From patchwork Tue Jan 14 05:34:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joey Jiao X-Patchwork-Id: 13938430 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F5F7C02183 for ; Tue, 14 Jan 2025 05:36:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D89BF6B0083; Tue, 14 Jan 2025 00:36:04 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D3A0F6B0085; Tue, 14 Jan 2025 00:36:04 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BB24F6B0088; Tue, 14 Jan 2025 00:36:04 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id A25946B0083 for ; Tue, 14 Jan 2025 00:36:04 -0500 (EST) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 581571A05D3 for ; Tue, 14 Jan 2025 05:36:04 +0000 (UTC) X-FDA: 83004946248.15.12C2476 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) by imf14.hostedemail.com (Postfix) with ESMTP id 225C4100005 for ; Tue, 14 Jan 2025 05:36:01 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=quicinc.com header.s=qcppdkim1 header.b=h4nA0eA4; spf=pass (imf14.hostedemail.com: domain of quic_jiangenj@quicinc.com designates 205.220.180.131 as permitted sender) smtp.mailfrom=quic_jiangenj@quicinc.com; dmarc=pass (policy=none) header.from=quicinc.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736832962; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=qDL277UfuO/ZrvRomYA8juO/sG4dUYnxhYSbKtRIw2g=; b=Z0bGZcEWXuRgtG3KUQ2Qqy7KONBegHoePgRWJv9Mz5ivjSmL8mLWWeK4+46KP1oN9lwfQx N7usG61C/n5cv6aVWkjUjSFmXVgGrW4AM743QeEDtCEg3piAFFKaOD9WfYlVf3nNxZD/Cu BMJlrCXpdREiLrNXPl6GrS/VMfEe0ZQ= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736832962; a=rsa-sha256; cv=none; b=PVT2q/SZQeu7fROa/SrVAkEhZSwq4bot9g/wEKmqhrlqVa0MweQ8gHVTmdXGaFrAuHOOFn Q0DHnnmYwz6BMQG+rdciiTBmT1VEuqo4UUFHjB1PC0Gx6NeVBw0/5DmCsClr9ZHp7f9LQs YCGMJgJGZ/dPXLnWrlzSscb5KeSV/fM= ARC-Authentication-Results: i=1; imf14.hostedemail.com; dkim=pass header.d=quicinc.com header.s=qcppdkim1 header.b=h4nA0eA4; spf=pass (imf14.hostedemail.com: domain of quic_jiangenj@quicinc.com designates 205.220.180.131 as permitted sender) smtp.mailfrom=quic_jiangenj@quicinc.com; dmarc=pass (policy=none) header.from=quicinc.com Received: from pps.filterd (m0279870.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 50E2faK3019063; Tue, 14 Jan 2025 05:35:53 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= qDL277UfuO/ZrvRomYA8juO/sG4dUYnxhYSbKtRIw2g=; b=h4nA0eA4UEs6Tu4k wBfX7hgWFXXrnM+JGs+WebRVn7gpdPNJKHjYRSmkvrgEFV6N8C1Wtoo5mNH54CmU b5vckJfXnF6+ezglMfy/TK+YUxne1465BNOuXwxR17lz8k10fKU8kMC0l7QO2x5d Ym/yBCF6U5EKWI1tJvKVzF95OMKkz4P+ZQVKy7/TmkVpw0KC+MRsfGsiV7A0ivHk r8+MMeA1vSZ/O1nSBZZCnBrVcSIrKEHLwl22a8MgDFQsmp41YFwKkQhxWa4u6WEW 1sKZxzqy1COV3V0YYAqGHp5YoUMrXvPGWR++NEv6X6u4P8BKFkdxcxnJXkPWuoh+ 6SF9aw== Received: from nasanppmta05.qualcomm.com (i-global254.qualcomm.com [199.106.103.254]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 445fc68ap7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Jan 2025 05:35:52 +0000 (GMT) Received: from nasanex01c.na.qualcomm.com (nasanex01c.na.qualcomm.com [10.45.79.139]) by NASANPPMTA05.qualcomm.com (8.18.1.2/8.18.1.2) with ESMTPS id 50E5ZpkU015485 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 14 Jan 2025 05:35:51 GMT Received: from la-sh002-lnx.ap.qualcomm.com (10.80.80.8) by nasanex01c.na.qualcomm.com (10.45.79.