Please help, I want kprobe.multi support on arm64, but regs is replaced by args

Jackie Liu liu.yun at linux.dev
Tue Jun 27 17:50:58 PDT 2023 

Hi, Masami.

在 2023/6/28 01:06, Masami Hiramatsu (Google) 写道:
> Hi Jackie,
> 
> That is actiall what I'm working on now :)
> 
> Here is my previous implementation (but not applicable because now we need to
> remove kretprobe trampoline with it.)
> https://lore.kernel.org/all/164735287344.1084943.9787335632585653418.stgit@devnote2/
> 
> Let me explain my idea. I would like to replace the kretprobe with fprobe
> exit handler so that we can intgrate the function return hook with fgraph tracer.
> Currently fprobe entry/exit handler uses pt_regs, but I will replace it with
> ftrace_regs. And this means rethook has to work with ftrace_regs and it can not
> support kretprobes anymore on some arch (HAVE_RETHOOK but
>   !HAVE_DYNAMIC_FTRACE_WITH_REGS).
> 
> There are many good reasons, like;
> 
> - On some arch (e.g. arm64) can not emulate full pt_regs.
> - Saving full register on function entry/exit is not efficient.
> - Enabling both fgraph tracer and rethook are redundant.
> 
> This requires some changes on kprobe users like BPF and SystemTap, so I need to
> talk with them about
> 
> - Moving onto the fprobe to trace function entry/exit.
> - Using ftrace_regs API to access function argument and return value.
> 
> Anyway, I'll add CONFIG_DYNAMIC_FTRACE_WITH_REGS dependency to them until
> in-kernel stuffs are ready. It ensures ftrace_regs can be converted to
> pt_regs.

This is a great idea, thank you for your excellent work. We really need
it on arm64.

-- 
Jackie

> 
> I also introduced fprobe events, so I will send a series of patches how to do
> that (fprobe entry side has been done, working on rethook side).
> 
> Thank you,
> 
> 
> On Sun, 25 Jun 2023 16:27:44 +0800
> Jackie Liu <liu.yun at linux.dev> wrote:
> 
>> Hi, Mark Rutland and other developers.
>>
>> I am trying to implement the rethook of the arm64 platform, referring to
>> the code of other architectures, it can already run normally on the v6.1
>> branch, but after commit 26299b3f6ba2 ("ftrace: arm64: move from REGS to
>> ARGS"), regs is no longer supported, resulting in CONFIG_FPROBE is also
>> not supported (although RETHOOK is implemented). I try to revert the
>> patch, and kprobe.multi can be run correctly. Now, what should I do?
>> Should I roll back this patch or find a way to run fprobe without regs?
>>
>> Any help is welcome.
>>
>> --
>> Jackie Liu
> 
>

More information about the linux-arm-kernel mailing list