diff mbox series

[bpf-next,v2,1/3] riscv: extend patch_text_nosync() for multiple pages

Message ID 20230824133135.1176709-2-puranjay12@gmail.com (mailing list archive)
State Superseded
Delegated to: BPF
Headers show
Series bpf, riscv: use BPF prog pack allocator in BPF JIT | expand

Checks

Context Check Description
bpf/vmtest-bpf-next-VM_Test-10 success Logs for test_progs on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-8 success Logs for test_maps on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-20 success Logs for test_progs_no_alu32_parallel on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-13 success Logs for test_progs on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-17 success Logs for test_progs_no_alu32 on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-18 success Logs for test_progs_no_alu32_parallel on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-9 success Logs for test_maps on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-19 success Logs for test_progs_no_alu32_parallel on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-12 success Logs for test_progs on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-26 success Logs for test_verifier on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-16 success Logs for test_progs_no_alu32 on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-22 success Logs for test_progs_parallel on x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-21 success Logs for test_progs_parallel on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-24 success Logs for test_verifier on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-28 success Logs for veristat
bpf/vmtest-bpf-next-VM_Test-23 success Logs for test_progs_parallel on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-27 success Logs for test_verifier on x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-14 success Logs for test_progs_no_alu32 on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-25 success Logs for test_verifier on s390x with gcc
bpf/vmtest-bpf-next-VM_Test-15 success Logs for test_progs_no_alu32 on s390x with gcc
bpf/vmtest-bpf-next-VM_Test-11 success Logs for test_progs on s390x with gcc
netdev/series_format success Posting correctly formatted
netdev/tree_selection success Clearly marked for bpf-next, async
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 9 this patch: 9
netdev/cc_maintainers warning 1 maintainers not CCed: bjorn@rivosinc.com
netdev/build_clang success Errors and warnings before: 9 this patch: 9
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 9 this patch: 9
netdev/checkpatch warning CHECK: Please use a blank line after function/struct/union/enum declarations
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0
bpf/vmtest-bpf-next-PR fail PR summary
bpf/vmtest-bpf-next-VM_Test-2 success Logs for build for aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-6 success Logs for set-matrix
bpf/vmtest-bpf-next-VM_Test-5 success Logs for build for x86_64 with llvm-16
bpf/vmtest-bpf-next-VM_Test-4 success Logs for build for x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-3 fail Logs for build for s390x with gcc
bpf/vmtest-bpf-next-VM_Test-0 success Logs for ${{ matrix.test }} on ${{ matrix.arch }} with ${{ matrix.toolchain_full }}
bpf/vmtest-bpf-next-VM_Test-7 success Logs for veristat
bpf/vmtest-bpf-next-VM_Test-1 success Logs for ShellCheck

Commit Message

Puranjay Mohan Aug. 24, 2023, 1:31 p.m. UTC 
The patch_insn_write() function currently doesn't work for multiple
pages of instructions, therefore patch_text_nosync() will fail with a
page fault if called with lengths spanning multiple pages.

This commit extends the patch_insn_write() function to support multiple
pages by copying at max 2 pages at a time in a loop. This implementation
is similar to text_poke_copy() function of x86.

Signed-off-by: Puranjay Mohan <puranjay12@gmail.com>
Reviewed-by: Björn Töpel <bjorn@rivosinc.com>
---
 arch/riscv/kernel/patch.c | 39 ++++++++++++++++++++++++++++++++++-----
 1 file changed, 34 insertions(+), 5 deletions(-)

