Re: [PATCH 3/3] x86/ftrace: Use text_poke()

From: Steven Rostedt
Date: Tue Oct 22 2019 - 07:20:02 EST

Next message: pr-tracker-bot: "Re: [GIT PULL] pin control fixes for v5.4"
Previous message: Anshuman Khandual: "Re: [PATCH V7] mm/debug: Add tests validating architecture page table helpers"
In reply to: Alexei Starovoitov: "Re: [PATCH 3/3] x86/ftrace: Use text_poke()"
Next in thread: Steven Rostedt: "Re: [PATCH 3/3] x86/ftrace: Use text_poke()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 21 Oct 2019 21:05:33 -0700
Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> wrote:

> On Mon, Oct 21, 2019 at 11:19:04PM -0400, Steven Rostedt wrote:
> > On Mon, 21 Oct 2019 23:16:30 -0400
> > Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> >
> > > > what bugs you're seeing?
> > > > The IPI frequency that was mentioned in this thread or something else?
> > > > I'm hacking ftrace+bpf stuff in the same spot and would like to
> > > > base my work on the latest and greatest.
> >
> > I'm also going to be touching some of this code too, as I'm waiting for
> > Peter's code to settle down. What are you touching? I'm going to be
> > working on making the dyn_ftrace records smaller, and this is going to
> > change the way the iterations work on modifying the code.
>
> I'm not touching dyn_ftrace.
> Actually calling my stuff ftrace+bpf is probably not correct either.
> I'm reusing code patching of nop into call that ftrace does. That's it.
> Turned out I cannot use 99% of ftrace facilities.
> ftrace_caller, ftrace_call, ftrace_ops_list_func and the whole ftrace api
> with ip, parent_ip and pt_regs cannot be used for this part of the work.
> bpf prog needs to access raw function arguments. To achieve that I'm

You can do that today with the ftrace facility, just like live patching
does. You register a ftrace_ops with the flag FTRACE_OPS_FL_IPMODIFY,
and your func will set the regs->ip to your bpf handler. When the
ftrace_ops->func returns, instead of going back to the called
function, it can jump to your bpf_handler. You can create a shadow stack
(like function graph tracer does) to save the return address for where
you bpf handler needs to return to. As your bpf_handler needs raw
access to the parameters, it may not even need the shadow stack because
it should know the function it is reading the parameters from.

If you still want the return address without the shadow stack, it
wouldn't be hard to add another ftrace_ops flag, that allows the
ftrace_ops to inject a return address to simulate a call function
before it jumps to the modified IP.

> generating code on the fly. Just like bpf jits do.
> As soon as I have something reviewable I'll share it.
> That's the stuff I mentioned to you at KR.
> First nop of a function will be replaced with a call into bpf.
> Very similar to what existing kprobe+bpf does, but faster and safer.
> Second part of calling real ftrace from bpf is on todo list.

Having two different infrastructures modifying the first nop is going
to cause a huge nightmare to maintain. This is why live patching didn't
do it. I strongly suggested that you do not have bpf have its own
infrastructure.

-- Steve

Next message: pr-tracker-bot: "Re: [GIT PULL] pin control fixes for v5.4"
Previous message: Anshuman Khandual: "Re: [PATCH V7] mm/debug: Add tests validating architecture page table helpers"
In reply to: Alexei Starovoitov: "Re: [PATCH 3/3] x86/ftrace: Use text_poke()"
Next in thread: Steven Rostedt: "Re: [PATCH 3/3] x86/ftrace: Use text_poke()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]