debug

fix

fix2

Author: olsajiri

arch/x86/kernel/uprobes.c

@@ -635,21 +635,48 @@ static bool is_reachable_by_call(unsigned long vtramp, unsigned long vaddr)
 	return delta >= INT_MIN && delta <= INT_MAX;
 }
 
+#define MASK_4GB	((1UL << 32) - 1)
+
 static unsigned long find_nearest_page(unsigned long vaddr)
 {
 	struct vm_unmapped_area_info info = {
 		.length     = PAGE_SIZE,
 		.align_mask = ~PAGE_MASK,
-		.low_limit  = PAGE_SIZE,
-		.high_limit = TASK_SIZE,
 	};
-	unsigned long limit, call_end = vaddr + 5;
+	unsigned long low_limit = PAGE_SIZE, high_limit = TASK_SIZE;
+	unsigned long limit, tramp_low_4GB, tramp_high_4GB;
+	unsigned long call_end = vaddr + 5, tramp1, tramp2;
 
 	if (!check_add_overflow(call_end, INT_MIN, &limit))
-		info.low_limit = limit;
+		low_limit = limit;
 	if (!check_add_overflow(call_end, INT_MAX, &limit))
-		info.high_limit = limit;
-	return vm_unmapped_area(&info);
+		high_limit = limit;
+
+	tramp_low_4GB = call_end & MASK_4GB;
+	tramp_high_4GB = tramp_low_4GB + (1UL << 32);
+
+	if (low_limit > tramp_low_4GB) {
+		info.low_limit = tramp_high_4GB;
+		info.high_limit = high_limit;
+	} else {
+		info.low_limit = tramp_low_4GB;
+		info.high_limit = high_limit;;
+	}
+
+	tramp1 = vm_unmapped_area(&info);
+
+	if (low_limit > tramp_low_4GB) {
+		info.low_limit = low_limit;
+		info.high_limit = tramp_high_4GB;
+	} else {
+		info.low_limit = low_limit;
+		info.high_limit = tramp_low_4GB;
+	}
+
+	info.flags = VM_UNMAPPED_AREA_TOPDOWN;
+	tramp2 = vm_unmapped_area(&info);
+
+	return min(tramp1 & ~MASK_4GB, tramp2 & ~MASK_4GB);
 }
 
 static struct uprobe_trampoline *create_uprobe_trampoline(unsigned long vaddr)
@@ -905,6 +932,8 @@ static void relative_call(void *dest, long from, long to)
 	insn = (struct __arch_relative_insn *)dest;
 	insn->raddr = (s32)(to - (from + 5));
 	insn->op = CALL_INSN_OPCODE;
+
+	printk("relative_call from %lx to %lx raddr %x\n", from, to, insn->raddr);
 }
 
 static int swbp_optimize(struct arch_uprobe *auprobe, struct vm_area_struct *vma,
@@ -1066,6 +1095,8 @@ static int __arch_uprobe_optimize(struct arch_uprobe *auprobe, struct mm_struct
 	bool new = false;
 	int err = 0;
 
+	printk("__arch_uprobe_optimize START %lx\n", vaddr);
+
 	vma = find_vma(mm, vaddr);
 	if (!vma)
 		return -EINVAL;
@@ -1075,6 +1106,7 @@ static int __arch_uprobe_optimize(struct arch_uprobe *auprobe, struct mm_struct
 	err = swbp_optimize(auprobe, vma, vaddr, tramp->vaddr);
 	if (WARN_ON_ONCE(err) && new)
 		destroy_uprobe_trampoline(tramp);
+	printk("__arch_uprobe_optimize END   %lx\n", vaddr);
 	return err;
 }
 

tools/testing/selftests/bpf/prog_tests/uprobe_syscall.c

@@ -357,8 +357,9 @@ __nocf_check __weak void usdt_test(void)
 	USDT(optimized_uprobe, usdt);
 }
 