Comments

Song Liu Aug. 24, 2023, 9:57 p.m. UTC | #1 
On Thu, Aug 24, 2023 at 6:31 AM Puranjay Mohan <puranjay12@gmail.com> wrote:
>
> The patch_insn_write() function currently doesn't work for multiple
> pages of instructions, therefore patch_text_nosync() will fail with a
> page fault if called with lengths spanning multiple pages.
>
> This commit extends the patch_insn_write() function to support multiple
> pages by copying at max 2 pages at a time in a loop. This implementation
> is similar to text_poke_copy() function of x86.
>
> Signed-off-by: Puranjay Mohan <puranjay12@gmail.com>
> Reviewed-by: Björn Töpel <bjorn@rivosinc.com>
> ---
>  arch/riscv/kernel/patch.c | 39 ++++++++++++++++++++++++++++++++++-----
>  1 file changed, 34 insertions(+), 5 deletions(-)
>
> diff --git a/arch/riscv/kernel/patch.c b/arch/riscv/kernel/patch.c
> index 575e71d6c8ae..465b2eebbc37 100644
> --- a/arch/riscv/kernel/patch.c
> +++ b/arch/riscv/kernel/patch.c
> @@ -53,12 +53,18 @@ static void patch_unmap(int fixmap)
>  }
>  NOKPROBE_SYMBOL(patch_unmap);
>
> -static int patch_insn_write(void *addr, const void *insn, size_t len)
> +static int __patch_insn_write(void *addr, const void *insn, size_t len)
>  {
>         void *waddr = addr;
>         bool across_pages = (((uintptr_t) addr & ~PAGE_MASK) + len) > PAGE_SIZE;
>         int ret;
>
> +       /*
> +        * Only two pages can be mapped at a time for writing.
> +        */
> +       if (len > 2 * PAGE_SIZE)
> +               return -EINVAL;

This check cannot guarantee __patch_insn_write touch at most two pages.
Maybe use

    if (len + offset_in_page(addr) > 2 * PAGE_SIZE)
        return -EINVAL;
?

Thanks,
Song

>         /*
>          * Before reaching here, it was expected to lock the text_mutex
>          * already, so we don't need to give another lock here and could
> @@ -74,7 +80,7 @@ static int patch_insn_write(void *addr, const void *insn, size_t len)
>                 lockdep_assert_held(&text_mutex);
>
>         if (across_pages)
> -               patch_map(addr + len, FIX_TEXT_POKE1);
> +               patch_map(addr + PAGE_SIZE, FIX_TEXT_POKE1);
>
>         waddr = patch_map(addr, FIX_TEXT_POKE0);
>
> @@ -87,15 +93,38 @@ static int patch_insn_write(void *addr, const void *insn, size_t len)
>
>         return ret;
>  }
> -NOKPROBE_SYMBOL(patch_insn_write);
> +NOKPROBE_SYMBOL(__patch_insn_write);
>  #else
> -static int patch_insn_write(void *addr, const void *insn, size_t len)
> +static int __patch_insn_write(void *addr, const void *insn, size_t len)
>  {
>         return copy_to_kernel_nofault(addr, insn, len);
>  }
> -NOKPROBE_SYMBOL(patch_insn_write);
> +NOKPROBE_SYMBOL(__patch_insn_write);
>  #endif /* CONFIG_MMU */
>
> +static int patch_insn_write(void *addr, const void *insn, size_t len)
> +{
> +       size_t patched = 0;
> +       size_t size;
> +       int ret = 0;
> +
> +       /*
> +        * Copy the instructions to the destination address, two pages at a time
> +        * because __patch_insn_write() can only handle len <= 2 * PAGE_SIZE.
> +        */
> +       while (patched < len && !ret) {
> +               size = min_t(size_t,
> +                            PAGE_SIZE * 2 - offset_in_page(addr + patched),
> +                            len - patched);
> +               ret = __patch_insn_write(addr + patched, insn + patched, size);
> +
> +               patched += size;
> +       }
> +
> +       return ret;
> +}
> +NOKPROBE_SYMBOL(patch_insn_write);
> +
>  int patch_text_nosync(void *addr, const void *insns, size_t len)
>  {
>         u32 *tp = addr;
> --
> 2.39.2
>
Puranjay Mohan Aug. 24, 2023, 10:04 p.m. UTC | #2 
Hi Song,

