1 /* 2 * Dynamic function tracing support. 3 * 4 * Copyright (C) 2007-2008 Steven Rostedt <srostedt@redhat.com> 5 * 6 * Thanks goes to Ingo Molnar, for suggesting the idea. 7 * Mathieu Desnoyers, for suggesting postponing the modifications. 8 * Arjan van de Ven, for keeping me straight, and explaining to me 9 * the dangers of modifying code on the run. 10 */ 11 12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 13 14 #include <linux/spinlock.h> 15 #include <linux/hardirq.h> 16 #include <linux/uaccess.h> 17 #include <linux/ftrace.h> 18 #include <linux/percpu.h> 19 #include <linux/sched.h> 20 #include <linux/slab.h> 21 #include <linux/init.h> 22 #include <linux/list.h> 23 #include <linux/module.h> 24 25 #include <trace/syscall.h> 26 27 #include <asm/cacheflush.h> 28 #include <asm/kprobes.h> 29 #include <asm/ftrace.h> 30 #include <asm/nops.h> 31 32 #if defined(CONFIG_FUNCTION_GRAPH_TRACER) && \ 33 !defined(CC_USING_FENTRY) && \ 34 !defined(CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE) 35 # error The following combination is not supported: ((compiler missing -mfentry) || (CONFIG_X86_32 and !CONFIG_DYNAMIC_FTRACE)) && CONFIG_FUNCTION_GRAPH_TRACER && CONFIG_CC_OPTIMIZE_FOR_SIZE 36 #endif 37 38 #ifdef CONFIG_DYNAMIC_FTRACE 39 40 int ftrace_arch_code_modify_prepare(void) 41 { 42 set_kernel_text_rw(); 43 set_all_modules_text_rw(); 44 return 0; 45 } 46 47 int ftrace_arch_code_modify_post_process(void) 48 { 49 set_all_modules_text_ro(); 50 set_kernel_text_ro(); 51 return 0; 52 } 53 54 union ftrace_code_union { 55 char code[MCOUNT_INSN_SIZE]; 56 struct { 57 unsigned char e8; 58 int offset; 59 } __attribute__((packed)); 60 }; 61 62 static int ftrace_calc_offset(long ip, long addr) 63 { 64 return (int)(addr - ip); 65 } 66 67 static unsigned char *ftrace_call_replace(unsigned long ip, unsigned long addr) 68 { 69 static union ftrace_code_union calc; 70 71 calc.e8 = 0xe8; 72 calc.offset = ftrace_calc_offset(ip + MCOUNT_INSN_SIZE, addr); 73 74 /* 75 * No locking needed, this must be called via kstop_machine 76 * which in essence is like running on a uniprocessor machine. 77 */ 78 return calc.code; 79 } 80 81 static inline int 82 within(unsigned long addr, unsigned long start, unsigned long end) 83 { 84 return addr >= start && addr < end; 85 } 86 87 static unsigned long text_ip_addr(unsigned long ip) 88 { 89 /* 90 * On x86_64, kernel text mappings are mapped read-only, so we use 91 * the kernel identity mapping instead of the kernel text mapping 92 * to modify the kernel text. 93 * 94 * For 32bit kernels, these mappings are same and we can use 95 * kernel identity mapping to modify code. 96 */ 97 if (within(ip, (unsigned long)_text, (unsigned long)_etext)) 98 ip = (unsigned long)__va(__pa_symbol(ip)); 99 100 return ip; 101 } 102 103 static const unsigned char *ftrace_nop_replace(void) 104 { 105 return ideal_nops[NOP_ATOMIC5]; 106 } 107 108 static int 109 ftrace_modify_code_direct(unsigned long ip, unsigned const char *old_code, 110 unsigned const char *new_code) 111 { 112 unsigned char replaced[MCOUNT_INSN_SIZE]; 113 114 ftrace_expected = old_code; 115 116 /* 117 * Note: 118 * We are paranoid about modifying text, as if a bug was to happen, it 119 * could cause us to read or write to someplace that could cause harm. 120 * Carefully read and modify the code with probe_kernel_*(), and make 121 * sure what we read is what we expected it to be before modifying it. 122 */ 123 124 /* read the text we want to modify */ 125 if (probe_kernel_read(replaced, (void *)ip, MCOUNT_INSN_SIZE)) 126 return -EFAULT; 127 128 /* Make sure it is what we expect it to be */ 129 if (memcmp(replaced, old_code, MCOUNT_INSN_SIZE) != 0) 130 return -EINVAL; 131 132 ip = text_ip_addr(ip); 133 134 /* replace the text with the new text */ 135 if (probe_kernel_write((void *)ip, new_code, MCOUNT_INSN_SIZE)) 136 return -EPERM; 137 138 sync_core(); 139 140 return 0; 141 } 142 143 int ftrace_make_nop(struct module *mod, 144 struct dyn_ftrace *rec, unsigned long addr) 145 { 146 unsigned const char *new, *old; 147 unsigned long ip = rec->ip; 148 149 old = ftrace_call_replace(ip, addr); 150 new = ftrace_nop_replace(); 151 152 /* 153 * On boot up, and when modules are loaded, the MCOUNT_ADDR 154 * is converted to a nop, and will never become MCOUNT_ADDR 155 * again. This code is either running before SMP (on boot up) 156 * or before the code will ever be executed (module load). 157 * We do not want to use the breakpoint version in this case, 158 * just modify the code directly. 159 */ 160 if (addr == MCOUNT_ADDR) 161 return ftrace_modify_code_direct(rec->ip, old, new); 162 163 ftrace_expected = NULL; 164 165 /* Normal cases use add_brk_on_nop */ 166 WARN_ONCE(1, "invalid use of ftrace_make_nop"); 167 return -EINVAL; 168 } 169 170 int ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) 171 { 172 unsigned const char *new, *old; 173 unsigned long ip = rec->ip; 174 175 old = ftrace_nop_replace(); 176 new = ftrace_call_replace(ip, addr); 177 178 /* Should only be called when module is loaded */ 179 return ftrace_modify_code_direct(rec->ip, old, new); 180 } 181 182 /* 183 * The modifying_ftrace_code is used to tell the breakpoint 184 * handler to call ftrace_int3_handler(). If it fails to 185 * call this handler for a breakpoint added by ftrace, then 186 * the kernel may crash. 187 * 188 * As atomic_writes on x86 do not need a barrier, we do not 189 * need to add smp_mb()s for this to work. It is also considered 190 * that we can not read the modifying_ftrace_code before 191 * executing the breakpoint. That would be quite remarkable if 192 * it could do that. Here's the flow that is required: 193 * 194 * CPU-0 CPU-1 195 * 196 * atomic_inc(mfc); 197 * write int3s 198 * <trap-int3> // implicit (r)mb 199 * if (atomic_read(mfc)) 200 * call ftrace_int3_handler() 201 * 202 * Then when we are finished: 203 * 204 * atomic_dec(mfc); 205 * 206 * If we hit a breakpoint that was not set by ftrace, it does not 207 * matter if ftrace_int3_handler() is called or not. It will 208 * simply be ignored. But it is crucial that a ftrace nop/caller 209 * breakpoint is handled. No other user should ever place a 210 * breakpoint on an ftrace nop/caller location. It must only 211 * be done by this code. 212 */ 213 atomic_t modifying_ftrace_code __read_mostly; 214 215 static int 216 ftrace_modify_code(unsigned long ip, unsigned const char *old_code, 217 unsigned const char *new_code); 218 219 /* 220 * Should never be called: 221 * As it is only called by __ftrace_replace_code() which is called by 222 * ftrace_replace_code() that x86 overrides, and by ftrace_update_code() 223 * which is called to turn mcount into nops or nops into function calls 224 * but not to convert a function from not using regs to one that uses 225 * regs, which ftrace_modify_call() is for. 226 */ 227 int ftrace_modify_call(struct dyn_ftrace *rec, unsigned long old_addr, 228 unsigned long addr) 229 { 230 WARN_ON(1); 231 ftrace_expected = NULL; 232 return -EINVAL; 233 } 