From patchwork Sat Jan 27 04:41:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jinghao Jia X-Patchwork-Id: 192963 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp321739dyb; Fri, 26 Jan 2024 21:17:19 -0800 (PST) X-Google-Smtp-Source: AGHT+IEeEmyvskhT8ld9Pcb5fTIatUBjY2WSMY4GG6OZxtdPOg/QOusOpaXdEmEb0e+iMdZcx5dp X-Received: by 2002:a17:907:10c4:b0:a31:8944:2cf6 with SMTP id rv4-20020a17090710c400b00a3189442cf6mr1558809ejb.8.1706332639390; Fri, 26 Jan 2024 21:17:19 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706332639; cv=pass; d=google.com; s=arc-20160816; b=OYujydypv+sbtvjDwmEjx9rSoSvgx68rTKEFTUhx0UYqOkdOEoYOjmM2InLCbAxiHc 5H0dvCPKr7d8urtXEQNVtuMr7qStAZjXGIOSWW+UWgejFLRh3CZpk7FJ9/TwTgIMn+Rh akwBPZzmGtziEgb8aiHp9PzEeuZQ/csCCBDN+6Zw1TtchMXsZHckF0TJuKNAx6EpVarL c7fPGKENbxcjBRPL+DQHnuk7iVmXp+L9xI6/cyo+6MvIpmBG8IMRgcQHy6vVu02ar/v1 YVil2t4q9ldoEwreVdJ2wOgcbQxgTNIc8cBAgjo31Lx1XhABIlpHJgnCkJRfEOpGUMJF YESg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=LfUQSwHCxqCuC+PAruuCClPENWlIgNi29wcXxn4Mv64=; fh=ihYqxaSOeWkOf/TXzhQINhK9J+TBcUU0y3bPV7PZkzo=; b=mciXMAXugAreRVcBla0ROH0TOewmreL7mryLD8JkMZEXF1aqwTRwN474uQuOTX3+tU PBqaHnJe/Lrc6IA1cIV9h1/i52FpY0gHbhIFX6BzypwhjEzZhq3dQvXz0yuHmyaB5Kj0 aGOJSnC8x2lKT8nfa/weapXbG0VEPtb+J/JTbNlJd74ckXOvYxNb000d7iPkwnOMg3bt oRlwfnSGE/wBUfma3mAZi54+AqTTYPNANI6OKrRIwsIkr+lU+4hruF+3JFU6XncsrRVs W6M+BXS9SZNP3h9Cw1YyWxq/VKfsznudxHsV79Xf84p2V+G0Hl/JA+TuUMbz1f8u6R0S V6HQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@illinois.edu header.s=campusrelays header.b=K23S8VkV; arc=pass (i=1 spf=pass spfdomain=illinois.edu dkim=pass dkdomain=illinois.edu dmarc=pass fromdomain=illinois.edu); spf=pass (google.com: domain of linux-kernel+bounces-41071-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41071-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=illinois.edu Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id r19-20020a1709067fd300b00a32c31a2846si1257004ejs.473.2024.01.26.21.17.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 21:17:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-41071-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@illinois.edu header.s=campusrelays header.b=K23S8VkV; arc=pass (i=1 spf=pass spfdomain=illinois.edu dkim=pass dkdomain=illinois.edu dmarc=pass fromdomain=illinois.edu); spf=pass (google.com: domain of linux-kernel+bounces-41071-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41071-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=illinois.edu Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 0420F1F24BC5 for ; Sat, 27 Jan 2024 05:17:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3E5BA14A8D; Sat, 27 Jan 2024 05:17:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=illinois.edu header.i=@illinois.edu header.b="K23S8VkV" Received: from mx0b-00007101.pphosted.com (mx0b-00007101.pphosted.com [148.163.139.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BCE5C7F; Sat, 27 Jan 2024 05:16:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.139.28 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706332621; cv=none; b=A3LQX9NADomKeEjvakIGt1PzX3MsgZyjvy3yKJwCyq2CuE3rqzEDjZP11yfy6j86njTXEQ5G0PQ5GKO6DJat+i+4reT+n6ewZoNx+ZYqyY/zJSHBkoy87VpZQm4+Bp+0h/YQAdvzh29+Z1bxSMip2on6aOep3Xqg6F9BT+gD88A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706332621; c=relaxed/simple; bh=2oy7FXJoc1dYh+Zik8b/XfAW1rAHXWBj27ZopQY1g/0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=EX2g2DFqCyc8nFLyG+LpUW8eGxR80J0DTSDHGn8HQZSpEGeNLMJvRAN6KqR8mhmOg4rVBa6juO4yfMXaAusH3yOvqEhBM8eIPGVlnzn0NFuvq3lqAA0peamKap3w4G/H4R/ByL5rjlWhE6WGwLRC3uv2sr4QNQa0esJ1eQzhr54= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=illinois.edu; spf=pass smtp.mailfrom=illinois.edu; dkim=pass (2048-bit key) header.d=illinois.edu header.i=@illinois.edu header.b=K23S8VkV; arc=none smtp.client-ip=148.163.139.28 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=illinois.