From nobody Mon Nov 25 18:38:39 2024 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 05C0F19993F; Fri, 25 Oct 2024 08:02:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729843333; cv=none; b=fc8ZKIHZnZ/g72Xatibaro2P2yd8h62XVPyXdOwq7il9wwfvZdN8RUrC7peymn1JmJK41azndVQTN8iNU3EsDnU88vci28D7dujynrwnhfit5lJRBTFkuKKKQvyUpQy4y9goZyKfrESCZcMpSRqV1pIieintw5H0mR+ZZOUfLgo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729843333; c=relaxed/simple; bh=y73+Xg5ml7JyMYXIPjANukuZ9iSry1NgBEW1MBL286s=; h=Date:From:To:Subject:Cc:In-Reply-To:References:MIME-Version: Message-ID:Content-Type; b=RyxjWIIMq1LTy9q8LPidJyOtmG3sAlJE1+IZ5jvliFFJJRTEQWuS9M4YEkZaMdGeulSWIxFU09PCEZ1unJVkHIl42qWDwhJHOg1ToKOHIQBI94DjnASSl2X0GJIk5taEq4RK0atloFyo2ABfGvNRi6KWh06HhkdbVeQ7h9jN+NU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=XE7qdKQj; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=hbJ+YNnM; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="XE7qdKQj"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="hbJ+YNnM" Date: Fri, 25 Oct 2024 08:02:08 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1729843329; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=tubrfHUNGZj1k9uNTDBraHQs1gAplDDvGKvrBuqczdk=; b=XE7qdKQj83M1O28//UwEo3xbMawVW+/IWbXmUwSTzNymiOByGTPjvzdurNs9lAHHz46Kc1 LcBemIfbYku6+bSCWw0frSlKQFjqMeKf7pcTC9CACywttqKfaLWQ+NZwhCkMnGVO1gfdqm l6FFG/1L1ihTUj9WUxD39cxBlRn7hbjqX+XwGK3pvrP5dBgeu7IYF+WQtC7bm0aWDFCCBY 3T8ZZkkViTSfp8gu6nk4g5wHwTqdWvZzjlzhIBNsphNRsmpAffmyTbnfnrd0j1IwSK2FDk SCe0UhFbHTpafzRmcdhmFwdNRiINYYWnEdLSjkuZcWKCrLsFcGv8o2ybpiik0g== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1729843329; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=tubrfHUNGZj1k9uNTDBraHQs1gAplDDvGKvrBuqczdk=; b=hbJ+YNnMt+q7Ut/pzxB+yPvL17uK69a8MzUPxjUW/gFBYgPtnHEWjcNQ3Ev37oGY3vC6uv Dpur7jgENvgCBrBA== From: "tip-bot2 for Jiri Olsa" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: perf/core] uprobe: Add support for session consumer Cc: Oleg Nesterov , Jiri Olsa , "Peter Zijlstra (Intel)" , Andrii Nakryiko , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20241018202252.693462-3-jolsa@kernel.org> References: <20241018202252.693462-3-jolsa@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-ID: <172984332808.1442.15585333840318648012.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Precedence: bulk Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable The following commit has been merged into the perf/core branch of tip: Commit-ID: 4d756095d3994cb41393817dc696b458938a6bd0 Gitweb: https://git.kernel.org/tip/4d756095d3994cb41393817dc696b4589= 38a6bd0 Author: Jiri Olsa AuthorDate: Fri, 18 Oct 2024 22:22:52 +02:00 Committer: Peter Zijlstra CommitterDate: Wed, 23 Oct 2024 20:52:27 +02:00 uprobe: Add support for session consumer This change allows the uprobe consumer to behave as session which means that 'handler' and 'ret_handler' callbacks are connected in a way that allows to: - control execution of 'ret_handler' from 'handler' callback - share data between 'handler' and 'ret_handler' callbacks The session concept fits to our common use case where we do filtering on entry uprobe and based on the result we decide to run the return uprobe (or not). It's also convenient to share the data between session callbacks. To achive this we are adding new return value the uprobe consumer can return from 'handler' callback: UPROBE_HANDLER_IGNORE - Ignore 'ret_handler' callback for this consumer. And store cookie and pass it to 'ret_handler' when consumer has both 'handler' and 'ret_handler' callbacks defined. We store shared data in the return_consumer object array as part of the return_instance object. This way the handle_uretprobe_chain can find related return_consumer and its shared data. We also store entry handler return value, for cases when there are multiple consumers on single uprobe and some of them are ignored and some of them not, in which case the return probe gets installed and we need to have a way to find out which consumer needs to be ignored. The tricky part is when consumer is registered 'after' the uprobe entry handler is hit. In such case this consumer's 'ret_handler' gets executed as well, but it won't have the proper data pointer set, so we can filter it out. Suggested-by: Oleg Nesterov Signed-off-by: Jiri Olsa Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Oleg