234 235 static unsigned long ftrace_update_func; 236 237 static int update_ftrace_func(unsigned long ip, void *new) 238 { 239 unsigned char old[MCOUNT_INSN_SIZE]; 240 int ret; 241 242 memcpy(old, (void *)ip, MCOUNT_INSN_SIZE); 243 244 ftrace_update_func = ip; 245 /* Make sure the breakpoints see the ftrace_update_func update */ 246 smp_wmb(); 247 248 /* See comment above by declaration of modifying_ftrace_code */ 249 atomic_inc(&modifying_ftrace_code); 250 251 ret = ftrace_modify_code(ip, old, new); 252 253 atomic_dec(&modifying_ftrace_code); 254 255 return ret; 256 } 257 258 int ftrace_update_ftrace_func(ftrace_func_t func) 259 { 260 unsigned long ip = (unsigned long)(&ftrace_call); 261 unsigned char *new; 262 int ret; 263 264 new = ftrace_call_replace(ip, (unsigned long)func); 265 ret = update_ftrace_func(ip, new); 266 267 /* Also update the regs callback function */ 268 if (!ret) { 269 ip = (unsigned long)(&ftrace_regs_call); 270 new = ftrace_call_replace(ip, (unsigned long)func); 271 ret = update_ftrace_func(ip, new); 272 } 273 274 return ret; 275 } 276 277 static int is_ftrace_caller(unsigned long ip) 278 { 279 if (ip == ftrace_update_func) 280 return 1; 281 282 return 0; 283 } 284 285 /* 286 * A breakpoint was added to the code address we are about to 287 * modify, and this is the handle that will just skip over it. 288 * We are either changing a nop into a trace call, or a trace 289 * call to a nop. While the change is taking place, we treat 290 * it just like it was a nop. 291 */ 292 int ftrace_int3_handler(struct pt_regs *regs) 293 { 294 unsigned long ip; 295 296 if (WARN_ON_ONCE(!regs)) 297 return 0; 298 299 ip = regs->ip - 1; 300 if (!ftrace_location(ip) && !is_ftrace_caller(ip)) 301 return 0; 302 303 regs->ip += MCOUNT_INSN_SIZE - 1; 304 305 return 1; 306 } 307 308 static int ftrace_write(unsigned long ip, const char *val, int size) 309 { 310 ip = text_ip_addr(ip); 311 312 if (probe_kernel_write((void *)ip, val, size)) 313 return -EPERM; 314 315 return 0; 316 } 317 318 static int add_break(unsigned long ip, const char *old) 319 { 320 unsigned char replaced[MCOUNT_INSN_SIZE]; 321 unsigned char brk = BREAKPOINT_INSTRUCTION; 322 323 if (probe_kernel_read(replaced, (void *)ip, MCOUNT_INSN_SIZE)) 324 return -EFAULT; 325 326 ftrace_expected = old; 327 328 /* Make sure it is what we expect it to be */ 329 if (memcmp(replaced, old, MCOUNT_INSN_SIZE) != 0) 330 return -EINVAL; 331 332 return ftrace_write(ip, &brk, 1); 333 } 334 335 static int add_brk_on_call(struct dyn_ftrace *rec, unsigned long addr) 336 { 337 unsigned const char *old; 338 unsigned long ip = rec->ip; 339 340 old = ftrace_call_replace(ip, addr); 341 342 return add_break(rec->ip, old); 343 } 344 345 346 static int add_brk_on_nop(struct dyn_ftrace *rec) 347 { 348 unsigned const char *old; 349 350 old = ftrace_nop_replace(); 351 352 return add_break(rec->ip, old); 353 } 354 355 static int add_breakpoints(struct dyn_ftrace *rec, int enable) 356 { 357 unsigned long ftrace_addr; 358 int ret; 359 360 ftrace_addr = ftrace_get_addr_curr(rec); 361 362 ret = ftrace_test_record(rec, enable); 363 364 switch (ret) { 365 case FTRACE_UPDATE_IGNORE: 366 return 0; 367 368 case FTRACE_UPDATE_MAKE_CALL: 369 /* converting nop to call */ 370 return add_brk_on_nop(rec); 371 372 case FTRACE_UPDATE_MODIFY_CALL: 373 case FTRACE_UPDATE_MAKE_NOP: 374 /* converting a call to a nop */ 375 return add_brk_on_call(rec, ftrace_addr); 376 } 377 return 0; 378 } 379 380 /* 381 * On error, we need to remove breakpoints. This needs to 382 * be done caefully. If the address does not currently have a 383 * breakpoint, we know we are done. Otherwise, we look at the 384 * remaining 4 bytes of the instruction. If it matches a nop 385 * we replace the breakpoint with the nop. Otherwise we replace 386 * it with the call instruction. 