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=illinois.edu Received: from pps.filterd (m0166258.ppops.net [127.0.0.1]) by mx0b-00007101.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 40R4DcXU003200; Sat, 27 Jan 2024 04:41:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=illinois.edu; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=campusrelays; bh=LfUQSwHCxqCuC+PAruuCClPENWlIgNi29wcXxn4Mv64=; b=K23S8VkVEdyFCCxuhO5+cp457qW1pUtxhAVhXYi8gPmbUu1xtMhyiN0TyUpQT3BiE1AF LFvsSi3FkWNDmQmvLobHEInf7UXmhbIe2jNj4gMNkIc6Z/5LcQxTrCmfdkeRER1vEpHs 3dTA2T0MDzs8GqAtNRkKkZ8UztimTaxNePA+kzDPny9nQgNZzPheMdGGce1Enc4Q4qKE 23fNmhSBR8HSWfFUrBtxW/BNu7VMDidRSzOizP7uc1e8bNu+pV5SJp02I3OoFHlyN25v /99odRmHw3OTJPQwc3j99/0VGRjVXUNhhF1TzNkrvH6jQ5Ro0psHpW/rZwSBodYzo8rK ug== Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-00007101.pphosted.com (PPS) with ESMTPS id 3vvr6sgk2q-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 27 Jan 2024 04:41:43 +0000 Received: from m0166258.ppops.net (m0166258.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 40R4fZW9019561; Sat, 27 Jan 2024 04:41:43 GMT Received: from localhost.localdomain (oasis.cs.illinois.edu [130.126.137.13]) by mx0b-00007101.pphosted.com (PPS) with ESMTP id 3vvr6sgk26-2; Sat, 27 Jan 2024 04:41:43 +0000 From: Jinghao Jia To: "Masami Hiramatsu (Google)" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra Cc: linux-trace-kernel@vger.kernel.org, linux-kernel@vger.kernel.org, Jinghao Jia Subject: [RFC PATCH 1/2] x86/kprobes: Prohibit kprobing on INT and UD Date: Fri, 26 Jan 2024 22:41:23 -0600 Message-ID: <20240127044124.57594-2-jinghao7@illinois.edu> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240127044124.57594-1-jinghao7@illinois.edu> References: <20240127044124.57594-1-jinghao7@illinois.edu> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-GUID: 6AcGzVALhN6jMOtlsY4LV4ujrRjLfrRA X-Proofpoint-ORIG-GUID: ZskEOsMGNoEg_vC6oFkBJuWgxorMRFdc X-Spam-Details: rule=cautious_plus_nq_notspam policy=cautious_plus_nq score=0 impostorscore=0 spamscore=0 malwarescore=0 priorityscore=1501 clxscore=1015 mlxlogscore=789 phishscore=0 suspectscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2401270033 X-Spam-Score: 0 X-Spam-OrigSender: jinghao7@illinois.edu X-Spam-Bar: X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789219453983231434 X-GMAIL-MSGID: 1789219453983231434 Both INTs (INT n, INT1, INT3, INTO) and UDs (UD0, UD1, UD2) serve special purposes in the kernel, e.g., INT3 is used by KGDB and UD2 is involved in LLVM-KCFI instrumentation. At the same time, attaching kprobes on these instructions (particularly UDs) will pollute the stack trace dumped in the kernel ring buffer, since the exception is triggered in the copy buffer rather than the original location. Check for INTs and UDs in can_probe and reject any kprobes trying to attach to these instructions. Suggested-by: Masami Hiramatsu (Google) Signed-off-by: Jinghao Jia --- arch/x86/kernel/kprobes/core.c | 33 ++++++++++++++++++++++++++------- 1 file changed, 26 insertions(+), 7 