From: "Madhavan T. Venkataraman"
Reliable stacktracing requires that we identify when a stacktrace is
terminated early. We can do this by ensuring all tasks have a final
frame record at a known location on their task stack, and checking
that this is the final frame record in the chain.
Kernel Ta
From: "Madhavan T. Venkataraman"
Reliable stacktracing requires that we identify when a stacktrace is
terminated early. We can do this by ensuring all tasks have a final
frame record at a known location on their task stack, and checking
that this is the final frame record in the chain.
All tasks
From: "Madhavan T. Venkataraman"
When a kretprobe is active for a function, the function's return address
in its stack frame is modified to point to the kretprobe trampoline. When
the function returns, the frame is popped and control is transferred
to the trampoline. The trampoline eventually ret
From: "Madhavan T. Venkataraman"
When CONFIG_DYNAMIC_FTRACE_WITH_REGS is enabled and tracing is activated
for a function, the ftrace infrastructure is called for the function at
the very beginning. Ftrace creates two frames:
- One for the traced function
- One for the caller of
From: "Madhavan T. Venkataraman"
EL1 exceptions can happen on any instruction including instructions in
the frame pointer prolog or epilog. Depending on where exactly they happen,
they could render the stack trace unreliable.
If an EL1 exception frame is found on the stack, mark the stack trace
From: "Madhavan T. Venkataraman"
Implement a check_reliability() function that will contain checks for the
presence of various features and conditions that can render the stack trace
unreliable.
Introduce the first reliability check - If a return PC encountered in a
stack trace is not a valid ke
From: "Madhavan T. Venkataraman"
There are a number of places in kernel code where the stack trace is not
reliable. Enhance the unwinder to check for those cases and mark the
stack trace as unreliable. Once all of the checks are in place, the unwinder
can provide a reliable stack trace. But befor
From: "Madhavan T. Venkataraman"
Reliable stacktracing requires that we identify when a stacktrace is
terminated early. We can do this by ensuring all tasks have a final
frame record at a known location on their task stack, and checking
that this is the final frame record in the chain.
Kernel Ta
From: "Madhavan T. Venkataraman"
Reliable stacktracing requires that we identify when a stacktrace is
terminated early. We can do this by ensuring all tasks have a final
frame record at a known location on their task stack, and checking
that this is the final frame record in the chain.
All tasks
From: "Madhavan T. Venkataraman"
When a kretprobe is active for a function, the function's return address
in its stack frame is modified to point to the kretprobe trampoline. When
the function returns, the frame is popped and control is transferred
to the trampoline. The trampoline eventually ret
From: "Madhavan T. Venkataraman"
EL1 exceptions can happen on any instruction including instructions in
the frame pointer prolog or epilog. Depending on where exactly they happen,
they could render the stack trace unreliable.
If an EL1 exception frame is found on the stack, mark the stack trace
From: "Madhavan T. Venkataraman"
When CONFIG_DYNAMIC_FTRACE_WITH_REGS is enabled and tracing is activated
for a function, the ftrace infrastructure is called for the function at
the very beginning. Ftrace creates two frames:
- One for the traced function
- One for the caller of
From: "Madhavan T. Venkataraman"
Implement a check_reliability() function that will contain checks for the
presence of various features and conditions that can render the stack trace
unreliable.
Introduce the first reliability check - If a return PC encountered in a
stack trace is not a valid ke
From: "Madhavan T. Venkataraman"
There are a number of places in kernel code where the stack trace is not
reliable. Enhance the unwinder to check for those cases and mark the
stack trace as unreliable. Once all of the checks are in place, the unwinder
can be used for livepatching.
Except for the
From: "Madhavan T. Venkataraman"
The unwinder needs to be able to reliably tell when it has reached the end
of a stack trace. One way to do this is to have the last stack frame at a
fixed offset from the base of the task stack. When the unwinder reaches
that offset, it knows it is done.
All task
From: "Madhavan T. Venkataraman"
The unwinder needs to be able to reliably tell when it has reached the end
of a stack trace. One way to do this is to have the last stack frame at a
fixed offset from the base of the task stack. When the unwinder reaches
that offset, it knows it is done.
Kernel T
From: "Madhavan T. Venkataraman"
When a kretprobe is active for a function, the function's return address
in its stack frame is modified to point to the kretprobe trampoline. When
the function returns, the frame is popped and control is transferred
to the trampoline. The trampoline eventually ret
From: "Madhavan T. Venkataraman"
unwind_frame() already sets the reliable flag in the stack frame during
a stack walk to indicate whether the stack trace is reliable or not.
Implement arch_stack_walk_reliable() like arch_stack_walk() but abort
the stack walk as soon as the reliable flag is set t
From: "Madhavan T. Venkataraman"
If a function encountered in a stack trace is not a valid kernel text
address, the stack trace is considered unreliable. Mark the stack trace
as not reliable.
Signed-off-by: Madhavan T. Venkataraman
---
arch/arm64/kernel/stacktrace.c | 10 ++
1 file cha
From: "Madhavan T. Venkataraman"
EL1 exceptions can happen on any instruction including instructions in
the frame pointer prolog or epilog. Depending on where exactly they happen,
they could render the stack trace unreliable.