387 */ 388 static int remove_breakpoint(struct dyn_ftrace *rec) 389 { 390 unsigned char ins[MCOUNT_INSN_SIZE]; 391 unsigned char brk = BREAKPOINT_INSTRUCTION; 392 const unsigned char *nop; 393 unsigned long ftrace_addr; 394 unsigned long ip = rec->ip; 395 396 /* If we fail the read, just give up */ 397 if (probe_kernel_read(ins, (void *)ip, MCOUNT_INSN_SIZE)) 398 return -EFAULT; 399 400 /* If this does not have a breakpoint, we are done */ 401 if (ins[0] != brk) 402 return 0; 403 404 nop = ftrace_nop_replace(); 405 406 /* 407 * If the last 4 bytes of the instruction do not match 408 * a nop, then we assume that this is a call to ftrace_addr. 409 */ 410 if (memcmp(&ins[1], &nop[1], MCOUNT_INSN_SIZE - 1) != 0) { 411 /* 412 * For extra paranoidism, we check if the breakpoint is on 413 * a call that would actually jump to the ftrace_addr. 414 * If not, don't touch the breakpoint, we make just create 415 * a disaster. 416 */ 417 ftrace_addr = ftrace_get_addr_new(rec); 418 nop = ftrace_call_replace(ip, ftrace_addr); 419 420 if (memcmp(&ins[1], &nop[1], MCOUNT_INSN_SIZE - 1) == 0) 421 goto update; 422 423 /* Check both ftrace_addr and ftrace_old_addr */ 424 ftrace_addr = ftrace_get_addr_curr(rec); 425 nop = ftrace_call_replace(ip, ftrace_addr); 426 427 ftrace_expected = nop; 428 429 if (memcmp(&ins[1], &nop[1], MCOUNT_INSN_SIZE - 1) != 0) 430 return -EINVAL; 431 } 432 433 update: 434 return ftrace_write(ip, nop, 1); 435 } 436 437 static int add_update_code(unsigned long ip, unsigned const char *new) 438 { 439 /* skip breakpoint */ 440 ip++; 441 new++; 442 return ftrace_write(ip, new, MCOUNT_INSN_SIZE - 1); 443 } 444 445 static int add_update_call(struct dyn_ftrace *rec, unsigned long addr) 446 { 447 unsigned long ip = rec->ip; 448 unsigned const char *new; 449 450 new = ftrace_call_replace(ip, addr); 451 return add_update_code(ip, new); 452 } 453 454 static int add_update_nop(struct dyn_ftrace *rec) 455 { 456 unsigned long ip = rec->ip; 457 unsigned const char *new; 458 459 new = ftrace_nop_replace(); 460 return add_update_code(ip, new); 461 } 462 463 static int add_update(struct dyn_ftrace *rec, int enable) 464 { 465 unsigned long ftrace_addr; 466 int ret; 467 468 ret = ftrace_test_record(rec, enable); 469 470 ftrace_addr = ftrace_get_addr_new(rec); 471 472 switch (ret) { 473 case FTRACE_UPDATE_IGNORE: 474 return 0; 475 476 case FTRACE_UPDATE_MODIFY_CALL: 477 case FTRACE_UPDATE_MAKE_CALL: 478 /* converting nop to call */ 479 return add_update_call(rec, ftrace_addr); 480 481 case FTRACE_UPDATE_MAKE_NOP: 482 /* converting a call to a nop */ 483 return add_update_nop(rec); 484 } 485 486 return 0; 487 } 488 489 static int finish_update_call(struct dyn_ftrace *rec, unsigned long addr) 490 { 491 unsigned long ip = rec->ip; 492 unsigned const char *new; 493 494 new = ftrace_call_replace(ip, addr); 495 496 return ftrace_write(ip, new, 1); 497 } 498 499 static int finish_update_nop(struct dyn_ftrace *rec) 500 { 501 unsigned long ip = rec->ip; 502 unsigned const char *new; 503 504 new = ftrace_nop_replace(); 505 506 return ftrace_write(ip, new, 1); 507 } 508 509 static int finish_update(struct dyn_ftrace *rec, int enable) 510 { 511 