deletions(-) diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c index e8babebad7b8..792b38d22126 100644 --- a/arch/x86/kernel/kprobes/core.c +++ b/arch/x86/kernel/kprobes/core.c @@ -252,6 +252,22 @@ unsigned long recover_probed_instruction(kprobe_opcode_t *buf, unsigned long add return __recover_probed_insn(buf, addr); } +static inline int is_exception_insn(struct insn *insn) +{ + if (insn->opcode.bytes[0] == 0x0f) { + /* UD0 / UD1 / UD2 */ + return insn->opcode.bytes[1] == 0xff || + insn->opcode.bytes[1] == 0xb9 || + insn->opcode.bytes[1] == 0x0b; + } else { + /* INT3 / INT n / INTO / INT1 */ + return insn->opcode.bytes[0] == 0xcc || + insn->opcode.bytes[0] == 0xcd || + insn->opcode.bytes[0] == 0xce || + insn->opcode.bytes[0] == 0xf1; + } +} + /* Check if paddr is at an instruction boundary */ static int can_probe(unsigned long paddr) { @@ -294,6 +310,16 @@ static int can_probe(unsigned long paddr) #endif addr += insn.length; } + __addr = recover_probed_instruction(buf, addr); + if (!__addr) + return 0; + + if (insn_decode_kernel(&insn, (void *)__addr) < 0) + return 0; + + if (is_exception_insn(&insn)) + return 0; + if (IS_ENABLED(CONFIG_CFI_CLANG)) { /* * The compiler generates the following instruction sequence @@ -308,13 +334,6 @@ static int can_probe(unsigned long paddr) * Also, these movl and addl are used for showing expected * type. So those must not be touched. */ - __addr = recover_probed_instruction(buf, addr); - if (!__addr) - return 0; - - if (insn_decode_kernel(&insn, (void *)__addr) < 0) - return 0; - if (insn.opcode.value == 0xBA) offset = 12; else if (insn.opcode.value == 0x3) From patchwork Sat Jan 27 04:41:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jinghao Jia X-Patchwork-Id: 192964 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp325343dyb; Fri, 26 Jan 2024 21:31:46 -0800 (PST) X-Google-Smtp-Source: AGHT+IHzGu9GXrcMkvDy4StW4Sc4UKwpptwROtwNoJFNxQhjEv6T5aSD242lp7Ws1eK3leWctj4l X-Received: by 2002:a05:620a:22a5:b0:783:a93d:f97d with SMTP id p5-20020a05620a22a500b00783a93df97dmr977919qkh.146.1706333506072; Fri, 26 Jan 2024 21:31:46 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706333506; cv=pass; d=google.com; s=arc-20160816; b=sJF7sg5C6unvt89T5RtQ+M7u6HVsica4jrXAmXK3i2bZILb+mGfjEwR6xHQA1YcqI8 CIeuHSurBGAw+mE9Y6E8T+IH27a2DP00+VtJZ43g7KLQIqwJpGyjVzNrsE6aMci0QTLO br/XUGmleV26kRNE7lqGySfVjT/MX4FQwNUo3WMQ4dujTK44RXGVLQV0QNMfPLjFwDeY +owDx4hCQ+Tq1cgcrd9Y09bWVJMirhhF0LoxcVKHTNQvjnLzwWJ/UkqBmUYEA/bSFyxH XeJQM+FnvMXvFWhrP2CjjFM00yhQrIGkJThKPWDEEOmICJ2+HuMPFpa4MKt7wlb19+eu PttQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=zanHTTHL7xpzc2N9psUavdOTb7nP0R5LEXpPiANsROQ=; fh=ihYqxaSOeWkOf/TXzhQINhK9J+TBcUU0y3bPV7PZkzo=; b=xVLeZqDtZCeIjehuH05RxpFriYTmk7BxKHFwAsAf8wLqDbsiJwzJJe1Or882HbL1q7 TQG9pIasfrO6NAgzQcwVYIdKKcyTSIqDhqx1BYfXer7VCeocgWIMDb05YS/y+13BMcho keivp1qknLoyfA9NP9+364PUFJT8PPk7wXGcqzMCwB0d3j3Tyu3+XJKRbnuuUcV8ahzt SAmBehoUMviPr1FTYuNTeRkR0gK23hGOxbgloWtIwJBuiwI0HHSc/zwqrNbKnYfV3iY4 hWTxpQtR2lubbuPxYLWtaNH58Ke9arWVSTnOGB0iJr5tOPWNRmJoH4yRBRixTLCQu9xX +WSg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@illinois.edu header.s=campusrelays header.b=A4xfiP5M; arc=pass (i=1 spf=pass spfdomain=illinois.edu dkim=pass dkdomain=illinois.edu dmarc=pass fromdomain=illinois.edu); spf=pass (google.com: domain of linux-kernel+bounces-41073-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41073-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=illinois.edu Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id br44-20020a05620a462c00b00783e07431fbsi1503681qkb.421.2024.01.26.21.31.