If an EL1 exception frame is found on the stack, mark the stack trace
From: "Madhavan T. Venkataraman"
Implement the following checks in the unwinder to detect the terminating
frame reliably:
- The frame must end in task_pt_regs(task)->stackframe.
- The frame type must be either TASK_FRAME or EL0_FRAME.
Signed-off-by: Madhavan T. Venkataraman
--
From: "Madhavan T. Venkataraman"
Apart from the task pt_regs, pt_regs is also created on the stack for other
other cases:
- EL1 exception. A pt_regs is created on the stack to save register
state. In addition, pt_regs->stackframe is set up for the
interrupted kernel f
From: "Madhavan T. Venkataraman"
When CONFIG_DYNAMIC_FTRACE_WITH_REGS is enabled and tracing is activated
for a function, the ftrace infrastructure is called for the function at
the very beginning. Ftrace creates two frames:
- One for the traced function
- One for the caller of
From: "Madhavan T. Venkataraman"
I have made an attempt to implement reliable stack trace for arm64 so
it can be used for livepatch. Below is the list of changes. I have
documented my understanding of the issues and solutions below as well
as in the patch descriptions and the code. Please let me
From: "Madhavan T. Venkataraman"
The unwinder needs to be able to reliably tell when it has reached the end
of a stack trace. One way to do this is to have the last stack frame at a
fixed offset from the base of the task stack. When the unwinder reaches
that offset, it knows it is done.
Kernel T
From: "Madhavan T. Venkataraman"
Unwinder changes
Termination
===
Currently, the unwinder terminates when both the FP (frame pointer)
and the PC (return address) of a frame are 0. But a frame could get
corrupted and zeroed. There
From: "Madhavan T. Venkataraman"
I have made an attempt to add some enhancements to the stack trace code
so it is a few steps closer to what is required for livepatch.
Unwinder changes
Termination
===
Currently, the unwinder terminates when both
From: "Madhavan T. Venkataraman"
- Define architecture specific register names
- Architecture specific functions for:
- system call init
- code descriptor check
- data descriptor check
- Fill a page with a trampoline table,
From: "Madhavan T. Venkataraman"
- Define architecture specific register names
- Architecture specific functions for:
- system call init
- code descriptor check
- data descriptor check
- Fill a page with a trampoline table fo
From: "Madhavan T. Venkataraman"
Introduction
Dynamic code is used in many different user applications. Dynamic code is
often generated at runtime. Dynamic code can also just be a pre-defined
sequence of machine instructions in a data buffer. Examples of dynamic
code are trampolines
n basis.
- In version 1, a trip to the kernel was required to execute the trampoline.
In version 2, that is not required. So, there are no performance
concerns in this approach.
libffi
==
I have implemented my solution for libffi and provided the changes for
X86 and ARM, 32-bit and 64-bit
From: "Madhavan T. Venkataraman"
- Define architecture specific register names
- Architecture specific functions for:
- system call init
- code descriptor check
- data descriptor check
- Fill a page with a trampoline table fo
From: "Madhavan T. Venkataraman"
Introduction
Dynamic code is used in many different user applications. Dynamic code is
often generated at runtime. Dynamic code can also just be a pre-defined
sequence of machine instructions in a data buffer. Examples of dynamic
code are trampolines
From: "Madhavan T. Venkataraman"
- Define architecture specific register names
- Architecture specific functions for:
- system call init
- code descriptor check
- data descriptor check
- Fill a page with a trampoline table fo
n basis.
- In version 1, a trip to the kernel was required to execute the trampoline.
In version 2, that is not required. So, there are no performance
concerns in this approach.
libffi
==
I have implemented my solution for libffi and provided the changes for
X86 and ARM, 32-bit and 64-bit
From: "Madhavan T. Venkataraman"
- Define architecture specific register names
- Architecture specific functions for:
- system call init
- code descriptor check
- data descriptor check
- Fill a page with a trampoline table fo
From: "Madhavan T. Venkataraman"
- Define architecture specific register names
- Architecture specific functions for:
- system call init
- code descriptor check
- data descriptor check
- Fill a page with a trampoline table,
From: "Madhavan T. Venkataraman"
Implement 32-bit ARM support for the trampoline file descriptor.
- Define architecture specific register names
- Handle the trampoline invocation page fault
- Setup the user register context on trampoline invocation
- Setup the use
From: "Madhavan T. Venkataraman"
There are many applications that use trampoline code. Trampoline code is
usually placed in a data page or a stack page. In order to execute a
trampoline, the page that contains the trampoline needs to have execute
permissions.
Writable pages with execute permissi
From: "Madhavan T. Venkataraman"
Implement 32-bit and 64-bit X86 support for the trampoline file descriptor.
- Define architecture specific register names
- Handle the trampoline invocation page fault
- Setup the user register context on trampoline invocation
- Se
rk.
- Trampolines can be shared across processes which can give rise to
interesting uses in the future.
- Trampfd can be used for other purposes to extend the kernel's
functionality.
libffi
--
I have implemented my solution for libffi and provided the changes for
X86 and ARM, 32-bit an
From: "Madhavan T. Venkataraman"
Implement 64-bit ARM support for the trampoline file descriptor.
- Define architecture specific register names
- Handle the trampoline invocation page fault
- Setup the user register context on trampoline invocation
- Setup the use
42 matches
Mail list logo
