diff options
| author | Steven Rostedt <srostedt@redhat.com> | 2008-11-25 09:39:18 -0500 |
|---|---|---|
| committer | Ingo Molnar <mingo@elte.hu> | 2008-11-28 08:07:50 -0500 |
| commit | d9af12b72bfe2a4efc1d347e0ac1c669b85dcea9 (patch) | |
| tree | 19e7d7ccc0c96d3bc29468bca03d8a98762d44c1 | |
| parent | c7b0d17366d6e04a11470fc8d85f9fbac02671b9 (diff) | |
powerpc: ftrace, fix cast aliasing and add code verification
Impact: clean up and robustness addition
This patch addresses the comments made by Paul Mackerras.
It removes the type casting between unsigned int and unsigned char
pointers, and replaces them with a use of all unsigned int.
Verification that the jump is indeed made to a trampoline has also
been added.
Signed-off-by: Steven Rostedt <srostedt@redhat.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
| -rw-r--r-- | arch/powerpc/kernel/ftrace.c | 121 |
1 files changed, 65 insertions, 56 deletions
diff --git a/arch/powerpc/kernel/ftrace.c b/arch/powerpc/kernel/ftrace.c index 3271cd698e4c..ea454a004406 100644 --- a/arch/powerpc/kernel/ftrace.c +++ b/arch/powerpc/kernel/ftrace.c | |||
| @@ -162,26 +162,25 @@ static int | |||
| 162 | __ftrace_make_nop(struct module *mod, | 162 | __ftrace_make_nop(struct module *mod, |
| 163 | struct dyn_ftrace *rec, unsigned long addr) | 163 | struct dyn_ftrace *rec, unsigned long addr) |
| 164 | { | 164 | { |
| 165 | unsigned char replaced[MCOUNT_INSN_SIZE * 2]; | 165 | unsigned int op; |
| 166 | unsigned int *op = (unsigned *)&replaced; | 166 | unsigned int jmp[5]; |
| 167 | unsigned char jmp[8]; | 167 | unsigned long ptr; |
| 168 | unsigned long *ptr = (unsigned long *)&jmp; | ||
| 169 | unsigned long ip = rec->ip; | 168 | unsigned long ip = rec->ip; |
| 170 | unsigned long tramp; | 169 | unsigned long tramp; |
| 171 | int offset; | 170 | int offset; |
| 172 | 171 | ||
| 173 | /* read where this goes */ | 172 | /* read where this goes */ |
| 174 | if (probe_kernel_read(replaced, (void *)ip, MCOUNT_INSN_SIZE)) | 173 | if (probe_kernel_read(&op, (void *)ip, sizeof(int))) |
| 175 | return -EFAULT; | 174 | return -EFAULT; |
| 176 | 175 | ||
| 177 | /* Make sure that that this is still a 24bit jump */ | 176 | /* Make sure that that this is still a 24bit jump */ |
| 178 | if (!is_bl_op(*op)) { | 177 | if (!is_bl_op(op)) { |
| 179 | printk(KERN_ERR "Not expected bl: opcode is %x\n", *op); | 178 | printk(KERN_ERR "Not expected bl: opcode is %x\n", op); |
| 180 | return -EINVAL; | 179 | return -EINVAL; |
| 181 | } | 180 | } |
| 182 | 181 | ||
| 183 | /* lets find where the pointer goes */ | 182 | /* lets find where the pointer goes */ |
| 184 | tramp = find_bl_target(ip, *op); | 183 | tramp = find_bl_target(ip, op); |
| 185 | 184 | ||
| 186 | /* | 185 | /* |
| 187 | * On PPC64 the trampoline looks like: | 186 | * On PPC64 the trampoline looks like: |
| @@ -200,19 +199,25 @@ __ftrace_make_nop(struct module *mod, | |||
| 200 | DEBUGP("ip:%lx jumps to %lx r2: %lx", ip, tramp, mod->arch.toc); | 199 | DEBUGP("ip:%lx jumps to %lx r2: %lx", ip, tramp, mod->arch.toc); |
| 201 | 200 | ||
| 202 | /* Find where the trampoline jumps to */ | 201 | /* Find where the trampoline jumps to */ |
| 203 | if (probe_kernel_read(jmp, (void *)tramp, 8)) { | 202 | if (probe_kernel_read(jmp, (void *)tramp, sizeof(jmp))) { |