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 21:31:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-41073-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@illinois.edu header.s=campusrelays header.b=A4xfiP5M; arc=pass (i=1 spf=pass spfdomain=illinois.edu dkim=pass dkdomain=illinois.edu dmarc=pass fromdomain=illinois.edu); spf=pass (google.com: domain of linux-kernel+bounces-41073-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41073-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=illinois.edu Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id B07E21C21D8F for ; Sat, 27 Jan 2024 05:31:45 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 384AB14AB0; Sat, 27 Jan 2024 05:31:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=illinois.edu header.i=@illinois.edu header.b="A4xfiP5M" Received: from mx0b-00007101.pphosted.com (mx0b-00007101.pphosted.com [148.163.139.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 48AF213FF6; Sat, 27 Jan 2024 05:31:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.139.28 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706333491; cv=none; b=YyNN2MAO7Ai3LHu5aB4oZUZOpMUlSuSEoItIhOmjMXzdwdh6nlGt5misGV7iiryQvyVUR1SnqiltuWmnpl+kna/oq7DdNyxiZyu9pv8DFHsRD20ubT4LKZYKlyJqq5PsRTapSLVbf/x9km9rDOrzaNcLMfwewUC4zqL8LkG5Eic= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706333491; c=relaxed/simple; bh=stu1F0JfOCHjg7AgZJrbtdkqx432uMQgP9mHUw9Mn38=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=dhgS4V1nFYH61gT/bynmVJC09R/RaaqabLI3dlH8if0/YE1In9mdFY0Pk0zS4uOrf6mwZRP4QM5dlxSwLV4MEkCmJP65nO+Ls+kUagxq5flqbQeChhKci3N+Zw5Teaegr5lfF4at65NU/XELLGa5ymsxFxV7B9nqlZGlpZfL8Sk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=illinois.edu; spf=pass smtp.mailfrom=illinois.edu; dkim=pass (2048-bit key) header.d=illinois.edu header.i=@illinois.edu header.b=A4xfiP5M; arc=none smtp.client-ip=148.163.139.28 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=illinois.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=illinois.edu Received: from pps.filterd (m0166258.ppops.net [127.0.0.1]) by mx0b-00007101.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 40R4S5C0030863; Sat, 27 Jan 2024 04:41:45 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=illinois.edu; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=campusrelays; bh=zanHTTHL7xpzc2N9psUavdOTb7nP0R5LEXpPiANsROQ=; b=A4xfiP5ML8jgQBTuSyngHnwxZe0/tV4ghsLfdXdT5z7Z/jnOdJAcnMaY3lBhhGSvpzL2 ybtx+ji+mmBn6AB/puGsdtmCgbEiiMqaXcBI7HiEIqX8W/CVzwfZUFBXcLSInN+Qb+1G +y/wApMchHajjh2PViU+PEWA9oM8onfVhlDDN0S0ocwIOYkTKam/l8nlWwvJ1IkjsN/k 2EANpWjpWIxSm2tb2cH44vvT1kuhA208aurMv09wZr4oQD+Fq2g+09+0w2zR4cxpuYdL qF/UtCUaNtl7sczqKi3iM/oTK9Nc6QWsEUfdcxVr3dJn+DaDQv4ePqjZb064ivM8o3sH SA== Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-00007101.pphosted.com (PPS) with ESMTPS id 3vvr6sgk2s-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 27 Jan 2024 04:41:44 +0000 Received: from m0166258.ppops.net (m0166258.