unsigned long ftrace_addr; 512 int ret; 513 514 ret = ftrace_update_record(rec, enable); 515 516 ftrace_addr = ftrace_get_addr_new(rec); 517 518 switch (ret) { 519 case FTRACE_UPDATE_IGNORE: 520 return 0; 521 522 case FTRACE_UPDATE_MODIFY_CALL: 523 case FTRACE_UPDATE_MAKE_CALL: 524 /* converting nop to call */ 525 return finish_update_call(rec, ftrace_addr); 526 527 case FTRACE_UPDATE_MAKE_NOP: 528 /* converting a call to a nop */ 529 return finish_update_nop(rec); 530 } 531 532 return 0; 533 } 534 535 static void do_sync_core(void *data) 536 { 537 sync_core(); 538 } 539 540 static void run_sync(void) 541 { 542 int enable_irqs = irqs_disabled(); 543 544 /* We may be called with interrupts disabled (on bootup). */ 545 if (enable_irqs) 546 local_irq_enable(); 547 on_each_cpu(do_sync_core, NULL, 1); 548 if (enable_irqs) 549 local_irq_disable(); 550 } 551 552 void ftrace_replace_code(int enable) 553 { 554 struct ftrace_rec_iter *iter; 555 struct dyn_ftrace *rec; 556 const char *report = "adding breakpoints"; 557 int count = 0; 558 int ret; 559 560 for_ftrace_rec_iter(iter) { 561 rec = ftrace_rec_iter_record(iter); 562 563 ret = add_breakpoints(rec, enable); 564 if (ret) 565 goto remove_breakpoints; 566 count++; 567 } 568 569 run_sync(); 570 571 report = "updating code"; 572 count = 0; 573 574 for_ftrace_rec_iter(iter) { 575 rec = ftrace_rec_iter_record(iter); 576 577 ret = add_update(rec, enable); 578 if (ret) 579 goto remove_breakpoints; 580 count++; 581 } 582 583 run_sync(); 584 585 report = "removing breakpoints"; 586 count = 0; 587 588 for_ftrace_rec_iter(iter) { 589 rec = ftrace_rec_iter_record(iter); 590 591 ret = finish_update(rec, enable); 592 if (ret) 593 goto remove_breakpoints; 594 count++; 595 } 596 597 run_sync(); 598 599 return; 600 601 remove_breakpoints: 602 pr_warn("Failed on %s (%d):\n", report, count); 603 ftrace_bug(ret, rec); 604 for_ftrace_rec_iter(iter) { 605 rec = ftrace_rec_iter_record(iter); 606 /* 607 * Breakpoints are handled only when this function is in 608 * progress. The system could not work with them. 609 */ 610 if (remove_breakpoint(rec)) 611 BUG(); 612 } 613 run_sync(); 614 } 615 616 static int 617 ftrace_modify_code(unsigned long ip, unsigned const char *old_code, 618 unsigned const char *new_code) 619 { 620 int ret; 621 622 ret = add_break(ip, old_code); 623 if (ret) 624 goto out; 625 626 run_sync(); 627 628 ret = add_update_code(ip, new_code); 629 if (ret) 630 goto fail_update; 631 632 run_sync(); 633 634 ret = ftrace_write(ip, new_code, 1); 635 /* 636 * The breakpoint is handled only when this function is in progress. 637 * The system could not work if we could not remove it. 638 */ 639 BUG_ON(ret); 640 out: 641 run_sync(); 642 return ret; 643 644 fail_update: 645 /* Also here the system could not work with the breakpoint */ 646 if (ftrace_write(ip, old_code, 1)) 647 BUG(); 648 goto out; 649 } 650 651 void arch_ftrace_update_code(int command) 652 { 653 /* See comment above by declaration of modifying_ftrace_code */ 654 atomic_inc(&modifying_ftrace_code); 655 656 ftrace_modify_all_code(command); 657 658 atomic_dec(&modifying_ftrace_code); 659 } 660 661 int __init ftrace_dyn_arch_init(void) 662 { 663 return 0; 664 } 665 666 #if defined(CONFIG_X86_64) || defined(CONFIG_FUNCTION_GRAPH_TRACER) 667 static unsigned char *ftrace_jmp_replace(unsigned long ip, unsigned long addr) 668 { 669 static union ftrace_code_union calc; 670 671 /* Jmp not a call (ignore the .e8) */ 672 calc.e8 = 0xe9; 673 calc.offset = ftrace_calc_offset(ip + MCOUNT_INSN_SIZE, addr); 674 675 /* 676 * ftrace external locks synchronize the access to the static variable. 