: Christophe Leroy <[email protected]>
>>>>> ---
>>>>> arch/powerpc/kernel/entry_32.S | 7 +++++++
>>>>> 1 file changed, 7 insertions(+)
>>>>>
>>>>> diff --git a/arch/powerpc/kernel/entry_32.S
>>>>> b/arch/powerpc/kernel/entry_32.S
>>>>> index 94f78c03cb79..9a1a45d6038a 100644
>>>>> --- a/arch/powerpc/kernel/entry_32.S
>>>>> +++ b/arch/powerpc/kernel/entry_32.S
>>>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>>>> mfspr r0,SPRN_DSRR1
>>>>> stw r0,_DSRR1(r11)
>>>>> /* fall through */
>>>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>>>
>>>>> .globl debug_transfer_to_handler
>>>>> debug_transfer_to_handler:
>>>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>>>> mfspr r0,SPRN_CSRR1
>>>>> stw r0,_CSRR1(r11)
>>>>> /* fall through */
>>>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>>>
>>>>> .globl crit_transfer_to_handler
>>>>> crit_transfer_to_handler:
>>>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>> stw r0,KSP_LIMIT(r8)
>>>>> /* fall through */
>>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>> #endif
>>>>>
>>>>> #ifdef CONFIG_40x
>>>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>> stw r0,KSP_LIMIT(r8)
>>>>> /* fall through */
>>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>> #endif
>>>>>
>>>>> /*
>>>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>>>> .globl transfer_to_handler_full
>>>>> transfer_to_handler_full:
>>>>> SAVE_NVGPRS(r11)
>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>>>> /* fall through */
>>>>>
>>>>> .globl transfer_to_handler
>>>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>>>> lwz r2, GPR2(r11)
>>>>> b fast_exception_return
>>>>> #endif
>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>>>
>>>> These are added after 'reenable_mmu', which is itself not
>>>> blacklisted. Is that intentional?
>>>
>>> Yes I put it as the complete end of the entry part, ie just before
>>> stack_ovf which is a function by itself.
>>>
>>> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
>>>
>>> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s,
>>> that's the reason why I put it close to the symbol itself in my first
>>> series.
>>>
>>> Could you have a look at the code and tell me what looks the most
>>> appropriate as a location to you ?
>>>
>>> https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230
>>
>>
>> Ok, thinking about it once more, I guess we have a problem as
>> everything after that reenable_mmu will be visible.
>
> I see that we reach reenable_mmu through a 'rfi' with MSR_KERNEL, which
> seems safe to me. So, I figured it can be probed without issues?
Yes it can. And that's the reason why I didn't blacklist it. However the
4: and 7: which are after reenable_mmu are called from earlier, at a
time we are still in real mode. So I need to do something about that I
guess.
Christophe
Christophe Leroy wrote:
>
>
> Le 31/03/2020 à 08:17, Naveen N. Rao a écrit :
>> Christophe Leroy wrote:
>>>
>>>
>>> Le 30/03/2020 à 20:33, Christophe Leroy a écrit :
>>>>
>>>>
>>>> Le 30/03/2020 à 19:08, Naveen N. Rao a écrit :
>>>>> Christophe Leroy wrote:
>>>>>> kprobe does not handle events happening in real mode.
>>>>>>
>>>>>> As exception entry points are running with MMU disabled,
>>>>>> blacklist them.
>>>>>>
>>>>>> Signed-off-by: Christophe Leroy <[email protected]>
>>>>>> ---
>>>>>> arch/powerpc/kernel/entry_32.S | 7 +++++++
>>>>>> 1 file changed, 7 insertions(+)
>>>>>>
>>>>>> diff --git a/arch/powerpc/kernel/entry_32.S
>>>>>> b/arch/powerpc/kernel/entry_32.S
>>>>>> index 94f78c03cb79..9a1a45d6038a 100644
>>>>>> --- a/arch/powerpc/kernel/entry_32.S
>>>>>> +++ b/arch/powerpc/kernel/entry_32.S
>>>>>> @@ -51,6 +51,7 @@ mcheck_transfer_to_handler:
>>>>>> mfspr r0,SPRN_DSRR1
>>>>>> stw r0,_DSRR1(r11)
>>>>>> /* fall through */
>>>>>> +_ASM_NOKPROBE_SYMBOL(mcheck_transfer_to_handler)
>>>>>>
>>>>>> .globl debug_transfer_to_handler
>>>>>> debug_transfer_to_handler:
>>>>>> @@ -59,6 +60,7 @@ debug_transfer_to_handler:
>>>>>> mfspr r0,SPRN_CSRR1
>>>>>> stw r0,_CSRR1(r11)
>>>>>> /* fall through */
>>>>>> +_ASM_NOKPROBE_SYMBOL(debug_transfer_to_handler)
>>>>>>
>>>>>> .globl crit_transfer_to_handler
>>>>>> crit_transfer_to_handler:
>>>>>> @@ -94,6 +96,7 @@ crit_transfer_to_handler:
>>>>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>>> stw r0,KSP_LIMIT(r8)
>>>>>> /* fall through */
>>>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>>> #endif
>>>>>>
>>>>>> #ifdef CONFIG_40x
>>>>>> @@ -115,6 +118,7 @@ crit_transfer_to_handler:
>>>>>> rlwinm r0,r1,0,0,(31 - THREAD_SHIFT)
>>>>>> stw r0,KSP_LIMIT(r8)
>>>>>> /* fall through */
>>>>>> +_ASM_NOKPROBE_SYMBOL(crit_transfer_to_handler)
>>>>>> #endif
>>>>>>
>>>>>> /*
>>>>>> @@ -127,6 +131,7 @@ crit_transfer_to_handler:
>>>>>> .globl transfer_to_handler_full
>>>>>> transfer_to_handler_full:
>>>>>> SAVE_NVGPRS(r11)
>>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_full)
>>>>>> /* fall through */
>>>>>>
>>>>>> .globl transfer_to_handler
>>>>>> @@ -286,6 +291,8 @@ reenable_mmu:
>>>>>> lwz r2, GPR2(r11)
>>>>>> b fast_exception_return
>>>>>> #endif
>>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler)
>>>>>> +_ASM_NOKPROBE_SYMBOL(transfer_to_handler_cont)
>>>>>
>>>>> These are added after 'reenable_mmu', which is itself not
>>>>> blacklisted. Is that intentional?
>>>>
>>>> Yes I put it as the complete end of the entry part, ie just before
>>>> stack_ovf which is a function by itself.
>>>>
>>>> Note that reenable_mmu is inside an #ifdef CONFIG_TRACE_IRQFLAGS.
>>>>
>>>> I'm not completely sure where to put the _ASM_NOKPROBE_SYMBOL()s,
>>>> that's the reason why I put it close to the symbol itself in my first
>>>> series.
>>>>
>>>> Could you have a look at the code and tell me what looks the most
>>>> appropriate as a location to you ?
>>>>
>>>> https://elixir.bootlin.com/linux/v5.6/source/arch/powerpc/kernel/entry_32.S#L230
>>>
>>>
>>> Ok, thinking about it once more, I guess we have a problem as
>>> everything after that reenable_mmu will be visible.
>>
>> I see that we reach reenable_mmu through a 'rfi' with MSR_KERNEL, which
>> seems safe to me. So, I figured it can be probed without issues?
>
> Yes it can. And that's the reason why I didn't blacklist it. However the
> 4: and 7: which are after reenable_mmu are called from earlier, at a
> time we are still in real mode. So I need to do something about that I
> guess.
Ah yes, good catch. Makes sense to move 'reenable_mmu' after all.
Thanks,
Naveen