| 204 | printk(KERN_ERR "Failed to read %lx\n", tramp); | 203 | printk(KERN_ERR "Failed to read %lx\n", tramp); |
| 205 | return -EFAULT; | 204 | return -EFAULT; |
| 206 | } | 205 | } |
| 207 | 206 | ||
| 208 | DEBUGP(" %08x %08x", | 207 | DEBUGP(" %08x %08x", jmp[0], jmp[1]); |
| 209 | (unsigned)(*ptr >> 32), | 208 | |
| 210 | (unsigned)*ptr); | 209 | /* verify that this is what we expect it to be */ |
| 210 | if (((jmp[0] & 0xffff0000) != 0x3d820000) || | ||
| 211 | ((jmp[1] & 0xffff0000) != 0x398c0000) || | ||
| 212 | (jmp[2] != 0xf8410028) || | ||
| 213 | (jmp[3] != 0xe96c0020) || | ||
| 214 | (jmp[4] != 0xe84c0028)) { | ||
| 215 | printk(KERN_ERR "Not a trampoline\n"); | ||
| 216 | return -EINVAL; | ||
| 217 | } | ||
| 211 | 218 | ||
| 212 | offset = (unsigned)jmp[2] << 24 | | 219 | offset = (unsigned)((unsigned short)jmp[0]) << 16 | |
| 213 | (unsigned)jmp[3] << 16 | | 220 | (unsigned)((unsigned short)jmp[1]); |
| 214 | (unsigned)jmp[6] << 8 | | ||
| 215 | (unsigned)jmp[7]; | ||
| 216 | 221 | ||
| 217 | DEBUGP(" %x ", offset); | 222 | DEBUGP(" %x ", offset); |
| 218 | 223 | ||
| @@ -225,13 +230,13 @@ __ftrace_make_nop(struct module *mod, | |||
| 225 | return -EFAULT; | 230 | return -EFAULT; |
| 226 | } | 231 | } |
| 227 | 232 | ||
| 228 | DEBUGP(" %08x %08x\n", | 233 | DEBUGP(" %08x %08x\n", jmp[0], jmp[1]); |
| 229 | (unsigned)(*ptr >> 32), | 234 | |
| 230 | (unsigned)*ptr); | 235 | ptr = ((unsigned long)jmp[0] << 32) + jmp[1]; |
| 231 | 236 | ||
| 232 | /* This should match what was called */ | 237 | /* This should match what was called */ |
| 233 | if (*ptr != GET_ADDR(addr)) { | 238 | if (ptr != GET_ADDR(addr)) { |
| 234 | printk(KERN_ERR "addr does not match %lx\n", *ptr); | 239 | printk(KERN_ERR "addr does not match %lx\n", ptr); |
| 235 | return -EINVAL; | 240 | return -EINVAL; |
| 236 | } | 241 | } |
| 237 | 242 | ||
| @@ -240,11 +245,11 @@ __ftrace_make_nop(struct module *mod, | |||
| 240 | * 0xe8, 0x41, 0x00, 0x28 ld r2,40(r1) | 245 | * 0xe8, 0x41, 0x00, 0x28 ld r2,40(r1) |
| 241 | * This needs to be turned to a nop too. | 246 | * This needs to be turned to a nop too. |
| 242 | */ | 247 | */ |
| 243 | if (probe_kernel_read(replaced, (void *)(ip+4), MCOUNT_INSN_SIZE)) | 248 | if (probe_kernel_read(&op, (void *)(ip+4), MCOUNT_INSN_SIZE)) |
| 244 | return -EFAULT; | 249 | return -EFAULT; |
| 245 | 250 | ||
| 246 | if (*op != 0xe8410028) { | 251 | if (op != 0xe8410028) { |
| 247 | printk(KERN_ERR "Next line is not ld! (%08x)\n", *op); | 252 | printk(KERN_ERR "Next line is not ld! (%08x)\n", op); |
| 248 | return -EINVAL; | 253 | return -EINVAL; |
| 249 | } | 254 | } |
| 250 | 255 | ||
| @@ -261,9 +266,9 @@ __ftrace_make_nop(struct module *mod, | |||
| 261 | * ld r2,40(r1) | 266 | * ld r2,40(r1) |
| 262 | * 1: | 267 | * 1: |
| 263 | */ | 268 | */ |
| 264 | op[0] = 0x48000008; /* b +8 */ | 269 | op = 0x48000008; /* b +8 */ |
| 265 | 270 | ||
| 266 | if (probe_kernel_write((void *)ip, replaced, MCOUNT_INSN_SIZE)) | 271 | if (probe_kernel_write((void *)ip, &op, MCOUNT_INSN_SIZE)) |
| 267 | return -EPERM; | 272 | return -EPERM; |
| 268 | 273 | ||
| 269 | return 0; | 274 | return 0; |
| @@ -274,46 +279,52 @@ static int | |||
| 274 | __ftrace_make_nop(struct module *mod, | 279 | __ftrace_make_nop(struct module *mod, |
| 275 | struct dyn_ftrace *rec, unsigned long addr) | 280 | struct dyn_ftrace *rec, unsigned long addr) |