-static int find_uprobes_trampoline(void **start, void **end)
+static int find_uprobes_trampoline(void *tramp_addr)
 {
+	void *start, *end;
 	char line[128];
 	int ret = -1;
 	FILE *maps;
@@ -373,12 +374,12 @@ static int find_uprobes_trampoline(void **start, void **end)
 		int m = -1;
 
 		/* We care only about private r-x mappings. */
-		if (sscanf(line, "%p-%p r-xp %*x %*x:%*x %*u %n", start, end, &m) != 2)
+		if (sscanf(line, "%p-%p r-xp %*x %*x:%*x %*u %n", &start, &end, &m) != 2)
 			continue;
 		if (m < 0)
 			continue;
-		if (!strncmp(&line[m], TRAMP, sizeof(TRAMP)-1)) {
-			ret = 0;
+		if (!strncmp(&line[m], TRAMP, sizeof(TRAMP)-1) && (start == tramp_addr)) {
+			ret = end - start == 4096 ? 0 : -1;
 			break;
 		}
 	}
@@ -404,25 +405,20 @@ typedef void (__attribute__((nocf_check)) *trigger_t)(void);
 
 static bool shstk_is_enabled;
 
-static void check_attach(struct uprobe_syscall_executed *skel, trigger_t trigger,
-			 void *addr, int executed)
+static void *check_attach(struct uprobe_syscall_executed *skel, trigger_t trigger,
+			  void *addr, int executed)
 {
-	void *tramp_start, *tramp_end;
 	struct __arch_relative_insn {
 		__u8 op;
 		__s32 raddr;
 	} __packed *call;
-	__s32 delta;
+	void *tramp = NULL;
 	__u8 *bp;
 
 	/* Uprobe gets optimized after first trigger, so let's press twice. */
 	trigger();
 	trigger();
 
-	if (!shstk_is_enabled &&
-	    !ASSERT_OK(find_uprobes_trampoline(&tramp_start, &tramp_end), "uprobes_trampoline"))
-		return;
-
 	/* Make sure bpf program got executed.. */
 	ASSERT_EQ(skel->bss->executed, executed, "executed");
 
@@ -433,30 +429,29 @@ static void check_attach(struct uprobe_syscall_executed *skel, trigger_t trigger
 	} else {
 		/* .. and check the trampoline is as expected. */
 		call = (struct __arch_relative_insn *) addr;
-		delta = (unsigned long) tramp_start - ((unsigned long) addr + 5);
-
+		tramp = (void *) (call + 1) + call->raddr;
 		ASSERT_EQ(call->op, 0xe8, "call");
-		ASSERT_EQ(call->raddr, delta, "delta");
-		ASSERT_EQ(tramp_end - tramp_start, 4096, "size");
+	    	ASSERT_OK(find_uprobes_trampoline(tramp), "uprobes_trampoline");
 	}
+
+	return tramp;
 }
 
-static void check_detach(struct uprobe_syscall_executed *skel, trigger_t trigger, void *addr)
+static void check_detach(void *addr, void *tramp)
 {
-	void *tramp_start, *tramp_end;
-
 	/* [uprobes_trampoline] stays after detach */
-	ASSERT_OK(!shstk_is_enabled &&
-		  find_uprobes_trampoline(&tramp_start, &tramp_end), "uprobes_trampoline");
+	ASSERT_OK(!shstk_is_enabled && find_uprobes_trampoline(tramp), "uprobes_trampoline");
 	ASSERT_OK(memcmp(addr, nop5, 5), "nop5");
 }
 
 static void check(struct uprobe_syscall_executed *skel, struct bpf_link *link,
 		  trigger_t trigger, void *addr, int executed)
 {
-	check_attach(skel, trigger, addr, executed);
+	void *tramp;
+
+	tramp = check_attach(skel, trigger, addr, executed);
 	bpf_link__destroy(link);
-	check_detach(skel, trigger, addr);
+	check_detach(addr, tramp);
 }
 
 static void test_uprobe_legacy(void)