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.9; Mon, 13 Jan 2025 21:35:46 -0800 From: "Jiao, Joey" Date: Tue, 14 Jan 2025 13:34:31 +0800 Subject: [PATCH 1/7] kcov: introduce new kcov KCOV_TRACE_UNIQ_PC mode MIME-Version: 1.0 Message-ID: <20250114-kcov-v1-1-004294b931a2@quicinc.com> References: <20250114-kcov-v1-0-004294b931a2@quicinc.com> In-Reply-To: <20250114-kcov-v1-0-004294b931a2@quicinc.com> To: Dmitry Vyukov , Andrey Konovalov , Jonathan Corbet , Andrew Morton , Dennis Zhou , Tejun Heo , Christoph Lameter , Catalin Marinas , Will Deacon CC: , , , , , , X-Mailer: b4 0.14.2 X-Developer-Signature: v=1; a=ed25519-sha256; t=1736832941; l=9637; i=quic_jiangenj@quicinc.com; s=20250114; h=from:subject:message-id; bh=B7wHQFKQobnmg8wdM6NUVeUWs1lU5h8VAiYZXhUuszQ=; b=3Fvg8y8dQ7utfwGWRCIqEI/3IwdHZiSSLCJAtwDZ3DSR+sj7AgVMY66KyCdxL52wgtcbIHf8o 9j75hRm567mDu2jxJ/jTIXR40Kjt9iqFT8hdyyzRUDAE3mZ2DSasfbM X-Developer-Key: i=quic_jiangenj@quicinc.com; a=ed25519; pk=JPzmfEvx11SW1Q1qtMhFcAx46KP1Ui36jcetDgbev28= X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To nasanex01c.na.qualcomm.com (10.45.79.139) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: qeP3yiT5DpcBwuW5hL4M01mTLK8jZQWF X-Proofpoint-GUID: qeP3yiT5DpcBwuW5hL4M01mTLK8jZQWF X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-06_09,2024-09-06_01,2024-09-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 lowpriorityscore=0 bulkscore=0 mlxlogscore=777 adultscore=0 suspectscore=0 malwarescore=0 phishscore=0 clxscore=1015 impostorscore=0 priorityscore=1501 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2411120000 definitions=main-2501140043 X-Rspamd-Queue-Id: 225C4100005 X-Rspam-User: X-Rspamd-Server: rspam07 X-Stat-Signature: ks5nzi3cenychpcaqz8m6zm1sgeq7x93 X-HE-Tag: 1736832961-366870 X-HE-Meta: U2FsdGVkX19aiI1dDA1Wg6n431VccCDW6IIipK5NXHMXkhQ+VsMGSIsV4hxWG/KGNYRS4rt2nJDSrbn4v40nt9b5np3URt9BsUz/FrD2BxDj96PLF3yuH/zmYVuwnYc1trhJtJQR2D1SW9q1ra5EFKxsysfkSONF/qzSZVA5+Gnuw9SKSdOintwle9Bp9KFqMrdedHFhzJ5ovdDcoKWfZamETVguTVmKLSm4HXxWo8oFZmdTGNR2KcLrXs7D7D6WoecINB68s1JnNdEalNxScSMmqLie3zCvVaEbdCeON5hqneyNeMkV2hz4s4LzEiwoU1cDOriv30LIlym80k3Ues/WSnydVmitN6lzNTBbY+fSpEB21TXnC6kwo0hGO/TNyO8D9YL3JT5d9BodnUIOm30fQp33ROOke5002l7LxzF1Z5MB0f1Aie7OgPM4aE6qaIR61nARIuxrMKA+J3A4SAch3Ls1VmpSh6mzGxl/WQ63GilhmXF/8NJzV/TPQLbuvKHdrLNJZu6u8Hkyp9mCbXvSGivuGGneXeHGsHxyU0cO1Hu4gHrRvSn4HLLTgHwjsi4ciVCyn+x2nCtph7ODDD7ERfLiHGPFTgH0DRR94/7J6iGcwS3dKncJiNq7eCfuuqUy8qUcs4tQpS3n/Oy7n4eW/7tZravswbcrhRIdkfMcqf+gVKeI/zL2PPh4W5yUiavgPD55bHjWmszrMTNmsGpeAh37MYXYWe21YnGA1KaLA1m6qhtkJPRrwz8lzyDtVXiwlHY/MxTifUtvd2BjxFEVihmZAHCNuCIw2hhg/eR58KrtBmlAFMy7t+yZWSZemI5kSjZGRXDX+b3VZDHz2k3znEj2LGcP4KmBQ5cknBlQgHKL1/uAKYiTWNC/9QAo5PDJR4w0aEkuIAjomw9pVYZnnSySV/kgewbRFp8N48nokA6qx5EIwpdSRsOmI/6bK7qcKGm6xpypKtTVKTW ny9NLVH3 