Nesterov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20241018202252.693462-3-jolsa@kernel.org --- include/linux/uprobes.h | 21 +++++- kernel/events/uprobes.c | 148 +++++++++++++++++++++++++++++++-------- 2 files changed, 139 insertions(+), 30 deletions(-) diff --git a/include/linux/uprobes.h b/include/linux/uprobes.h index bb265a6..dbaf041 100644 --- a/include/linux/uprobes.h +++ b/include/linux/uprobes.h @@ -23,8 +23,17 @@ struct inode; struct notifier_block; struct page; =20 +/* + * Allowed return values from uprobe consumer's handler callback + * with following meaning: + * + * UPROBE_HANDLER_REMOVE + * - Remove the uprobe breakpoint from current->mm. + * UPROBE_HANDLER_IGNORE + * - Ignore ret_handler callback for this consumer. + */ #define UPROBE_HANDLER_REMOVE 1 -#define UPROBE_HANDLER_MASK 1 +#define UPROBE_HANDLER_IGNORE 2 =20 #define MAX_URETPROBE_DEPTH 64 =20 @@ -44,6 +53,8 @@ struct uprobe_consumer { bool (*filter)(struct uprobe_consumer *self, struct mm_struct *mm); =20 struct list_head cons_node; + + __u64 id; /* set when uprobe_consumer is registered */ }; =20 #ifdef CONFIG_UPROBES @@ -83,14 +94,22 @@ struct uprobe_task { unsigned int depth; }; =20 +struct return_consumer { + __u64 cookie; + __u64 id; +}; + struct return_instance { struct uprobe *uprobe; unsigned long func; unsigned long stack; /* stack pointer */ unsigned long orig_ret_vaddr; /* original return address */ bool chained; /* true, if instance is nested */ + int consumers_cnt; =20 struct return_instance *next; /* keep as stack */ + + struct return_consumer consumers[] __counted_by(consumers_cnt); }; =20 enum rp_check { diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index 6b44c38..4ef4b51 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -64,7 +64,7 @@ struct uprobe { struct rcu_head rcu; loff_t offset; loff_t ref_ctr_offset; - unsigned long flags; + unsigned long flags; /* "unsigned long" so bitops work */ =20 /* * The generic code assumes that it has two members of unknown type @@ -823,8 +823,11 @@ static struct uprobe *alloc_uprobe(struct inode *inode= , loff_t offset, =20 static void consumer_add(struct uprobe *uprobe, struct uprobe_consumer *uc) { + static atomic64_t id; + down_write(&uprobe->consumer_rwsem); list_add_rcu(&uc->cons_node, &uprobe->consumers); + uc->id =3D (__u64) atomic64_inc_return(&id); up_write(&uprobe->consumer_rwsem); } =20 @@ -1761,6 +1764,34 @@ static struct uprobe_task *get_utask(void) return current->utask; } =20 +static size_t ri_size(int consumers_cnt) +{ + struct return_instance *ri; + + return sizeof(*ri) + sizeof(ri->consumers[0]) * consumers_cnt; +} + +#define DEF_CNT 4 + +static struct return_instance *alloc_return_instance(void) +{ + struct return_instance *ri; + + ri =3D kzalloc(ri_size(DEF_CNT), GFP_KERNEL); + if (!ri) + return ZERO_SIZE_PTR; + + ri->consumers_cnt =3D DEF_CNT; + return ri; +} + +static struct return_instance *dup_return_instance(struct return_instance = *old) +{ + size_t size =3D ri_size(old->consumers_cnt); + + return kmemdup(old, size, GFP_KERNEL); +} + static int dup_utask(struct task_struct *t, struct uprobe_task *o_utask) { struct uprobe_task *n_utask; @@ -1773,11 +1804,10 @@ static int dup_utask(struct task_struct *t, struct = uprobe_task *o_utask) =20 p =3D &n_utask->return_instances; for (o =3D o_utask->return_instances; o; o =3D o->next) { - n =3D kmalloc(sizeof(struct return_instance), GFP_KERNEL); + n =3D dup_return_instance(o); if (!n) return -ENOMEM; =20 - *n =3D *o; /* * uprobe's refcnt has to be positive at this point, kept by * utask->return_instances items; return_instances can't be @@ -1870,35 +1900,31 @@ static void cleanup_return_instances(struct uprobe_= task *utask, bool chained, utask->return_instances =3D ri; } =20 -static void prepare_uretprobe(struct uprobe *uprobe, struct pt_regs *regs) +static void prepare_uretprobe(struct uprobe *uprobe, struct pt_regs *regs, + struct return_instance *ri) { struct uprobe_task *utask =3D current->utask; unsigned long orig_ret_vaddr, trampoline_vaddr; - struct return_instance *ri; bool chained; =20 if (!get_xol_area()) - return; + goto free; =20 if (utask->depth >=3D MAX_URETPROBE_DEPTH) { printk_ratelimited(KERN_INFO "uprobe: omit uretprobe due to" " nestedness limit pid/tgid=3D%d/%d\n", current->pid, current->tgid); - return; + goto