677 */ 678 return calc.code; 679 } 680 #endif 681 682 /* Currently only x86_64 supports dynamic trampolines */ 683 #ifdef CONFIG_X86_64 684 685 #ifdef CONFIG_MODULES 686 #include <linux/moduleloader.h> 687 /* Module allocation simplifies allocating memory for code */ 688 static inline void *alloc_tramp(unsigned long size) 689 { 690 return module_alloc(size); 691 } 692 static inline void tramp_free(void *tramp) 693 { 694 module_memfree(tramp); 695 } 696 #else 697 /* Trampolines can only be created if modules are supported */ 698 static inline void *alloc_tramp(unsigned long size) 699 { 700 return NULL; 701 } 702 static inline void tramp_free(void *tramp) { } 703 #endif 704 705 /* Defined as markers to the end of the ftrace default trampolines */ 706 extern void ftrace_regs_caller_end(void); 707 extern void ftrace_epilogue(void); 708 extern void ftrace_caller_op_ptr(void); 709 extern void ftrace_regs_caller_op_ptr(void); 710 711 /* movq function_trace_op(%rip), %rdx */ 712 /* 0x48 0x8b 0x15 <offset-to-ftrace_trace_op (4 bytes)> */ 713 #define OP_REF_SIZE 7 714 715 /* 716 * The ftrace_ops is passed to the function callback. Since the 717 * trampoline only services a single ftrace_ops, we can pass in 718 * that ops directly. 719 * 720 * The ftrace_op_code_union is used to create a pointer to the 721 * ftrace_ops that will be passed to the callback function. 722 */ 723 union ftrace_op_code_union { 724 char code[OP_REF_SIZE]; 725 struct { 726 char op[3]; 727 int offset; 728 } __attribute__((packed)); 729 }; 730 731 static unsigned long 732 create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size) 733 { 734 unsigned const char *jmp; 735 unsigned long start_offset; 736 unsigned long end_offset; 737 unsigned long op_offset; 738 unsigned long offset; 739 unsigned long size; 740 unsigned long ip; 741 unsigned long *ptr; 742 void *trampoline; 743 /* 48 8b 15 <offset> is movq <offset>(%rip), %rdx */ 744 unsigned const char op_ref[] = { 0x48, 0x8b, 0x15 }; 745 union ftrace_op_code_union op_ptr; 746 int ret; 747 748 if (ops->flags & FTRACE_OPS_FL_SAVE_REGS) { 749 start_offset = (unsigned long)ftrace_regs_caller; 750 end_offset = (unsigned long)ftrace_regs_caller_end; 751 op_offset = (unsigned long)ftrace_regs_caller_op_ptr; 752 } else { 753 start_offset = (unsigned long)ftrace_caller; 754 end_offset = (unsigned long)ftrace_epilogue; 755 op_offset = (unsigned long)ftrace_caller_op_ptr; 756 } 757 758 size = end_offset - start_offset; 759 760 /* 761 * Allocate enough size to store the ftrace_caller code, 762 * the jmp to ftrace_epilogue, as well as the address of 763 * the ftrace_ops this trampoline is used for. 764 */ 765 trampoline = alloc_tramp(size + MCOUNT_INSN_SIZE + sizeof(void *)); 766 if (!trampoline) 767 return 0; 768 769 *tramp_size = size + MCOUNT_INSN_SIZE + sizeof(void *); 770 771 /* Copy ftrace_caller onto the trampoline memory */ 772 ret = probe_kernel_read(trampoline, (void *)start_offset, size); 773 if (WARN_ON(ret < 0)) { 774 tramp_free(trampoline); 775 return 0; 776 } 777 778 ip = (unsigned long)trampoline + size; 779 780 /* The trampoline ends with a jmp to ftrace_epilogue */ 781 jmp = ftrace_jmp_replace(ip, (unsigned long)ftrace_epilogue); 782 memcpy(trampoline + size, jmp, MCOUNT_INSN_SIZE); 783 784 /* 785 * The address of the ftrace_ops that is used for this trampoline 786 * is stored at the end of the trampoline. This will be used to 787 * load the third parameter for the callback. Basically, that 788 * location at the end of the trampoline takes the place of 789 * the global function_trace_op variable. 