Thread (18 messages) 18 messages, 5 authors, 2014-09-04

[PATCH v5 3/3] kprobes: arm: enable OPTPROBES for ARM 32

From: Will Deacon <hidden>
Date: 2014-09-04 10:53:27
Also in: lkml 

On Thu, Sep 04, 2014 at 11:40:35AM +0100, Jon Medhurst (Tixy) wrote:
On Wed, 2014-09-03 at 11:30 +0100, Will Deacon wrote:
quoted
On Wed, Sep 03, 2014 at 11:18:04AM +0100, Masami Hiramatsu wrote:
quoted
(2014/09/02 22:49), Jon Medhurst (Tixy) wrote:
quoted
1. On SMP systems it's very slow because of kprobe's use of stop_machine
for applying and removing probes, this forces the system to idle and
wait for the next scheduler tick for each probe change.
Hmm, agreed. It seems that arm32 limitation of self-modifying code on SMP.
I'm not sure how we can handle it, but I guess;
 - for some processors which have better coherent cache for SMP, we can
   atomically replace the breakpoint code with original code.
Except that it's not an architected breakpoint instruction, as I mentioned
before. It's also not really a property of the cache.
quoted
 - Even if we get an "undefined instruction" exception, its handler can
   ask kprobes if the address is under modifying or not. And if it is,
   we can just return from the exception to retry the execution.
It's not as simple as that -- you could potentially see an interleaving of
the two instructions. The architecture is even broader than that:

 Concurrent modification and execution of instructions can lead to the
 resulting instruction performing any behavior that can be achieved by
 executing any sequence of instructions that can be executed from the
 same Exception level,

There are additional guarantees for some instructions (like the architected
BKPT instruction).
I should point out that the current implementation of kprobes doesn't
use stop_machine because it's trying to meet the above architecture
restrictions, and that arming kprobes (changing probed instruction to an
undefined instruction) isn't usually done under stop_machine, so other
CPUs could be executing the original instruction as it's being modified.

So, should we be making patch_text unconditionally use stop machine and
remove all direct use of __patch_text? (E.g. by jump labels.)
You could take a look at what we do for arm64 (see aarch64_insn_hotpatch_safe)
for inspiration.

Will
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help