Received: by 2002:a05:7412:bbc7:b0:fc:a2b0:25d7 with SMTP id kh7csp1704112rdb; Sat, 3 Feb 2024 19:46:50 -0800 (PST) X-Google-Smtp-Source: AGHT+IE6zlUYAImMll6A6oKHzklgNGwtXagIc0SO8kBMxc3ze/rt1zR17wa0UigXMZwEGL3PJuDw X-Received: by 2002:a05:6830:1bc8:b0:6e1:79a:fc8f with SMTP id v8-20020a0568301bc800b006e1079afc8fmr5691612ota.35.1707018410393; Sat, 03 Feb 2024 19:46:50 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707018410; cv=pass; d=google.com; s=arc-20160816; b=0z8DhvLOHit5eTsJMhHkWT+JAdm/wqiL0TWrOIqFmBQ50a/eT2NN4c9bLstI+lLVtP fgReh5xgOEadiWCW7+HEdz1yB2KSsMKrQ9f+yHGpv+by+egSPlon+df5NNwC7f21Bam7 hKIrCoK0S0k9oKbMBnKOoVWT/f+/zb4lFKKBsX8KdahUbMqJuM8KGGitW3FhD3/83ObG 4PfVW8mW4EqSswo1KCb4ifclCwa2q99R5I+8F9w5Nn+x+yEVNY0XYeonUp90ihbTodqt Kzsewn+PGUR2UbPJMGzzne2UZ/cs0w6YcSqgfA5Z/6BRL9Qu3up/N64qAWyvroiDo0qw FgZg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=ed8waYid509TfcIsLqBzgp/9YodzRQmW/h6oOEGt1rk=; fh=/nqxRlDJctLnhT4C0xj8QNYgs89TKr7CzB8kyqhKuaA=; b=tAEye+Kxd5/gYqVK5kGpvmGTPhS0SjWGfoqmr2usAXYmOgwyOyZxmCQgRDwOeb/jgv VIf5ogTJ5nZ8OzM7cWKHFyGtgX6iOZOiWETbbWVpQ1ooYqGGsquUhamMElV2zoBz964G P/9rtzn4k10iMyygKeMYvzStepGtY3/u93s0b43rNrjR3n18f527hvkWSHleSnHX73zu IRw+LP1q1bfjWK2MMr23nwSjybiRbIx47BRQNV0uNs7M15IF/XrADrr6z6yhFMyKz7TL 4Smn8Igz2fu1UCJs8zeEloDOawjexjDtwod8adNeB8I+0oiOYyxjrWdxgxsD8OKeahYT tKWg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@illinois.edu header.s=campusrelays header.b=VuBoUPpO; arc=pass (i=1 spf=pass spfdomain=illinois.edu dkim=pass dkdomain=illinois.edu dmarc=pass fromdomain=illinois.edu); spf=pass (google.com: domain of linux-kernel+bounces-51410-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-51410-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=illinois.edu X-Forwarded-Encrypted: i=1; AJvYcCVHPOUhICshKHKngb3UpD6J8xc1b1d+/4iWoPBs04oYNl59C1GQTfBj5SvDNHUjVxCIUb/JnYBRQ55chq7huVB+2pvarEhnbDaiVLsbZQ== Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id j4-20020a056a00234400b006dde1925cacsi3968514pfj.279.2024.02.03.19.46.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 03 Feb 2024 19:46:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-51410-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@illinois.edu header.s=campusrelays header.b=VuBoUPpO; arc=pass (i=1 spf=pass spfdomain=illinois.edu dkim=pass dkdomain=illinois.edu dmarc=pass fromdomain=illinois.edu); spf=pass (google.com: domain of linux-kernel+bounces-51410-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-51410-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=illinois.edu Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 29F5EB241A8 for ; Sun, 4 Feb 2024 03:45:49 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4BEAF1869; Sun, 4 Feb 2024 03:45:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=illinois.edu header.i=@illinois.edu header.b="VuBoUPpO" Received: from mx0a-00007101.pphosted.com (mx0a-00007101.pphosted.com [148.163.135.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2E0AC1C0F; Sun, 4 Feb 2024 03:45:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.135.28 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707018342; cv=none; b=qZASpeTjiL+KoWq6GDh2GPM4Ozf0z9l7MFB7PgBcNZaRk4kAvflsUOZl+55ChfAZkPn00BFl614cblKDkTxh2qya6+AvprymPwQdofEnMfn0U5WtTx81B+T0PEZbn4j9zXMSbZvEWp62k7ZjoAuVql/TNNOw7NSHC3Oous6y1gk= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707018342; c=relaxed/simple; bh=bp3+moavKJUOU9+YcZZ62WFzPtg6yWFvn6eFkIqmXdQ=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=g0sT6s/vcudNnYZ6w7G6KnV5QYlLfnByTd0Nd2pHIkViYQ4NV0NYpeKX++vuE2+xGnrIRwrio3lIqZFK+6Y8C3YMlqKcJOZ+TFEyPf88JEQSyr1h2TFgMiNwrd0zcpgwh4YRv0Wj7Oz8bCZNmNy5to/O7dGX96tDw3DkE+cyISs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=illinois.edu; spf=pass smtp.mailfrom=illinois.edu; dkim=pass (2048-bit key) header.d=illinois.edu header.i=@illinois.edu header.b=VuBoUPpO; arc=none smtp.client-ip=148.163.135.28 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=illinois.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=illinois.edu Received: from pps.filterd (m0166257.ppops.net [127.0.0.1]) by mx0a-00007101.