| 276 | { | 281 | { |
| 277 | unsigned char replaced[MCOUNT_INSN_SIZE]; | 282 | unsigned int op; |
| 278 | unsigned int *op = (unsigned *)&replaced; | 283 | unsigned int jmp[4]; |
| 279 | unsigned char jmp[8]; | ||
| 280 | unsigned int *ptr = (unsigned int *)&jmp; | ||
| 281 | unsigned long ip = rec->ip; | 284 | unsigned long ip = rec->ip; |
| 282 | unsigned long tramp; | 285 | unsigned long tramp; |
| 283 | int offset; | ||
| 284 | 286 | ||
| 285 | if (probe_kernel_read(replaced, (void *)ip, MCOUNT_INSN_SIZE)) | 287 | if (probe_kernel_read(&op, (void *)ip, MCOUNT_INSN_SIZE)) |
| 286 | return -EFAULT; | 288 | return -EFAULT; |
| 287 | 289 | ||
| 288 | /* Make sure that that this is still a 24bit jump */ | 290 | /* Make sure that that this is still a 24bit jump */ |
| 289 | if (!is_bl_op(*op)) { | 291 | if (!is_bl_op(op)) { |
| 290 | printk(KERN_ERR "Not expected bl: opcode is %x\n", *op); | 292 | printk(KERN_ERR "Not expected bl: opcode is %x\n", op); |
| 291 | return -EINVAL; | 293 | return -EINVAL; |
| 292 | } | 294 | } |
| 293 | 295 | ||
| 294 | /* lets find where the pointer goes */ | 296 | /* lets find where the pointer goes */ |
| 295 | tramp = find_bl_target(ip, *op); | 297 | tramp = find_bl_target(ip, op); |
| 296 | 298 | ||
| 297 | /* | 299 | /* |
| 298 | * On PPC32 the trampoline looks like: | 300 | * On PPC32 the trampoline looks like: |
| 299 | * lis r11,sym@ha | 301 | * 0x3d, 0x60, 0x00, 0x00 lis r11,sym@ha |
| 300 | * addi r11,r11,sym@l | 302 | * 0x39, 0x6b, 0x00, 0x00 addi r11,r11,sym@l |
| 301 | * mtctr r11 | 303 | * 0x7d, 0x69, 0x03, 0xa6 mtctr r11 |
| 302 | * bctr | 304 | * 0x4e, 0x80, 0x04, 0x20 bctr |
| 303 | */ | 305 | */ |
| 304 | 306 | ||
| 305 | DEBUGP("ip:%lx jumps to %lx", ip, tramp); | 307 | DEBUGP("ip:%lx jumps to %lx", ip, tramp); |
| 306 | 308 | ||
| 307 | /* Find where the trampoline jumps to */ | 309 | /* Find where the trampoline jumps to */ |
| 308 | if (probe_kernel_read(jmp, (void *)tramp, 8)) { | 310 | if (probe_kernel_read(jmp, (void *)tramp, sizeof(jmp))) { |
| 309 | printk(KERN_ERR "Failed to read %lx\n", tramp); | 311 | printk(KERN_ERR "Failed to read %lx\n", tramp); |
| 310 | return -EFAULT; | 312 | return -EFAULT; |
| 311 | } | 313 | } |
| 312 | 314 | ||
| 313 | DEBUGP(" %08x %08x ", ptr[0], ptr[1]); | 315 | DEBUGP(" %08x %08x ", jmp[0], jmp[1]); |
| 316 | |||
| 317 | /* verify that this is what we expect it to be */ | ||
| 318 | if (((jmp[0] & 0xffff0000) != 0x3d600000) || | ||
| 319 | ((jmp[1] & 0xffff0000) != 0x396b0000) || | ||
| 320 | (jmp[2] != 0x7d6903a6) || | ||
| 321 | (jmp[3] != 0x4e800420)) { | ||
| 322 | printk(KERN_ERR "Not a trampoline\n"); | ||
| 323 | return -EINVAL; | ||
| 324 | } | ||
| 314 | 325 | ||
| 315 | tramp = (ptr[1] & 0xffff) | | 326 | tramp = (jmp[1] & 0xffff) | |
| 316 | ((ptr[0] & 0xffff) << 16); | 327 | ((jmp[0] & 0xffff) << 16); |
| 317 | if (tramp & 0x8000) | 328 | if (tramp & 0x8000) |
| 318 | tramp -= 0x10000; | 329 | tramp -= 0x10000; |
| 319 | 330 | ||
| @@ -326,9 +337,9 @@ __ftrace_make_nop(struct module *mod, | |||
| 326 | return -EINVAL; | 337 | return -EINVAL; |
| 327 | } | 338 | } |
| 328 | 339 | ||
| 329 | op[0] = PPC_NOP_INSTR; | 340 | op = PPC_NOP_INSTR; |
| 330 | 341 | ||
| 331 | if (probe_kernel_write((void *)ip, replaced, MCOUNT_INSN_SIZE)) | 342 | if (probe_kernel_write((void *)ip, &op, MCOUNT_INSN_SIZE)) |
