Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp4274296pxb; Tue, 2 Mar 2021 10:47:22 -0800 (PST) X-Google-Smtp-Source: ABdhPJxlyZ/r2peOKGUOUUPhdxpqheQVGTCSDRHpz1q3EK3CkIkLqZ02c+2D3/kvkIMHJmGiJxOO X-Received: by 2002:a17:906:3b47:: with SMTP id h7mr21695099ejf.377.1614710842069; Tue, 02 Mar 2021 10:47:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1614710842; cv=none; d=google.com; s=arc-20160816; b=uKyYkP0pp/pApPNWvki9FPvVwJrk3hEQL3ErLnn+FQ+GKANdZtmvY2Z+Lvq5B/Kncv vVGabziFpNrE3f0XKaTNO2Hqlj+sHjRftVrXErRmKBXCLZ4kXpn93NEtJWYSqZDLIzYM GVqSHB1mCUdYYOEc8T7W21iE0zm64+xDkooTG1F3Q9Z4UwIOHiC2PZjkliUX8Vg1Pgbb e5O5CMrp8JeD25bv3V8H/smuKL3kebcLV93hYIhlbMVtuwIOJd+odhDFoHi3G/3nxJ/Q GDoi7dsTi1rVLAIGFTqHLqaaJSlGyv4fqSJ47e9EAaYbHIhXezfdUdKmZfIRUZ/k8zI1 08SA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=Ccs9AIa3eXxRhx4yPHTbip8scp6bbXX+wNkNREVYT08=; b=BaH0Y2WtHhGhsiHVvKHJQYmhL0IZuQoMOyOYLvrIQGMB7gHOkzKrPH+3Tc2pjdAUET MMIWn4GCYdqWcjKc9oQIZ9bTEgFJFfAxFRdk9FH1ihb/l/v4OOMY9M7nzSPPpX6nt2ls cJLHueh3csQKvA8WzWovH/3QU19NTgg+UXDV5vdIbfKH/7dai9TLfj+tQbGmyOKrGHeX SmdOo442A90QQZJyO3eqenGmWhwXMDj7R99y4Yw/tZ6j4jTudgZMhZCDFhVsZhWTq4UM V3GdVspTl3J6S1K9h1H1jcaI/lZdUSkDMq33l9f/r6kQCarRxEUZQccDMpbqG3kCPB0i WL6g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=uJ69Nc7X; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e6si15091696edz.361.2021.03.02.10.46.58; Tue, 02 Mar 2021 10:47:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=uJ69Nc7X; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1576442AbhCBE3C (ORCPT + 99 others); Mon, 1 Mar 2021 23:29:02 -0500 Received: from mail.kernel.org ([198.145.29.99]:40434 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235206AbhCBBhp (ORCPT ); Mon, 1 Mar 2021 20:37:45 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 1F91361601 for ; Tue, 2 Mar 2021 01:36:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1614648987; bh=pO3aMhZfip5Y1Te1GeBDK/SbHcQtZ+PFnl6fzHdLA34=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=uJ69Nc7XMOoMa58r585JHBISndzEhfDf5jUB6b4YY9gfrRxp393lYBQIw19YoFY2W LFqdnKy8ipDGVxXsua6XWcSj/YwJ4lootKsTxq2Pwo2+8gCgmo6G4Il/5hRMhBqb7g ulgaBV4cTXu5v4PQNJLNIVxGbXD36kp7w0diMMeUyU/sVCqg+kRIQx4lqbAh/RuH07 B3trlV1o0vE0d8i3kvhuRcqkLCISpgBFkq1aP5c6PW1uWs+rcJrNDMOnYjhiUCYEMT 6AcGeGNlP+4yu8/2eNmBXts91gittWAIditlAR58Yk4+zDfimYcFLhlzGJLgnFGpJc iTQPhJwEYgRsw== Received: by mail-ej1-f53.google.com with SMTP id gt32so20565453ejc.6 for ; Mon, 01 Mar 2021 17:36:27 -0800 (PST) X-Gm-Message-State: AOAM533+i5p32bevbQTiiPVrlwNvcCwodhlDE6Iids0nh2Q7XlwfaKwr yGlU7XfY06bPcERj1xtowOPu52dmIg2E+BcXzj4DXQ== X-Received: by 2002:a17:906:f44:: with SMTP id h4mr12882390ejj.204.1614648985636; Mon, 01 Mar 2021 17:36:25 -0800 (PST) MIME-Version: 1.0 References: <20210301165130.GA5351@redhat.com> In-Reply-To: <20210301165130.GA5351@redhat.com> From: Andy Lutomirski Date: Mon, 1 Mar 2021 17:36:13 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Why do kprobes and uprobes singlestep? To: Oleg Nesterov Cc: Andy Lutomirski , Masami Hiramatsu , Peter Zijlstra , LKML , Anil S Keshavamurthy , "David S. Miller" , X86 ML , Andrew Cooper Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 1, 2021 at 8:51 AM Oleg Nesterov wrote: > > Hi Andy, > > sorry for delay. > > On 02/23, Andy Lutomirski wrote: > > > > A while back, I let myself be convinced that kprobes genuinely need to > > single-step the kernel on occasion, and I decided that this sucked but > > I could live with it. it would, however, be Really Really Nice (tm) > > if we could have a rule that anyone running x86 Linux who single-steps > > the kernel (e.g. kgdb and nothing else) gets to keep all the pieces > > when the system falls apart around them. Specifically, if we don't > > allow kernel single-stepping and if we suitably limit kernel > > instruction breakpoints (the latter isn't actually a major problem), > > then we don't really really need to use IRET to return to the kernel, > > and that means we can avoid some massive NMI nastiness. > > Not sure I understand you correctly, I know almost nothing about low-level > x86 magic. > > But I guess this has nothing to do with uprobes, they do not single-step > in kernel mode, right? They single-step user code, though, and the code that makes this work is quite ugly. Single-stepping on x86 is a mess. > > > Uprobes seem to single-step user code for no discernable reason. > > (They want to trap after executing an out of line instruction, AFAICT. > > Surely INT3 or even CALL after the out-of-line insn would work as well > > or better.) > > Uprobes use single-step from the very beginning, probably because this > is the most simple and "standard" way to implement xol. > > And please note that CALL/JMP/etc emulation was added much later to fix the > problems with non-canonical addresses, and this emulation it still incomplete. Is there something like a uprobe test suite? How maintained / actively used is uprobe? --Andy