| Message ID | 164800288611.1716332.7053663723617614668.stgit@devnote2 (mailing list archive) |
|---|---|
| Headers | show |
| Series | fprobe: Introduce fprobe function entry/exit probe | expand |
Hi, The title is not updated. It should be; rethook: x86: Add rethook x86 porting (drived from "fprobe: Introduce fprobe function entry/exit probe" series) Thank you, On Wed, 23 Mar 2022 11:34:46 +0900 Masami Hiramatsu <mhiramat@kernel.org> wrote: > Hi, > > Here is the 13th version of rethook x86 port. This is developed for a part > of fprobe series [1] for hooking function return. But since I forgot to send > it to arch maintainers, that caused conflict with IBT and SLS mitigation series. > Now I picked the x86 rethook part and send it to x86 maintainers to be > reviewed. > > [1] https://lore.kernel.org/all/164735281449.1084943.12438881786173547153.stgit@devnote2/T/#u > > Note that this patch is still for the bpf-next since the rethook itself > is on the bpf-next tree. But since this also uses the ANNOTATE_NOENDBR > macro which has been introduced by IBT/ENDBR patch, to build this series > you need to merge the tip/master branch with the bpf-next. > (hopefully, it is rebased soon) > > The fprobe itself is for providing the function entry/exit probe > with multiple probe point. The rethook is a sub-feature to hook the > function return as same as kretprobe does. Eventually, I would like > to replace the kretprobe's trampoline with this rethook. > > Thank you, > > --- > > Masami Hiramatsu (1): > rethook: x86: Add rethook x86 implementation > > > arch/x86/Kconfig | 1 > arch/x86/include/asm/unwind.h | 8 ++- > arch/x86/kernel/Makefile | 1 > arch/x86/kernel/kprobes/common.h | 1 > arch/x86/kernel/rethook.c | 121 ++++++++++++++++++++++++++++++++++++++ > 5 files changed, 131 insertions(+), 1 deletion(-) > create mode 100644 arch/x86/kernel/rethook.c > > -- > Masami Hiramatsu (Linaro) <mhiramat@kernel.org>
On Wed, Mar 23, 2022 at 11:34:46AM +0900, Masami Hiramatsu wrote: > Hi, Hi Masami, > Here is the 13th version of rethook x86 port. This is developed for a part > of fprobe series [1] for hooking function return. But since I forgot to send > it to arch maintainers, that caused conflict with IBT and SLS mitigation series. > Now I picked the x86 rethook part and send it to x86 maintainers to be > reviewed. > > [1] https://lore.kernel.org/all/164735281449.1084943.12438881786173547153.stgit@devnote2/T/#u As mentioned elsewhere, I have similar (though not identical) concerns to Peter for the arm64 patch, which was equally unreviewed by maintainers, and the overall structure. > Note that this patch is still for the bpf-next since the rethook itself > is on the bpf-next tree. But since this also uses the ANNOTATE_NOENDBR > macro which has been introduced by IBT/ENDBR patch, to build this series > you need to merge the tip/master branch with the bpf-next. > (hopefully, it is rebased soon) I thought we were going to drop the series from the bpf-next tree so that this could all go through review it had missed thusfar. Is that still the plan? What's going on? > The fprobe itself is for providing the function entry/exit probe > with multiple probe point. The rethook is a sub-feature to hook the > function return as same as kretprobe does. Eventually, I would like > to replace the kretprobe's trampoline with this rethook. Can we please start by converting each architecture to rethook? Ideally we'd unify things such that each architecture only needs *one* return trampoline that both ftrace and krpboes can use, which'd be significantly easier to get right and manage. Thanks, Mark.
On Wed, 23 Mar 2022 14:18:40 +0000 Mark Rutland <mark.rutland@arm.com> wrote: > On Wed, Mar 23, 2022 at 11:34:46AM +0900, Masami Hiramatsu wrote: > > Hi, > > Hi Masami, > > > Here is the 13th version of rethook x86 port. This is developed for a part > > of fprobe series [1] for hooking function return. But since I forgot to send > > it to arch maintainers, that caused conflict with IBT and SLS mitigation series. > > Now I picked the x86 rethook part and send it to x86 maintainers to be > > reviewed. > > > > [1] https://lore.kernel.org/all/164735281449.1084943.12438881786173547153.stgit@devnote2/T/#u > > As mentioned elsewhere, I have similar (though not identical) concerns > to Peter for the arm64 patch, which was equally unreviewed by > maintainers, and the overall structure. Yes, those should be reviewed by arch maintainers. > > > Note that this patch is still for the bpf-next since the rethook itself > > is on the bpf-next tree. But since this also uses the ANNOTATE_NOENDBR > > macro which has been introduced by IBT/ENDBR patch, to build this series > > you need to merge the tip/master branch with the bpf-next. > > (hopefully, it is rebased soon) > > I thought we were going to drop the series from the bpf-next tree so > that this could all go through review it had missed thusfar. > > Is that still the plan? What's going on? Now the arm64 (and other arch) port is reverted from bpf-next. I'll send those to you soon. Since bpf-next is focusing on x86 at first, I chose this for review in this version. Sorry for confusion. > > > The fprobe itself is for providing the function entry/exit probe > > with multiple probe point. The rethook is a sub-feature to hook the > > function return as same as kretprobe does. Eventually, I would like > > to replace the kretprobe's trampoline with this rethook. > > Can we please start by converting each architecture to rethook? Yes. As Peter pointed, I'm planning to add a kretprobe patches to use rethook if available in that series. let me prepare it. > > Ideally we'd unify things such that each architecture only needs *one* > return trampoline that both ftrace and krpboes can use, which'd be > significantly easier to get right and manage. Agreed :-) Thank you, > > Thanks, > Mark.