| 332 | return -EPERM; | 343 | return -EPERM; |
| 333 | 344 | ||
| 334 | return 0; | 345 | return 0; |
| @@ -384,13 +395,12 @@ int ftrace_make_nop(struct module *mod, | |||
| 384 | static int | 395 | static int |
| 385 | __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) | 396 | __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) |
| 386 | { | 397 | { |
| 387 | unsigned char replaced[MCOUNT_INSN_SIZE * 2]; | 398 | unsigned int op[2]; |
| 388 | unsigned int *op = (unsigned *)&replaced; | ||
| 389 | unsigned long ip = rec->ip; | 399 | unsigned long ip = rec->ip; |
| 390 | unsigned long offset; | 400 | unsigned long offset; |
| 391 | 401 | ||
| 392 | /* read where this goes */ | 402 | /* read where this goes */ |
| 393 | if (probe_kernel_read(replaced, (void *)ip, MCOUNT_INSN_SIZE * 2)) | 403 | if (probe_kernel_read(op, (void *)ip, MCOUNT_INSN_SIZE * 2)) |
| 394 | return -EFAULT; | 404 | return -EFAULT; |
| 395 | 405 | ||
| 396 | /* | 406 | /* |
| @@ -425,7 +435,7 @@ __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) | |||
| 425 | 435 | ||
| 426 | DEBUGP("write to %lx\n", rec->ip); | 436 | DEBUGP("write to %lx\n", rec->ip); |
| 427 | 437 | ||
| 428 | if (probe_kernel_write((void *)ip, replaced, MCOUNT_INSN_SIZE * 2)) | 438 | if (probe_kernel_write((void *)ip, op, MCOUNT_INSN_SIZE * 2)) |
| 429 | return -EPERM; | 439 | return -EPERM; |
| 430 | 440 | ||
| 431 | return 0; | 441 | return 0; |
| @@ -434,18 +444,17 @@ __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) | |||
| 434 | static int | 444 | static int |
| 435 | __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) | 445 | __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) |
| 436 | { | 446 | { |
| 437 | unsigned char replaced[MCOUNT_INSN_SIZE]; | 447 | unsigned int op; |
| 438 | unsigned int *op = (unsigned *)&replaced; | ||
| 439 | unsigned long ip = rec->ip; | 448 | unsigned long ip = rec->ip; |
| 440 | unsigned long offset; | 449 | unsigned long offset; |
| 441 | 450 | ||
| 442 | /* read where this goes */ | 451 | /* read where this goes */ |
| 443 | if (probe_kernel_read(replaced, (void *)ip, MCOUNT_INSN_SIZE)) | 452 | if (probe_kernel_read(&op, (void *)ip, MCOUNT_INSN_SIZE)) |
| 444 | return -EFAULT; | 453 | return -EFAULT; |
| 445 | 454 | ||
| 446 | /* It should be pointing to a nop */ | 455 | /* It should be pointing to a nop */ |
| 447 | if (op[0] != PPC_NOP_INSTR) { | 456 | if (op != PPC_NOP_INSTR) { |
| 448 | printk(KERN_ERR "Expected NOP but have %x\n", op[0]); | 457 | printk(KERN_ERR "Expected NOP but have %x\n", op); |
| 449 | return -EINVAL; | 458 | return -EINVAL; |
| 450 | } | 459 | } |
| 451 | 460 | ||
| @@ -465,11 +474,11 @@ __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) | |||
| 465 | } | 474 | } |
| 466 | 475 | ||
| 467 | /* Set to "bl addr" */ | 476 | /* Set to "bl addr" */ |
| 468 | op[0] = branch_offset(offset); | 477 | op = branch_offset(offset); |
| 469 | 478 | ||
| 470 | DEBUGP("write to %lx\n", rec->ip); | 479 | DEBUGP("write to %lx\n", rec->ip); |
| 471 | 480 | ||
| 472 | if (probe_kernel_write((void *)ip, replaced, MCOUNT_INSN_SIZE)) | 481 | if (probe_kernel_write((void *)ip, &op, MCOUNT_INSN_SIZE)) |
| 473 | return -EPERM; | 482 | return -EPERM; |
| 474 | 483 | ||
| 475 | return 0; | 484 | return 0; |