BkmtRFHuUP4XVWXQM+phe6E4vkZ6j0tTeT+lBYG9q2j3HTiinyRqRI3bnCClsrrkO64N3tS2UlO0vat2j1PsDRgzxWO8D/W/R470VVCycdKYdbWEzTefweLWDBuTY8T13ozk1T2YlezGROv3knW/cnmwSpLF681XqRp+3C3UOyhx7o8SGh122iDgEgpUXvW87IVW7igLWuPkuqz+olGKAI8C3hs533KHkuACxgVmSUra9n5msGfo7tbxjzKPiwySec+R28COgGbPPGp1Xvkk1yqmLTVScgU8ZQAeb5fem+qqZLxiyso3G+jrSt29I5KlGY471q/8Bxg1ehavpt8gC64SrfM+1TZZ58Zrongjagte0lpvb4MRTn3xKKg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: The current kcov KCOV_TRACE_PC mode stores PC in sequence. Introduce KCOV_TRACE_UNIQ_PC mode to store unique PC info. In unique PC mode, - use hashmap to store unique PC in kcov_entry - use gen_pool_alloc in __sanitizer_cov_trace_pc to avoid sleeping function kmalloc Signed-off-by: Jiao, Joey --- include/linux/kcov.h | 6 +- include/uapi/linux/kcov.h | 2 + kernel/kcov.c | 190 ++++++++++++++++++++++++++++++++++++++++------ 3 files changed, 173 insertions(+), 25 deletions(-) diff --git a/include/linux/kcov.h b/include/linux/kcov.h index 75a2fb8b16c32917817b8ec7f5e45421793431ae..aafd9f88450cb8672c701349300b54662bc38079 100644 --- a/include/linux/kcov.h +++ b/include/linux/kcov.h @@ -20,9 +20,11 @@ enum kcov_mode { */ KCOV_MODE_TRACE_PC = 2, /* Collecting comparison operands mode. */ - KCOV_MODE_TRACE_CMP = 3, + KCOV_MODE_TRACE_CMP = 4, /* The process owns a KCOV remote reference. */ - KCOV_MODE_REMOTE = 4, + KCOV_MODE_REMOTE = 8, + /* COllecting uniq pc mode. */ + KCOV_MODE_TRACE_UNIQ_PC = 16, }; #define KCOV_IN_CTXSW (1 << 30) diff --git a/include/uapi/linux/kcov.h b/include/uapi/linux/kcov.h index ed95dba9fa37e291e9e9e0109eb8481bb7a5e9da..d2a2bff36f285a5e3a03395f8890fcb716cf3f07 100644 --- a/include/uapi/linux/kcov.h +++ b/include/uapi/linux/kcov.h @@ -35,6 +35,8 @@ enum { KCOV_TRACE_PC = 0, /* Collecting comparison operands mode. */ KCOV_TRACE_CMP = 1, + /* Collecting uniq PC mode. */ + KCOV_TRACE_UNIQ_PC = 2, }; /* diff --git a/kernel/kcov.c b/kernel/kcov.c index 28a6be6e64fdd721d49c4040ed10ce33f9d890a1..bbd7b7503206fe595976458ab685b95f784607d7 100644 --- a/kernel/kcov.c +++ b/kernel/kcov.c @@ -9,9 +9,11 @@ #include #include #include +#include #include #include #include +#include #include #include #include @@ -32,6 +34,29 @@ /* Number of 64-bit words written per one comparison: */ #define KCOV_WORDS_PER_CMP 4 +struct kcov_entry { + unsigned long ent; + + struct hlist_node node; +}; + +/* Min gen pool alloc order. */ +#define MIN_POOL_ALLOC_ORDER ilog2(roundup_pow_of_two(sizeof(struct kcov_entry))) + +/* + * kcov hashmap to store uniq pc, prealloced mem for kcov_entry + * and area shared between kernel and userspace. + */ +struct kcov_map { + /* 15 bits fit most cases for hash collision, memory and performance. */ + DECLARE_HASHTABLE(buckets, 15); + struct gen_pool *pool; + /* Prealloced memory added to pool to be used as kcov_entry. */ + void *mem; + /* Buffer shared with user space. */ + void *area; +}; + /* * kcov descriptor (one per opened debugfs file). * State transitions of the descriptor: @@ -60,6 +85,8 @@ struct kcov { unsigned int size; /* Coverage buffer shared with user space. */ void *area; + /* Coverage