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 40R4fZWB019561; Sat, 27 Jan 2024 04:41:44 GMT Received: from localhost.localdomain (oasis.cs.illinois.edu [130.126.137.13]) by mx0b-00007101.pphosted.com (PPS) with ESMTP id 3vvr6sgk26-3; Sat, 27 Jan 2024 04:41:44 +0000 From: Jinghao Jia To: "Masami Hiramatsu (Google)" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra Cc: linux-trace-kernel@vger.kernel.org, linux-kernel@vger.kernel.org, Jinghao Jia Subject: [RFC PATCH 2/2] x86/kprobes: boost more instructions from grp2/3/4/5 Date: Fri, 26 Jan 2024 22:41:24 -0600 Message-ID: <20240127044124.57594-3-jinghao7@illinois.edu> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240127044124.57594-1-jinghao7@illinois.edu> References: <20240127044124.57594-1-jinghao7@illinois.edu> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-GUID: to-4KoCvOCZefqxN8lWquI0J_-KXG8Ug X-Proofpoint-ORIG-GUID: F63QRDlgMhTLTfrSvjsA8EYkXX_AWl5d X-Spam-Details: rule=cautious_plus_nq_notspam policy=cautious_plus_nq score=0 impostorscore=0 spamscore=0 malwarescore=0 priorityscore=1501 clxscore=1015 mlxlogscore=773 phishscore=0 suspectscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2401270033 X-Spam-Score: 0 X-Spam-OrigSender: jinghao7@illinois.edu X-Spam-Bar: X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789220362646018236 X-GMAIL-MSGID: 1789220362646018236 With the instruction decoder, we are now able to decode and recognize instructions with opcode extensions. There are more instructions in these groups that can be boosted: Group 2: ROL, ROR, RCL, RCR, SHL/SAL, SHR, SAR Group 3: TEST, NOT, NEG, MUL, IMUL, DIV, IDIV Group 4: INC, DEC (byte operation) Group 5: INC, DEC (word/doubleword/quadword operation) These instructions are not boosted previously because there are reserved opcodes within the groups, e.g., group 2 with ModR/M.nnn == 110 is unmapped. As a result, kprobes attached to them requires two int3 traps as being non-boostable also prevents jump-optimization. Some simple tests on QEMU show that after boosting and jump-optimization a single kprobe on these instructions with an empty pre-handler runs 10x faster (~1000 cycles vs. ~100 cycles). Since these instructions are mostly ALU operations and do not touch special registers like RIP, let's boost them so that we get the performance benefit. Signed-off-by: Jinghao Jia Reviewed-by: Masami Hiramatsu (Google) --- arch/x86/kernel/kprobes/core.c | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c index 792b38d22126..f847bd9cc91b 100644 --- a/arch/x86/kernel/kprobes/core.c +++ b/arch/x86/kernel/kprobes/core.c @@ -169,22 +169,31 @@ int can_boost(struct insn *insn, void *addr) case 0x62: /* bound */ case 0x70 ... 0x7f: /* Conditional jumps */ case 0x9a: /* Call far */ - case 0xc0 ... 0xc1: /* Grp2 */ case 0xcc ... 0xce: /* software exceptions */ - case 0xd0 ... 0xd3: /* Grp2 */ case 0xd6: /* (UD) */ case 0xd8 ... 0xdf: /* ESC */ case 0xe0 ... 0xe3: /* LOOP*, JCXZ */ case 0xe8 ... 0xe9: /* near Call, JMP */ case 0xeb: /* Short JMP */ case 0xf0 ... 0xf4: /* LOCK/REP, HLT */ - case 0xf6 ... 0xf7: /* Grp3 */ - case 0xfe: /* Grp4 */ /* ... are not boostable */ return 0; + case 0xc0 ... 0xc1: /* Grp2 */ + case 0xd0 ... 0xd3: /* Grp2 */ + /* ModR/M nnn == 110 is reserved */ + return X86_MODRM_REG(insn->modrm.bytes[0]) != 6; + case 0xf6 ... 0xf7: /* Grp3 */ + /* ModR/M nnn == 001 is reserved */ + return X86_MODRM_REG(insn->modrm.bytes[0]) != 1; + case 0xfe: /* Grp4 */ + /* Only inc and dec are boostable */ + return X86_MODRM_REG(insn->modrm.bytes[0]) == 0 || + X86_MODRM_REG(insn->modrm.bytes[0]) == 1; case 0xff: /* Grp5 */ - /* Only indirect jmp is boostable */ - return X86_MODRM_REG(insn->modrm.bytes[0]) == 4; + /* Only inc, dec, and indirect jmp are boostable */ + return X86_MODRM_REG(insn->modrm.bytes[0]) == 0 || + X86_MODRM_REG(insn->modrm.bytes[0]) == 1 || + X86_MODRM_REG(insn->modrm.bytes[0]) == 4; default: return 1; }