Received: by 2002:ab2:7a55:0:b0:1f4:4a7d:290d with SMTP id u21csp560358lqp; Fri, 5 Apr 2024 01:57:32 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWpSOVgXIGrgLNZ3W1mknsmHIwWi/1vxKLWPpBIRCaS1+hzGTxfb06UPe0Fe+xVUnfDFznzcOEggT4mVchKGO3nxhylUBXiiH0hhwuuEg== X-Google-Smtp-Source: AGHT+IETrqpRmggT6wTcQYc3wl8KUDCgYpiS3tjh8E3FvqY1S3rGUTJneRcYfB7z5/3y7xvpcTO2 X-Received: by 2002:a05:6a20:3ca3:b0:1a3:d515:ff2e with SMTP id b35-20020a056a203ca300b001a3d515ff2emr922023pzj.37.1712307452464; Fri, 05 Apr 2024 01:57:32 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712307452; cv=pass; d=google.com; s=arc-20160816; b=tc9v60FdINCgABtWT79N77zwawGnJ8EwEjbxEVuz9ohVFK9Q1Fbd1wX2x65Eui8Q/a xuJU/R6DooGYnNYADTI7PWT37/T7HlvyWRxQFkb199NQqgAg2PUG5I3sjIGzL5fRazUL e6BNSJWk5Ft9TDnfE+6jPNWy3WB/DhZ1/ZwvLWv2nB7t0Wfa6T8d4A2MrQ9fuVqnGK2+ xm8CVzwgXsn8n3rG7VsCClTy/+V/R1xrJN33D/Ht79hvIN5FB2FUgfIImrj3OqY6U5Au srDb2jUiuVHmudTDDEQrIuE632LcVYGJd3m4Vizr/l+0FLaMKIoQao502qEqcsbtUQFa tDDQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:date:from:dkim-signature; bh=mTuc9EJwZIHipEqAi292Whn+sPWqCiAHFZmxuUeoSkY=; fh=lfz+NOPBqcvZOMCi3P5MkiBnPDCmuq0b5uGy8PmZG1k=; b=vZlAmhAzYc4FyLIqaGAaBZytcB6N/tTQrW1xTGV1NBuGNkSA0t7cEEXvK/RqiBWsC9 QrSf0uzllpQCPlb1Dal/QXgDuehpfNfriL7UuSa7KmNxNngpBPcv+QqgszswA7EcwtVk 2/Wn/Mb9sRk9A8hv8OHgTWggGagi2Dxti/mNdwPw9hKkzmaQ7tlDUVQptLIINin/WSZ4 5UClDnY7r/OvZ+g8bCz1DemjBOqJ59jVWHIUfc/C+EM10y/xs24Q8Ds0QNywiXDcz5Ri G0E+mdbp6oFipd6xdZkTuLvpu27IkskTILPTUOo9qeSwNzWO08uhEKEVmM7PQbfO6tpj Xg/g==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=WIrPQ3fO; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-132689-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-132689-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id u7-20020a17090341c700b001e2ad612671si1020689ple.348.2024.04.05.01.57.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Apr 2024 01:57:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-132689-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=WIrPQ3fO; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-132689-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-132689-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id A1D68B21E06 for ; Fri, 5 Apr 2024 08:56:37 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 18E2D13D265; Fri, 5 Apr 2024 08:56:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="WIrPQ3fO" Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com [209.85.208.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5EAB3611E; Fri, 5 Apr 2024 08:56:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.47 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712307382; cv=none; b=Ve8bWcb+cy26rOm6mdmEVTY+WDtA1Ge2ul3veXoAFsTIvQOYbGX/HaU2xwb+Jl1kPN6uA3cej/2XWqZYkNRhyTAwp0hbjJ3Jz44OW9b/jmCWX5mJJgbON2ZvPp7ZyWNolmz+V6P0eq6JtNxPPSuKXW6xuVpNTca+DUNoRldPDPM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712307382; c=relaxed/simple; bh=9mH29mPxAOKPezMYs3FWiNFuq+e72vmkdp75jHJFhvk=; h=From:Date:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=q+CM7z9koMmlY85cOEM0h3ZZgYsB50qx8yjFnJ4iyio/DjAvWiCXWJWL5qBCJhEAN4a47EzlQuHHrvAFSLDdqLmCTlh9MkEWe+2MJ8ft4PWW7wSEDlzeopQ6cs1eDIYsTnb089BsOVV+UzUEJI81K9UcNQ53XuLg7Az9L19gBOM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=WIrPQ3fO; arc=none smtp.client-ip=209.85.208.