hashmap for unique pc. */ + struct kcov_map *map; /* Task for which we collect coverage, or NULL. */ struct task_struct *t; /* Collecting coverage from remote (background) threads. */ @@ -171,7 +198,7 @@ static inline bool in_softirq_really(void) return in_serving_softirq() && !in_hardirq() && !in_nmi(); } -static notrace bool check_kcov_mode(enum kcov_mode needed_mode, struct task_struct *t) +static notrace unsigned int check_kcov_mode(enum kcov_mode needed_mode, struct task_struct *t) { unsigned int mode; @@ -191,7 +218,94 @@ static notrace bool check_kcov_mode(enum kcov_mode needed_mode, struct task_stru * kcov_start(). */ barrier(); - return mode == needed_mode; + return mode & needed_mode; +} + +static int kcov_map_init(struct kcov *kcov, unsigned long size) +{ + struct kcov_map *map; + void *area; + unsigned long flags; + + map = kzalloc(sizeof(*map), GFP_KERNEL); + if (!map) + return -ENOMEM; + + area = vmalloc_user(size * sizeof(unsigned long)); + if (!area) { + kfree(map); + return -ENOMEM; + } + + spin_lock_irqsave(&kcov->lock, flags); + map->area = area; + + kcov->map = map; + kcov->area = area; + spin_unlock_irqrestore(&kcov->lock, flags); + + hash_init(map->buckets); + + map->pool = gen_pool_create(MIN_POOL_ALLOC_ORDER, -1); + if (!map->pool) + return -ENOMEM; + + map->mem = vmalloc(size * (1 << MIN_POOL_ALLOC_ORDER)); + if (!map->mem) { + vfree(area); + gen_pool_destroy(map->pool); + kfree(map); + return -ENOMEM; + } + + if (gen_pool_add(map->pool, (unsigned long)map->mem, size * + (1 << MIN_POOL_ALLOC_ORDER), -1)) { + vfree(area); + vfree(map->mem); + gen_pool_destroy(map->pool); + kfree(map); + return -ENOMEM; + } + + return 0; +} + +static inline u32 hash_key(const struct kcov_entry *k) +{ + return jhash((u32 *)k, offsetof(struct kcov_entry, node), 0); +} + +static notrace inline void kcov_map_add(struct kcov_map *map, struct kcov_entry *ent, + struct task_struct *t) +{ + struct kcov *kcov; + struct kcov_entry *entry; + unsigned int key = hash_key(ent); + unsigned long pos, *area; + + kcov = t->kcov; + + hash_for_each_possible_rcu(map->buckets, entry, node, key) { + if (entry->ent == ent->ent) + return; + } + + entry = (struct kcov_entry *)gen_pool_alloc(map->pool, 1 << MIN_POOL_ALLOC_ORDER); + if (unlikely(!entry)) + return; + + barrier(); + memcpy(entry, ent, sizeof(*entry)); + hash_add_rcu(map->buckets, &entry->node, key); + + area = t->kcov_area; + + pos = READ_ONCE(area[0]) + 1; + if (likely(pos < t->kcov_size)) { + WRITE_ONCE(area[0], pos); + barrier(); + area[pos] = ent->ent; + } } static notrace unsigned long canonicalize_ip(unsigned long ip) @@ -212,25 +326,34 @@ void notrace __sanitizer_cov_trace_pc(void) unsigned long *area; unsigned long ip = canonicalize_ip(_RET_IP_); unsigned long pos; + struct kcov_entry entry = {0}; + unsigned int mode; t = current; - if (!check_kcov_mode(KCOV_MODE_TRACE_PC, t)) + if (!check_kcov_mode(KCOV_MODE_TRACE_PC | KCOV_MODE_TRACE_UNIQ_PC, t)) return; area = t->kcov_area; - /* The first 64-bit word is the number of subsequent PCs. */ - pos = READ_ONCE(area[0]) + 1; - if (likely(pos < t->kcov_size)) { - /* Previously we write pc before updating pos. However, some - * early interrupt code could bypass check_kcov_mode() check - * and invoke __sanitizer_cov_trace_pc(). If such interrupt is - * raised between writing pc and updating pos, the pc could be - * overitten by the recursive __sanitizer_cov_trace_pc(). - * Update pos before writing pc to avoid such interleaving. - */ - WRITE_ONCE(area[0], pos); - barrier(); - area[pos] = ip; + mode = t->kcov_mode; + if (mode == KCOV_MODE_TRACE_PC) { + area = t->kcov_area; + /* The first 64-bit word is the number of subsequent PCs. */ + pos = READ_ONCE(area[0]) + 1; + if (likely(pos < t->kcov_size)) { + /* Previously we write pc before updating pos. However, some + * early interrupt code could bypass check_kcov_mode() check + * and invoke __sanitizer_cov_trace_pc(). If such interrupt is + * raised between writing pc and updating pos, the pc could be + * overitten by the recursive __sanitizer_cov_trace_pc(). + * Update pos before writing pc to avoid such interleaving. + */ + WRITE_ONCE(area[0], pos); + barrier(); + area[pos] = ip; + } + } else { + entry.ent = ip; + kcov_map_add(t->kcov->map, &entry, t); } } EXPORT_SYMBOL(__sanitizer_cov_trace_pc); @@ -432,11 +555,33 @@ static void kcov_get(struct kcov *kcov) refcount_inc(&kcov->refcount); } +static void kcov_map_free(struct kcov *kcov) +{ + int bkt; + struct hlist_node *tmp; + struct kcov_entry *entry; + struct kcov_map *map; + + map = kcov->map; + if (!map) + return; + rcu_read_lock(); + hash_for_each_safe(map->buckets, bkt, tmp, entry, node) { + hash_del_rcu(&entry->node); + gen_pool_free(map->pool, (unsigned long)entry, 1 << MIN_POOL_ALLOC_ORDER); + } + rcu_read_unlock(); + vfree(map->area); + vfree(map->mem); + gen_pool_destroy(map->pool); + kfree(map); +} + static void kcov_put(struct kcov *kcov) { if (refcount_dec_and_test(&kcov->refcount)) { kcov_remote_reset(kcov); - vfree(kcov->area); + kcov_map_free(kcov); kfree(kcov); } } @@ -546,6 +691,8 @@ static int kcov_get_mode(unsigned long arg) #else return -ENOTSUPP; #endif + else if (arg == KCOV_TRACE_UNIQ_PC) + return KCOV_MODE_TRACE_UNIQ_PC; else return -EINVAL; } @@ -698,7 +845,6 @@ static long kcov_ioctl(struct file *filep, unsigned int cmd, unsigned long arg) unsigned int remote_num_handles; unsigned long remote_arg_size; unsigned long size, flags; - void *area; kcov = filep->private_data; switch (cmd) { @@ -713,16 +859,14 @@ static long kcov_ioctl(struct file *filep, unsigned int cmd, unsigned long arg) size = arg; if (size < 2 || size > INT_MAX / sizeof(unsigned long)) return -EINVAL; - area = vmalloc_user(size * sizeof(unsigned long)); - if (area == NULL) - return -ENOMEM; + res = kcov_map_init(kcov, size); + if (res) + return res; spin_lock_irqsave(&kcov->lock, flags); if (kcov->mode != KCOV_MODE_DISABLED) { spin_unlock_irqrestore(&kcov->lock, flags); - vfree(area); return -EBUSY; } - kcov->area = area; kcov->size = size; kcov->mode = KCOV_MODE_INIT; spin_unlock_irqrestore(&kcov->lock, flags);