On Wed, Mar 23, 2022 at 11:55:39PM +0900, Masami Hiramatsu wrote: > On Wed, 23 Mar 2022 14:18:40 +0000 > Mark Rutland <mark.rutland@arm.com> wrote: > > > On Wed, Mar 23, 2022 at 11:34:46AM +0900, Masami Hiramatsu wrote: > > > Hi, > > > > Hi Masami, > > > > > Here is the 13th version of rethook x86 port. This is developed for a part > > > of fprobe series [1] for hooking function return. But since I forgot to send > > > it to arch maintainers, that caused conflict with IBT and SLS mitigation series. > > > Now I picked the x86 rethook part and send it to x86 maintainers to be > > > reviewed. > > > > > > [1] https://lore.kernel.org/all/164735281449.1084943.12438881786173547153.stgit@devnote2/T/#u > > > > As mentioned elsewhere, I have similar (though not identical) concerns > > to Peter for the arm64 patch, which was equally unreviewed by > > maintainers, and the overall structure. > > Yes, those should be reviewed by arch maintainers. > > > > Note that this patch is still for the bpf-next since the rethook itself > > > is on the bpf-next tree. But since this also uses the ANNOTATE_NOENDBR > > > macro which has been introduced by IBT/ENDBR patch, to build this series > > > you need to merge the tip/master branch with the bpf-next. > > > (hopefully, it is rebased soon) > > > > I thought we were going to drop the series from the bpf-next tree so > > that this could all go through review it had missed thusfar. > > > > Is that still the plan? What's going on? > > Now the arm64 (and other arch) port is reverted from bpf-next. > I'll send those to you soon. Ah; thanks for confirming! > Since bpf-next is focusing on x86 at first, I chose this for review in > this version. Sorry for confusion. No problem; I think the confusion is all my own, so nothing to apologise for! :) > > > The fprobe itself is for providing the function entry/exit probe > > > with multiple probe point. The rethook is a sub-feature to hook the > > > function return as same as kretprobe does. Eventually, I would like > > > to replace the kretprobe's trampoline with this rethook. > > > > Can we please start by converting each architecture to rethook? > > Yes. As Peter pointed, I'm planning to add a kretprobe patches to use > rethook if available in that series. let me prepare it. > > > Ideally we'd unify things such that each architecture only needs *one* > > return trampoline that both ftrace and krpboes can use, which'd be > > significantly easier to get right and manage. > > Agreed :-) Great! Thanks, Mark.
Hi, Here is the 13th version of rethook x86 port. This is developed for a part of fprobe series [1] for hooking function return. But since I forgot to send it to arch maintainers, that caused conflict with IBT and SLS mitigation series. Now I picked the x86 rethook part and send it to x86 maintainers to be reviewed. [1] https://lore.kernel.org/all/164735281449.1084943.12438881786173547153.stgit@devnote2/T/#u Note that this patch is still for the bpf-next since the rethook itself is on the bpf-next tree. But since this also uses the ANNOTATE_NOENDBR macro which has been introduced by IBT/ENDBR patch, to build this series you need to merge the tip/master branch with the bpf-next. (hopefully, it is rebased soon) The fprobe itself is for providing the function entry/exit probe with multiple probe point. The rethook is a sub-feature to hook the function return as same as kretprobe does. Eventually, I would like to replace the kretprobe's trampoline with this rethook. Thank you, --- Masami Hiramatsu (1): rethook: x86: Add rethook x86 implementation arch/x86/Kconfig | 1 arch/x86/include/asm/unwind.h | 8 ++- arch/x86/kernel/Makefile | 1 arch/x86/kernel/kprobes/common.h | 1 arch/x86/kernel/rethook.c | 121 ++++++++++++++++++++++++++++++++++++++ 5 files changed, 131 insertions(+), 1 deletion(-) create mode 100644 arch/x86/kernel/rethook.c -- Masami Hiramatsu (Linaro) <mhiramat@kernel.org>