On Thu, Aug 24, 2023 at 11:57 PM Song Liu <song@kernel.org> wrote:
>
> On Thu, Aug 24, 2023 at 6:31 AM Puranjay Mohan <puranjay12@gmail.com> wrote:
> >
> > The patch_insn_write() function currently doesn't work for multiple
> > pages of instructions, therefore patch_text_nosync() will fail with a
> > page fault if called with lengths spanning multiple pages.
> >
> > This commit extends the patch_insn_write() function to support multiple
> > pages by copying at max 2 pages at a time in a loop. This implementation
> > is similar to text_poke_copy() function of x86.
> >
> > Signed-off-by: Puranjay Mohan <puranjay12@gmail.com>
> > Reviewed-by: Björn Töpel <bjorn@rivosinc.com>
> > ---
> >  arch/riscv/kernel/patch.c | 39 ++++++++++++++++++++++++++++++++++-----
> >  1 file changed, 34 insertions(+), 5 deletions(-)
> >
> > diff --git a/arch/riscv/kernel/patch.c b/arch/riscv/kernel/patch.c
> > index 575e71d6c8ae..465b2eebbc37 100644
> > --- a/arch/riscv/kernel/patch.c
> > +++ b/arch/riscv/kernel/patch.c
> > @@ -53,12 +53,18 @@ static void patch_unmap(int fixmap)
> >  }
> >  NOKPROBE_SYMBOL(patch_unmap);
> >
> > -static int patch_insn_write(void *addr, const void *insn, size_t len)
> > +static int __patch_insn_write(void *addr, const void *insn, size_t len)
> >  {
> >         void *waddr = addr;
> >         bool across_pages = (((uintptr_t) addr & ~PAGE_MASK) + len) > PAGE_SIZE;
> >         int ret;
> >
> > +       /*
> > +        * Only two pages can be mapped at a time for writing.
> > +        */
> > +       if (len > 2 * PAGE_SIZE)
> > +               return -EINVAL;
>
> This check cannot guarantee __patch_insn_write touch at most two pages.

Yes, I just realised this can span 3 pages if len = 2 * PAGE_SIZE and
offset_in_page(addr) > 0.

> Maybe use
>
>     if (len + offset_in_page(addr) > 2 * PAGE_SIZE)
>         return -EINVAL;
> ?

Will fix it in the next version.

>
> Thanks,
> Song
>
> >         /*
> >          * Before reaching here, it was expected to lock the text_mutex
> >          * already, so we don't need to give another lock here and could
> > @@ -74,7 +80,7 @@ static int patch_insn_write(void *addr, const void *insn, size_t len)
> >                 lockdep_assert_held(&text_mutex);
> >
> >         if (across_pages)
> > -               patch_map(addr + len, FIX_TEXT_POKE1);
> > +               patch_map(addr + PAGE_SIZE, FIX_TEXT_POKE1);
> >
> >         waddr = patch_map(addr, FIX_TEXT_POKE0);
> >
> > @@ -87,15 +93,38 @@ static int patch_insn_write(void *addr, const void *insn, size_t len)
> >
> >         return ret;
> >  }
> > -NOKPROBE_SYMBOL(patch_insn_write);
> > +NOKPROBE_SYMBOL(__patch_insn_write);
> >  #else
> > -static int patch_insn_write(void *addr, const void *insn, size_t len)
> > +static int __patch_insn_write(void *addr, const void *insn, size_t len)
> >  {
> >         return copy_to_kernel_nofault(addr, insn, len);
> >  }
> > -NOKPROBE_SYMBOL(patch_insn_write);
> > +NOKPROBE_SYMBOL(__patch_insn_write);
> >  #endif /* CONFIG_MMU */
> >
> > +static int patch_insn_write(void *addr, const void *insn, size_t len)
> > +{
> > +       size_t patched = 0;
> > +       size_t size;
> > +       int ret = 0;
> > +
> > +       /*
> > +        * Copy the instructions to the destination address, two pages at a time
> > +        * because __patch_insn_write() can only handle len <= 2 * PAGE_SIZE.
> > +        */
> > +       while (patched < len && !ret) {
> > +               size = min_t(size_t,
> > +                            PAGE_SIZE * 2 - offset_in_page(addr + patched),
> > +                            len - patched);
> > +               ret = __patch_insn_write(addr + patched, insn + patched, size);
> > +
> > +               patched += size;
> > +       }
> > +
> > +       return ret;
> > +}
> > +NOKPROBE_SYMBOL(patch_insn_write);
> > +
> >  int patch_text_nosync(void *addr, const void *insns, size_t len)
> >  {
> >         u32 *tp = addr;
> > --
> > 2.39.2
> >

