Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1272859pxj; Fri, 18 Jun 2021 03:33:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw9dLT8DYBfuNy1GY+RI5qTByLLCyGMxwNiVgQtnx1vWnmEOrJldCnNlOFliQzTTiAJx24l X-Received: by 2002:aa7:c594:: with SMTP id g20mr3903487edq.193.1624012407585; Fri, 18 Jun 2021 03:33:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624012407; cv=none; d=google.com; s=arc-20160816; b=P6UAFtBgtK7fbQKnEn6oxjj8AeEQhKnxrYbl2m00suieNSqF5GjnAQPY1k6zIsMFvc OCmwIKiJ7RilC/EoWvXZS8gN4BCZPLr2NjmzK5IajJFpF2nY6ZbE4qF5Osnz+cXyd7Ax HBiP0jNwkZxdEC8yCuwBnjuXQlGJpT0aLIo7RQoXMp0fpDfWjFpqG8FP1KGBCpxHF+ry rtEqMqRShzMFNncwQU2Cet4QotJnynvC6FUgCPqhL7uwK+JsTYA7m10mIO3gNzqr4x+3 2jj0fApKwpt1g3yIBMc5fIxwAxoIv1sZhATSNnRTvH3pVZLUHGRJGzn+1M06hKTHztKP QDSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ilojayg4fy9hPrCZYiZZVuH0wcE2org9ZFQfNBQ6wqs=; b=0/Un8wpjr8oDBloMIZW+L3vCgOpeyKwSwcPhiKTblXZYpuZZRLoY/Gu9ACR54yzuDb 4+yn4iL1b+23dHVeTQQnbRbupQBdDgrSe1OX6g3kAYj2Qvz3wPHgjCcWSLbZMn2JpB6v zY2WnMXrhiLTL4XdEdNe/7W7H6nxBjzMlMA7kj/12LSp1oBaL5J1Uesqfq+VOetck7Bt 8kIcWKt5d5493q2ih5CDJwtdkuW+NWlqUMngp+dzwrS9veTrzrWTF96X7Mjfaq7p2fYS 5KAevEndd/2qM82kLmtGkO20e0/Xm7q/Ku4ca8arRG0wtWxI9LkETDsYrWoQCe0ayMLi 1oIA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=E6bbL3+7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q4si8816275edc.313.2021.06.18.03.33.05; Fri, 18 Jun 2021 03:33:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=E6bbL3+7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232993AbhFRHJW (ORCPT + 99 others); Fri, 18 Jun 2021 03:09:22 -0400 Received: from mail.kernel.org ([198.145.29.99]:45840 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232968AbhFRHJK (ORCPT ); Fri, 18 Jun 2021 03:09:10 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 419C96100A; Fri, 18 Jun 2021 07:06:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1624000021; bh=UKZBSR3BDB+o3rSD/O4eD6I+4zpVB9EWrJz0r6v2w9M=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=E6bbL3+7FVP8Ppf/ZU24U3D71avIAMR7MX5PQ9VsQtlbDj4ARCV1ukeCZnMeA9oaV SCCdLAj0hUeuzaFPJGkWcq6iHdsVQk22j7QwN60eZk7JfyrpgJyDMAJltUsvgGzygZ kvmkKqE+9bV/kYPUxIb5NwfdqSaGoOH3q9irAuIgCx41+ZBOU7FxvXUqo4KAlEt2Qu N+MVc4Y9IdWMy4zFYGR3vXTILGSsOLpb9uiSYyZN1yIc7XNWs3p5F+aY58IFbRfNqp qrYz4r+o0AZvpGWSE2Xfo/WY1NtdzUmfbXC4oCqI4qp5ECqlqo45VsmT2vAyUnjfeX YyKANwnDMaleQ== From: Masami Hiramatsu To: Steven Rostedt , Josh Poimboeuf , Ingo Molnar Cc: X86 ML , Masami Hiramatsu , Daniel Xu , linux-kernel@vger.kernel.org, bpf@vger.kernel.org, kuba@kernel.org, mingo@redhat.com, ast@kernel.org, Thomas Gleixner , Borislav Petkov , Peter Zijlstra , kernel-team@fb.com, yhs@fb.com, linux-ia64@vger.kernel.org, Abhishek Sagar , Andrii Nakryiko Subject: [PATCH -tip v8 10/13] x86/kprobes: Push a fake return address at kretprobe_trampoline Date: Fri, 18 Jun 2021 16:06:56 +0900 Message-Id: <162400001661.506599.5153975410607447958.stgit@devnote2> X-Mailer: git-send-email 2.25.1 In-Reply-To: <162399992186.506599.8457763707951687195.stgit@devnote2> References: <162399992186.506599.8457763707951687195.stgit@devnote2> User-Agent: StGit/0.19 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This changes x86/kretprobe stack frame on kretprobe_trampoline a bit, which now push the kretprobe_trampoline as a fake return address at the bottom of the stack frame. With this fix, the ORC unwinder will see the kretprobe_trampoline as a return address. Signed-off-by: Masami Hiramatsu Suggested-by: Josh Poimboeuf Tested-by: Andrii Nakryik Acked-by: Josh Poimboeuf --- arch/x86/kernel/kprobes/core.c | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c index 74f049b6e77f..4d040aaf969b 100644 --- a/arch/x86/kernel/kprobes/core.c +++ b/arch/x86/kernel/kprobes/core.c @@ -1041,28 +1041,31 @@ asm( ".global kretprobe_trampoline\n" ".type kretprobe_trampoline, @function\n" "kretprobe_trampoline:\n" - /* We don't bother saving the ss register */ #ifdef CONFIG_X86_64 - " pushq %rsp\n" + /* Push fake return address to tell the unwinder it's a kretprobe */ + " pushq $kretprobe_trampoline\n" UNWIND_HINT_FUNC + /* Save the sp-8, this will be fixed later */ + " pushq %rsp\n" " pushfq\n" SAVE_REGS_STRING " movq %rsp, %rdi\n" " call trampoline_handler\n" - /* Replace saved sp with true return address. */ - " movq %rax, 19*8(%rsp)\n" RESTORE_REGS_STRING + " addq $8, %rsp\n" " popfq\n" #else - " pushl %esp\n" + /* Push fake return address to tell the unwinder it's a kretprobe */ + " pushl $kretprobe_trampoline\n" UNWIND_HINT_FUNC + /* Save the sp-4, this will be fixed later */ + " pushl %esp\n" " pushfl\n" SAVE_REGS_STRING " movl %esp, %eax\n" " call trampoline_handler\n" - /* Replace saved sp with true return address. */ - " movl %eax, 15*4(%esp)\n" RESTORE_REGS_STRING + " addl $4, %esp\n" " popfl\n" #endif " ret\n" @@ -1073,8 +1076,10 @@ NOKPROBE_SYMBOL(kretprobe_trampoline); /* * Called from kretprobe_trampoline */ -__used __visible void *trampoline_handler(struct pt_regs *regs) +__used __visible void trampoline_handler(struct pt_regs *regs) { + unsigned long *frame_pointer; + /* fixup registers */ regs->cs = __KERNEL_CS; #ifdef CONFIG_X86_32 @@ -1082,8 +1087,16 @@ __used __visible void *trampoline_handler(struct pt_regs *regs) #endif regs->ip = (unsigned long)&kretprobe_trampoline; regs->orig_ax = ~0UL; + regs->sp += sizeof(long); + frame_pointer = ((unsigned long *)®s->sp) + 1; - return (void *)kretprobe_trampoline_handler(regs, ®s->sp); + /* Replace fake return address with real one. */ + *frame_pointer = kretprobe_trampoline_handler(regs, frame_pointer); + /* + * Move flags to sp so that kretprobe_trapmoline can return + * right after popf. + */ + regs->sp = regs->flags; } NOKPROBE_SYMBOL(trampoline_handler);