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ed1-f47.google.com with SMTP id 4fb4d7f45d1cf-56df87057bbso2004020a12.3; Fri, 05 Apr 2024 01:56:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712307379; x=1712912179; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:date:from:from:to:cc:subject:date:message-id:reply-to; bh=mTuc9EJwZIHipEqAi292Whn+sPWqCiAHFZmxuUeoSkY=; b=WIrPQ3fOTArPaZaCtyXuurtNGgyR7P+rsSjgTTd6rDq21UKa+C6T4mHvHo9Tq04ARW TUjS42aUZR0fG0TdcR5xU7MPMmpBRV1W6ZOsAVaYAZZ8XAYrWf6eniVnMg/S1SnJXEUR USsMGuvH6A+OBYVuBGehwP/l0Zjs1OO3KF2V9Wd0PnU6eVyYUSTKBy+isOsN9yJoua7s uoDlMlP2mwebeU+oBTYzEH2omp1LhbMaWdCgSD7ACWVB4KT2Z7stOCwHZqgK0Y/0hUfL 1a/QDoC6GJlY0jFUQ68b1rIbYj4bnUJk3Zdw4nM0kNeAD0LiGTIamNbOUGH9dPVMDF+O BzDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712307379; x=1712912179; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:date:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=mTuc9EJwZIHipEqAi292Whn+sPWqCiAHFZmxuUeoSkY=; b=Dhk2751snr76CzKjBoDHORmIG663/DG4212oDjQgqyGXo0fX+0PW/wA9WADNbbTw7X AUseiXMGapdrGrnDnbA7zYr13YS2kNikc6CQlo+7JLKAu7pIK0kbeHzEynIw/awOwryJ BCW0zYbPuQzjxnaJuJY8hnJMLq9pUajO7hgk86DUlyhdq5XE6A4KNnHN56Iuz17OtsfI zoRyQRwQWZTspCxAPfpmRJC+qgcuRgSYNZU2p72q5FwGh+iVbculPF5oEKwFz4I7BVMQ R9FxlAsdjWmDV9LsXaA0MR+KO3Sb4NCnGsUvKTecbkpjb5h0CC1Lnx65UL1tQavn1N7A Prng== X-Forwarded-Encrypted: i=1; AJvYcCXOxNOMxYhyVRxThEaT3GXNYKh6EpPlZykkkpQlbuh191XencLGF3cVEVSgcGWnu1gujre2uIRCBC23gTXqTWmgbqQrA1kYvjPU1V8rfydw64EJDda26aKRltOHWcfESTJS3IWFIMaegJJAP0MhwtlDOparfxqL3aS+VbmbivQvjbs5bMhntAUR3KXsu+huc8fIQKexqPMi2XRyaavEkV9Y X-Gm-Message-State: AOJu0YwDBaMQs8WloiSqGx4UWDosur0W4zO/YsTu2l2CPU/rXLExNzYE krjWfbhnhYK9eCUZ5imCKlOYJlcQKNCoDQZJEtmN3hP9drE1M1px X-Received: by 2002:a50:8d11:0:b0:56e:cde:8983 with SMTP id s17-20020a508d11000000b0056e0cde8983mr667980eds.7.1712307378387; Fri, 05 Apr 2024 01:56:18 -0700 (PDT) Received: from krava ([83.240.63.239]) by smtp.gmail.com with ESMTPSA id a1-20020a508581000000b0056e2432d10bsm562570edh.70.2024.04.05.01.56.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Apr 2024 01:56:17 -0700 (PDT) From: Jiri Olsa X-Google-Original-From: Jiri Olsa Date: Fri, 5 Apr 2024 10:56:15 +0200 To: Masami Hiramatsu Cc: Oleg Nesterov , Andrii Nakryiko , Jiri Olsa , Steven Rostedt , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, bpf@vger.kernel.org, Song Liu , Yonghong Song , John Fastabend , Peter Zijlstra , Thomas Gleixner , "Borislav Petkov (AMD)" , x86@kernel.org, linux-api@vger.kernel.org Subject: Re: [PATCHv2 1/3] uprobe: Add uretprobe syscall to speed up return probe Message-ID: References: <20240402093302.2416467-2-jolsa@kernel.org> <20240403100708.233575a8ac2a5bac2192d180@kernel.org> <20240403230937.c3bd47ee47c102cd89713ee8@kernel.org> <20240404095829.ec5db177f29cd29e849169fa@kernel.org> <20240405005405.9bcbe5072d2f32967501edb3@kernel.org> <20240404161108.GG7153@redhat.com> <20240405102203.825c4a2e9d1c2be5b2bffe96@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240405102203.825c4a2e9d1c2be5b2bffe96@kernel.org> On Fri, Apr 05, 2024 at 10:22:03AM +0900, Masami Hiramatsu wrote: > On Thu, 4 Apr 2024 18:11:09 +0200 > Oleg Nesterov wrote: > > > On 04/05, Masami Hiramatsu wrote: > > > > > > Can we make this syscall and uprobe behavior clearer? As you said, if > > > the application use sigreturn or longjump, it may skip returns and > > > shadow stack entries are left in the kernel. In such cases, can uretprobe > > > detect it properly, or just crash the process (or process runs wrongly)? > > > > Please see the comment in handle_trampoline(), it tries to detect this case. > > This patch should not make any difference. > > I think you mean this loop will skip and discard the stacked return_instance > to find the valid one. > > ---- > do { > /* > * We should throw out the frames invalidated by longjmp(). > * If this chain is valid, then the next one should be alive > * or NULL; the latter case means that nobody but ri->func > * could hit this trampoline on return. TODO: sigaltstack(). > */ > next = find_next_ret_chain(ri); > valid = !next || arch_uretprobe_is_alive(next, RP_CHECK_RET, regs); > > instruction_pointer_set(regs, ri->orig_ret_vaddr); > do { > if (valid) > handle_uretprobe_chain(ri, regs); > ri = free_ret_instance(ri); > utask->depth--; > } while (ri != next); > } while (!valid); > ---- > > I think this expects setjmp/longjmp as below > > foo() { <- retprobe1 > setjmp() > bar() { <- retprobe2 > longjmp() > } > } <- return to trampoline > > In this case, we need to skip retprobe2's instance. > My concern is, if we can not find appropriate return instance, what happen? > e.g. > > foo() { <-- retprobe1 > bar() { # sp is decremented > sys_uretprobe() <-- ?? > } > } > > It seems sys_uretprobe() will handle retprobe1 at that point instead of > SIGILL. yes, and I think it's fine, you get the consumer called in wrong place, but it's your fault and kernel won't crash this can be fixed by checking the syscall is called from the trampoline and prevent handle_trampoline call if it's not > > Can we avoid this with below strict check? > > if (ri->stack != regs->sp + expected_offset) > goto sigill; hm the current uprobe 'alive' check makes sure the return_instance is above or at the same stack address, not sure we can match it exactly, need to think about that more > > expected_offset should be 16 (push * 3 - ret) on x64 if we ri->stack is the > regs->sp right after call. the syscall trampoline already updates the regs->sp before calling handle_trampoline regs->sp += sizeof(r11_cx_ax); jirka