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 41432XDK027752; Sun, 4 Feb 2024 03:13:04 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=illinois.edu; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=campusrelays; bh=ed8waYid509TfcIsLqBzgp/9YodzRQmW/h6oOEGt1rk=; b=VuBoUPpOtJ3EOrtirkhidspd7kjf8Yb3fLEPLU/54q1tfk38gQUZq46pdEbnzAq3Xnhe YlfjixALde/JlgA0Q2CGDSVXmGUPnjr9yyussiP5mj/QtyHoS77Y4+JY0NnERnSr5XUZ scFC7otRSHgpHuAKib6R0it9d2qCPGPqt26D2IsEBl8gngHcvA53lSum4CjW/ym2NA2j Pv5y3ctpPK59qoQKT7wryF4aYBpEOUMWqDPJnPesQQmU0DI31vmzEDOkV4O2cTLG1myk SKjVB9ZVpvmncPmiVbs+jfZ69Ml2Ts/7OZuiHt+b7Ow1w8jdBb3F8+8ZvVvM7WgT1Sxl pA== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-00007101.pphosted.com (PPS) with ESMTPS id 3w1e8n4ktp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 04 Feb 2024 03:13:04 +0000 Received: from m0166257.ppops.net (m0166257.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4143D4Fu010150; Sun, 4 Feb 2024 03:13:04 GMT Received: from localhost.localdomain (oasis.cs.illinois.edu [130.126.137.13]) by mx0a-00007101.pphosted.com (PPS) with ESMTP id 3w1e8n4ktm-1; Sun, 04 Feb 2024 03:13:03 +0000 From: Jinghao Jia To: "Masami Hiramatsu (Google)" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Xin Li Cc: linux-trace-kernel@vger.kernel.org, linux-kernel@vger.kernel.org, Jinghao Jia Subject: [PATCH v2 0/3] x86/kprobes: add exception opcode detector and boost more opcodes Date: Sat, 3 Feb 2024 21:12:57 -0600 Message-ID: <20240204031300.830475-1-jinghao7@illinois.edu> X-Mailer: git-send-email 2.43.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Proofpoint-GUID: mn5VSJ0mvjV8e4iC5xZSg_c-bVZsA20H X-Proofpoint-ORIG-GUID: 904boGWkVLvojL-KnoPb6Eo3_D3d1Dp0 X-Spam-Details: rule=cautious_plus_nq_notspam policy=cautious_plus_nq score=0 lowpriorityscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 impostorscore=0 mlxscore=0 suspectscore=0 mlxlogscore=999 priorityscore=1501 adultscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2402040022 X-Spam-Score: 0 X-Spam-OrigSender: jinghao7@illinois.edu X-Spam-Bar: Hi everyone, This patch set makes the following 3 changes: - It refactors the can_probe and can_boost function to make them return bool instead of int. Both functions are just using int as bool so let's make them return a real boolean value. - It adds an exception opcode detector to prevent kprobing on INTs and UDs. These opcodes serves special purposes in the kernel and kprobing them will also cause the stack trace to be polluted by the copy buffer address. This is suggested by Masami. - At the same time, this patch set also boosts more opcodes from the group 2/3/4/5. The newly boosted opcodes are all arithmetic instructions with semantics that are easy to reason about, and therefore, they are able to be boosted and executed out-of-line. These instructions were not boosted previously because they use opcode extensions that are not handled by the kernel. But now with the instruction decoder they can be easily handled. Boosting (and further jump optimizing) these instructions leads to a 10x performance gain for a single probe on QEMU. Changelog: --- v1 -> v2 v1: https://lore.kernel.org/linux-trace-kernel/20240127044124.57594-1-jinghao7@illinois.edu/ - Address feedback from Xin: - Change return type of is_exception_insn from int to bool. - Address feedback from Masami: - Improve code style in is_exception_insn. - Move instruction boundary check of the target address (addr == paddr) right after the decoding loop to avoid decoding if the target address is not a valid instruction boundary. - Document instruction encoding differences between AMD and Intel for instruction group 2 and 3 in can_boost. - Add an extra patch to change the return type of can_probe and can_boost from int to bool based on v1 discussion. - Improve code comments in general. Jinghao Jia (3): x86/kprobes: Refactor can_{probe,boost} return type to bool x86/kprobes: Prohibit kprobing on INT and UD x86/kprobes: Boost more instructions from grp2/3/4/5 arch/x86/kernel/kprobes/common.h | 2 +- arch/x86/kernel/kprobes/core.c | 98 ++++++++++++++++++++++---------- 2 files changed, 69 insertions(+), 31 deletions(-) -- 2.43.0