790 */ 791 792 ptr = (unsigned long *)(trampoline + size + MCOUNT_INSN_SIZE); 793 *ptr = (unsigned long)ops; 794 795 op_offset -= start_offset; 796 memcpy(&op_ptr, trampoline + op_offset, OP_REF_SIZE); 797 798 /* Are we pointing to the reference? */ 799 if (WARN_ON(memcmp(op_ptr.op, op_ref, 3) != 0)) { 800 tramp_free(trampoline); 801 return 0; 802 } 803 804 /* Load the contents of ptr into the callback parameter */ 805 offset = (unsigned long)ptr; 806 offset -= (unsigned long)trampoline + op_offset + OP_REF_SIZE; 807 808 op_ptr.offset = offset; 809 810 /* put in the new offset to the ftrace_ops */ 811 memcpy(trampoline + op_offset, &op_ptr, OP_REF_SIZE); 812 813 /* ALLOC_TRAMP flags lets us know we created it */ 814 ops->flags |= FTRACE_OPS_FL_ALLOC_TRAMP; 815 816 return (unsigned long)trampoline; 817 } 818 819 static unsigned long calc_trampoline_call_offset(bool save_regs) 820 { 821 unsigned long start_offset; 822 unsigned long call_offset; 823 824 if (save_regs) { 825 start_offset = (unsigned long)ftrace_regs_caller; 826 call_offset = (unsigned long)ftrace_regs_call; 827 } else { 828 start_offset = (unsigned long)ftrace_caller; 829 call_offset = (unsigned long)ftrace_call; 830 } 831 832 return call_offset - start_offset; 833 } 834 835 void arch_ftrace_update_trampoline(struct ftrace_ops *ops) 836 { 837 ftrace_func_t func; 838 unsigned char *new; 839 unsigned long offset; 840 unsigned long ip; 841 unsigned int size; 842 int ret; 843 844 if (ops->trampoline) { 845 /* 846 * The ftrace_ops caller may set up its own trampoline. 847 * In such a case, this code must not modify it. 848 */ 849 if (!(ops->flags & FTRACE_OPS_FL_ALLOC_TRAMP)) 850 return; 851 } else { 852 ops->trampoline = create_trampoline(ops, &size); 853 if (!ops->trampoline) 854 return; 855 ops->trampoline_size = size; 856 } 857 858 offset = calc_trampoline_call_offset(ops->flags & FTRACE_OPS_FL_SAVE_REGS); 859 ip = ops->trampoline + offset; 860 861 func = ftrace_ops_get_func(ops); 862 863 /* Do a safe modify in case the trampoline is executing */ 864 new = ftrace_call_replace(ip, (unsigned long)func); 865 ret = update_ftrace_func(ip, new); 866 867 /* The update should never fail */ 868 WARN_ON(ret); 869 } 870 871 /* Return the address of the function the trampoline calls */ 872 static void *addr_from_call(void *ptr) 873 { 874 union ftrace_code_union calc; 875 int ret; 876 877 ret = probe_kernel_read(&calc, ptr, MCOUNT_INSN_SIZE); 878 if (WARN_ON_ONCE(ret < 0)) 879 return NULL; 880 881 /* Make sure this is a call */ 882 if (WARN_ON_ONCE(calc.e8 != 0xe8)) { 883 pr_warn("Expected e8, got %x\n", calc.e8); 884 return NULL; 885 } 886 887 return ptr + MCOUNT_INSN_SIZE + calc.offset; 888 } 889 890 void prepare_ftrace_return(unsigned long self_addr, unsigned long *parent, 891 unsigned long frame_pointer); 892 893 /* 894 * If the ops->trampoline was not allocated, then it probably 895 * has a static trampoline func, or is the ftrace caller itself. 896 */ 897 static void *static_tramp_func(struct ftrace_ops *ops, struct dyn_ftrace *rec) 898 { 899 unsigned long offset; 900 bool save_regs = rec->flags & FTRACE_FL_REGS_EN; 901 void *ptr; 902 903 if (ops && ops->trampoline) { 904 #ifdef CONFIG_FUNCTION_GRAPH_TRACER 905 /* 906 * We only know about function graph tracer setting as static 907 * trampoline. 