free; } =20 /* we need to bump refcount to store uprobe in utask */ if (!try_get_uprobe(uprobe)) - return; - - ri =3D kmalloc(sizeof(struct return_instance), GFP_KERNEL); - if (!ri) - goto fail; + goto free; =20 trampoline_vaddr =3D uprobe_get_trampoline_vaddr(); orig_ret_vaddr =3D arch_uretprobe_hijack_return_addr(trampoline_vaddr, re= gs); if (orig_ret_vaddr =3D=3D -1) - goto fail; + goto put; =20 /* drop the entries invalidated by longjmp() */ chained =3D (orig_ret_vaddr =3D=3D trampoline_vaddr); @@ -1916,7 +1942,7 @@ static void prepare_uretprobe(struct uprobe *uprobe, = struct pt_regs *regs) * attack from user-space. */ uprobe_warn(current, "handle tail call"); - goto fail; + goto put; } orig_ret_vaddr =3D utask->return_instances->orig_ret_vaddr; } @@ -1931,9 +1957,10 @@ static void prepare_uretprobe(struct uprobe *uprobe,= struct pt_regs *regs) utask->return_instances =3D ri; =20 return; -fail: - kfree(ri); +put: put_uprobe(uprobe); +free: + kfree(ri); } =20 /* Prepare to single-step probed instruction out of line. */ @@ -2077,34 +2104,90 @@ static struct uprobe *find_active_uprobe_rcu(unsign= ed long bp_vaddr, int *is_swb return uprobe; } =20 +static struct return_instance* +push_consumer(struct return_instance *ri, int idx, __u64 id, __u64 cookie) +{ + if (unlikely(ri =3D=3D ZERO_SIZE_PTR)) + return ri; + + if (unlikely(idx >=3D ri->consumers_cnt)) { + struct return_instance *old_ri =3D ri; + + ri->consumers_cnt +=3D DEF_CNT; + ri =3D krealloc(old_ri, ri_size(old_ri->consumers_cnt), GFP_KERNEL); + if (!ri) { + kfree(old_ri); + return ZERO_SIZE_PTR; + } + } + + ri->consumers[idx].id =3D id; + ri->consumers[idx].cookie =3D cookie; + return ri; +} + +static struct return_consumer * +return_consumer_find(struct return_instance *ri, int *iter, int id) +{ + struct return_consumer *ric; + int idx =3D *iter; + + for (ric =3D &ri->consumers[idx]; idx < ri->consumers_cnt; idx++, ric++) { + if (ric->id =3D=3D id) { + *iter =3D idx + 1; + return ric; + } + } + return NULL; +} + +static bool ignore_ret_handler(int rc) +{ + return rc =3D=3D UPROBE_HANDLER_REMOVE || rc =3D=3D UPROBE_HANDLER_IGNORE; +} + static void handler_chain(struct uprobe *uprobe, struct pt_regs *regs) { struct uprobe_consumer *uc; - int remove =3D UPROBE_HANDLER_REMOVE; - bool need_prep =3D false; /* prepare return uprobe, when needed */ - bool has_consumers =3D false; + bool has_consumers =3D false, remove =3D true; + struct return_instance *ri =3D NULL; + int push_idx =3D 0; =20 current->utask->auprobe =3D &uprobe->arch; =20 list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_= trace_held()) { + bool session =3D uc->handler && uc->ret_handler; + __u64 cookie =3D 0; int rc =3D 0; =20 if (uc->handler) { - rc =3D uc->handler(uc, regs, NULL); - WARN(rc & ~UPROBE_HANDLER_MASK, + rc =3D uc->handler(uc, regs, &cookie); + WARN(rc < 0 || rc > 2, "bad rc=3D0x%x from %ps()\n", rc, uc->handler); } =20 - if (uc->ret_handler) - need_prep =3D true; - - remove &=3D rc; + remove &=3D rc =3D=3D UPROBE_HANDLER_REMOVE; has_consumers =3D true; + + if (!uc->ret_handler || ignore_ret_handler(rc)) + continue; + + if (!ri) + ri =3D alloc_return_instance(); + + if (session) + ri =3D push_consumer(ri, push_idx++, uc->id, cookie); } current->utask->auprobe =3D NULL; =20 - if (need_prep && !remove) - prepare_uretprobe(uprobe, regs); /* put bp at return */ + if (!ZERO_OR_NULL_PTR(ri)) { + /* + * The push_idx value has the final number of return consumers, + * and ri->consumers_cnt has number of allocated consumers. + */ + ri->consumers_cnt =3D push_idx; + prepare_uretprobe(uprobe, regs, ri); + } =20 if (remove && has_consumers) { down_read(&uprobe->register_rwsem); @@ -2123,12 +2206,19 @@ static void handle_uretprobe_chain(struct return_instance *ri, struct pt_regs *regs) { struct uprobe *uprobe =3D ri->uprobe; + struct return_consumer *ric; struct uprobe_consumer *uc; + int ric_idx =3D 0; =20 rcu_read_lock_trace(); list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_= trace_held()) { - if (uc->ret_handler) - uc->ret_handler(uc, ri->func, regs, NULL); + bool session =3D uc->handler && uc->ret_handler; + + if (uc->ret_handler) { + ric =3D return_consumer_find(ri, &ric_idx, uc->id); + if (!session || ric) + uc->ret_handler(uc, ri->func, regs, ric ? &ric->cookie : NULL); + } } rcu_read_unlock_trace(); }