Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754869Ab3GJVrB (ORCPT ); Wed, 10 Jul 2013 17:47:01 -0400 Received: from perches-mx.perches.com ([206.117.179.246]:60733 "EHLO labridge.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1754189Ab3GJVrA (ORCPT ); Wed, 10 Jul 2013 17:47:00 -0400 Message-ID: <1373492818.14604.75.camel@joe-AO722> Subject: Re: [RFC] [PATCH 1/2 v2] x86: introduce int3-based instruction patching From: Joe Perches To: Jiri Kosina Cc: Masami Hiramatsu , Steven Rostedt , Jason Baron , "H. Peter Anvin" , Borislav Petkov , linux-kernel@vger.kernel.org Date: Wed, 10 Jul 2013 14:46:58 -0700 In-Reply-To: References: Content-Type: text/plain; charset="ISO-8859-1" X-Mailer: Evolution 3.6.4-0ubuntu1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2868 Lines: 91 On Wed, 2013-07-10 at 23:31 +0200, Jiri Kosina wrote: > Introduce a method for run-time instrucntion patching on a live SMP kernel > based on int3 breakpoint, completely avoiding the need for stop_machine(). Yet more trivia: instruction typo > The way this is achieved: > > - add a int3 trap to the address that will be patched > - sync cores > - update all but the first byte of the patched range > - sync cores > - replalace the first byte (int3) by the first byte of replace typo > diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c [] > +static int int3_notify(struct notifier_block *self, unsigned long val, void *data) > +{ > + struct die_args *args = data; > + struct pt_regs *regs = args->regs; > + > + /* bp_patching_in_progress */ > + smp_rmb(); > + > + if (likely(!bp_patching_in_progress)) > + return NOTIFY_DONE; > + > + /* we are not interested in non-int3 faults and ring > 0 faults */ > + if (val != DIE_INT3 || !regs || user_mode_vm(regs) > + || (unsigned long) bp_int3_addr != regs->ip) > + return NOTIFY_DONE; > + > + /* set up the specified breakpoint handler */ > + args->regs->ip = (unsigned long) bp_int3_handler; Probably better to use regs->ip as that's what's used in the test above. I'd also change the test to order the regs->ip first if (val != DIE_INT3 || !regs || user_mode_vm(regs) || regs->ip != (unsigned long) bp_int3_addr) return NOTIFY_DONE; regs->ip = (unsigned long) bp_int3_handler; > +/* > + * text_poke_bp() -- update instructions on live kernel on SMP > + * @addr: address to patch > + * @opcode: opcode of new instruction > + * @len: length to copy > + * @handler: address to jump to when the temporary breakpoint is hit > + * kernel-doc? > + > + * Modify multi-byte instruction by using int3 breakpoint on SMP. > + * In contrary to text_poke_smp(), we completely avoid stop_machine() here, > + * and achieve the synchronization using int3 breakpoint. > + * > + * The way it is done: > + * - add a int3 trap to the address that will be patched > + * - sync cores > + * - update all but the first byte of the patched range > + * - sync cores > + * - replalace the first byte (int3) by the first byte of same typo > + /* > + * corresponding read barrier in int3 notifier for > + * making sure the in_progress flags is correctly ordered wrt. > + * patching */ Some might care about the comment style. /* * foo */ -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/