diff options
| author | Steven Rostedt (Red Hat) <rostedt@goodmis.org> | 2014-02-21 10:43:12 -0500 |
|---|---|---|
| committer | Steven Rostedt <rostedt@goodmis.org> | 2014-03-03 21:23:06 -0500 |
| commit | c932c6b7c913a5661e04059045fa1eac762c82fa (patch) | |
| tree | f3ab989812259ebdb6f344a81c3c0b82d672dd6e /arch | |
| parent | 1fcc155351f183e5044180eeb372a8ff47710855 (diff) | |
ftrace/x86: Run a sync after fixup on failure
If a failure occurs while enabling a trace, it bails out and will remove
the tracepoints to be back to what the code originally was. But the fix
up had some bugs in it. By injecting a failure in the code, the fix up
ran to completion, but shortly afterward the system rebooted.
There was two bugs here.
The first was that there was no final sync run across the CPUs after the
fix up was done, and before the ftrace int3 handler flag was reset. That
means that other CPUs could still see the breakpoint and trigger on it
long after the flag was cleared, and the int3 handler would think it was
a spurious interrupt. Worse yet, the int3 handler could hit other breakpoints
because the ftrace int3 handler flag would have prevented the int3 handler
from going further.
Here's a description of the issue:
CPU0 CPU1
---- ----
remove_breakpoint();
modifying_ftrace_code = 0;
[still sees breakpoint]
<takes trap>
[sees modifying_ftrace_code as zero]
[no breakpoint handler]
[goto failed case]
[trap exception - kernel breakpoint, no
handler]
BUG()
The second bug was that the removal of the breakpoints required the
"within()" logic updates instead of accessing the ip address directly.
As the kernel text is mapped read-only when CONFIG_DEBUG_RODATA is set, and
the removal of the breakpoint is a modification of the kernel text.
The ftrace_write() includes the "within()" logic, where as, the
probe_kernel_write() does not. This prevented the breakpoint from being
removed at all.
Link: http://lkml.kernel.org/r/1392650573-3390-1-git-send-email-pmladek@suse.cz
Reported-by: Petr Mladek <pmladek@suse.cz>
Tested-by: Petr Mladek <pmladek@suse.cz>
Acked-by: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/x86/kernel/ftrace.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/arch/x86/kernel/ftrace.c b/arch/x86/kernel/ftrace.c index e6253195a301..6b566c82d82c 100644 --- a/arch/x86/kernel/ftrace.c +++ b/arch/x86/kernel/ftrace.c | |||
| @@ -455,7 +455,7 @@ static int remove_breakpoint(struct dyn_ftrace *rec) | |||
| 455 | } | 455 | } |
| 456 | 456 | ||
| 457 | update: | 457 | update: |
| 458 | return probe_kernel_write((void *)ip, &nop[0], 1); | 458 | return ftrace_write(ip, nop, 1); |
| 459 | } | 459 | } |
| 460 | 460 | ||
| 461 | static int add_update_code(unsigned long ip, unsigned const char *new) | 461 | static int add_update_code(unsigned long ip, unsigned const char *new) |
| @@ -634,6 +634,7 @@ void ftrace_replace_code(int enable) | |||
| 634 | rec = ftrace_rec_iter_record(iter); | 634 | rec = ftrace_rec_iter_record(iter); |
| 635 | remove_breakpoint(rec); | 635 | remove_breakpoint(rec); |
| 636 | } | 636 | } |
| 637 | run_sync(); | ||
| 637 | } | 638 | } |
| 638 | 639 | ||
| 639 | static int | 640 | static int |
| @@ -664,7 +665,7 @@ ftrace_modify_code(unsigned long ip, unsigned const char *old_code, | |||
| 664 | return ret; | 665 | return ret; |
| 665 | 666 | ||
| 666 | fail_update: | 667 | fail_update: |
| 667 | probe_kernel_write((void *)ip, &old_code[0], 1); | 668 | ftrace_write(ip, old_code, 1); |
| 668 | goto out; | 669 | goto out; |
| 669 | } | 670 | } |
| 670 | 671 | ||