908 */ 909 if (ops->trampoline == FTRACE_GRAPH_ADDR) 910 return (void *)prepare_ftrace_return; 911 #endif 912 return NULL; 913 } 914 915 offset = calc_trampoline_call_offset(save_regs); 916 917 if (save_regs) 918 ptr = (void *)FTRACE_REGS_ADDR + offset; 919 else 920 ptr = (void *)FTRACE_ADDR + offset; 921 922 return addr_from_call(ptr); 923 } 924 925 void *arch_ftrace_trampoline_func(struct ftrace_ops *ops, struct dyn_ftrace *rec) 926 { 927 unsigned long offset; 928 929 /* If we didn't allocate this trampoline, consider it static */ 930 if (!ops || !(ops->flags & FTRACE_OPS_FL_ALLOC_TRAMP)) 931 return static_tramp_func(ops, rec); 932 933 offset = calc_trampoline_call_offset(ops->flags & FTRACE_OPS_FL_SAVE_REGS); 934 return addr_from_call((void *)ops->trampoline + offset); 935 } 936 937 void arch_ftrace_trampoline_free(struct ftrace_ops *ops) 938 { 939 if (!ops || !(ops->flags & FTRACE_OPS_FL_ALLOC_TRAMP)) 940 return; 941 942 tramp_free((void *)ops->trampoline); 943 ops->trampoline = 0; 944 } 945 946 #endif /* CONFIG_X86_64 */ 947 #endif /* CONFIG_DYNAMIC_FTRACE */ 948 949 #ifdef CONFIG_FUNCTION_GRAPH_TRACER 950 951 #ifdef CONFIG_DYNAMIC_FTRACE 952 extern void ftrace_graph_call(void); 953 954 static int ftrace_mod_jmp(unsigned long ip, void *func) 955 { 956 unsigned char *new; 957 958 new = ftrace_jmp_replace(ip, (unsigned long)func); 959 960 return update_ftrace_func(ip, new); 961 } 962 963 int ftrace_enable_ftrace_graph_caller(void) 964 { 965 unsigned long ip = (unsigned long)(&ftrace_graph_call); 966 967 return ftrace_mod_jmp(ip, &ftrace_graph_caller); 968 } 969 970 int ftrace_disable_ftrace_graph_caller(void) 971 { 972 unsigned long ip = (unsigned long)(&ftrace_graph_call); 973 974 return ftrace_mod_jmp(ip, &ftrace_stub); 975 } 976 977 #endif /* !CONFIG_DYNAMIC_FTRACE */ 978 979 /* 980 * Hook the return address and push it in the stack of return addrs 981 * in current thread info. 982 */ 983 void prepare_ftrace_return(unsigned long self_addr, unsigned long *parent, 984 unsigned long frame_pointer) 985 { 986 unsigned long old; 987 int faulted; 988 struct ftrace_graph_ent trace; 989 unsigned long return_hooker = (unsigned long) 990 &return_to_handler; 991 992 if (unlikely(ftrace_graph_is_dead())) 993 return; 994 995 if (unlikely(atomic_read(¤t->tracing_graph_pause))) 996 return; 997 998 /* 999 * Protect against fault, even if it shouldn't 1000 * happen. This tool is too much intrusive to 1001 * ignore such a protection. 1002 */ 1003 asm volatile( 1004 "1: " _ASM_MOV " (%[parent]), %[old]\n" 1005 "2: " _ASM_MOV " %[return_hooker], (%[parent])\n" 1006 " movl $0, %[faulted]\n" 1007 "3:\n" 1008 1009 ".section .fixup, \"ax\"\n" 1010 "4: movl $1, %[faulted]\n" 1011 " jmp 3b\n" 1012 ".previous\n" 1013 1014 _ASM_EXTABLE(1b, 4b) 1015 _ASM_EXTABLE(2b, 4b) 1016 1017 : [old] "=&r" (old), [faulted] "=r" (faulted) 1018 : [parent] "r" (parent), [return_hooker] "r" (return_hooker) 1019 : "memory" 1020 ); 1021 1022 if (unlikely(faulted)) { 1023 ftrace_graph_stop(); 1024 WARN_ON(1); 1025 return; 1026 } 1027 1028 trace.func = self_addr; 1029 trace.depth = current->curr_ret_stack + 1; 1030 1031 /* Only trace if the calling function expects to */ 1032 if (!ftrace_graph_entry(&trace)) { 1033 *parent = old; 1034 return; 1035 } 1036 1037 if (ftrace_push_return_trace(old, self_addr, &trace.depth, 1038 frame_pointer, parent) == -EBUSY) { 1039 *parent = old; 1040 return; 1041 } 1042 } 1043 #endif /* CONFIG_FUNCTION_GRAPH_TRACER */ 1044