Thanks,
Puranjay
diff mbox series

Patch

diff --git a/arch/riscv/kernel/patch.c b/arch/riscv/kernel/patch.c
index 575e71d6c8ae..465b2eebbc37 100644
--- a/arch/riscv/kernel/patch.c
+++ b/arch/riscv/kernel/patch.c
@@ -53,12 +53,18 @@  static void patch_unmap(int fixmap)
 }
 NOKPROBE_SYMBOL(patch_unmap);
 
-static int patch_insn_write(void *addr, const void *insn, size_t len)
+static int __patch_insn_write(void *addr, const void *insn, size_t len)
 {
 	void *waddr = addr;
 	bool across_pages = (((uintptr_t) addr & ~PAGE_MASK) + len) > PAGE_SIZE;
 	int ret;
 
+	/*
+	 * Only two pages can be mapped at a time for writing.
+	 */
+	if (len > 2 * PAGE_SIZE)
+		return -EINVAL;
+
 	/*
 	 * Before reaching here, it was expected to lock the text_mutex
 	 * already, so we don't need to give another lock here and could
@@ -74,7 +80,7 @@  static int patch_insn_write(void *addr, const void *insn, size_t len)
 		lockdep_assert_held(&text_mutex);
 
 	if (across_pages)
-		patch_map(addr + len, FIX_TEXT_POKE1);
+		patch_map(addr + PAGE_SIZE, FIX_TEXT_POKE1);
 
 	waddr = patch_map(addr, FIX_TEXT_POKE0);
 
@@ -87,15 +93,38 @@  static int patch_insn_write(void *addr, const void *insn, size_t len)
 
 	return ret;
 }
-NOKPROBE_SYMBOL(patch_insn_write);
+NOKPROBE_SYMBOL(__patch_insn_write);
 #else
-static int patch_insn_write(void *addr, const void *insn, size_t len)
+static int __patch_insn_write(void *addr, const void *insn, size_t len)
 {
 	return copy_to_kernel_nofault(addr, insn, len);
 }
-NOKPROBE_SYMBOL(patch_insn_write);
+NOKPROBE_SYMBOL(__patch_insn_write);
 #endif /* CONFIG_MMU */
 
+static int patch_insn_write(void *addr, const void *insn, size_t len)
+{
+	size_t patched = 0;
+	size_t size;
+	int ret = 0;
+
+	/*
+	 * Copy the instructions to the destination address, two pages at a time
+	 * because __patch_insn_write() can only handle len <= 2 * PAGE_SIZE.
+	 */
+	while (patched < len && !ret) {
+		size = min_t(size_t,
+			     PAGE_SIZE * 2 - offset_in_page(addr + patched),
+			     len - patched);
+		ret = __patch_insn_write(addr + patched, insn + patched, size);
+
+		patched += size;
+	}
+
+	return ret;
+}
+NOKPROBE_SYMBOL(patch_insn_write);
+
 int patch_text_nosync(void *addr, const void *insns, size_t len)
 {
 	u32 *tp = addr;