This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[RFC][Patch 0/2][take2]kprobe: kprobe-booster against 2.6.14-mm1 for i386
- From: Masami Hiramatsu <hiramatu at sdl dot hitachi dot co dot jp>
- To: systemtap at sources dot redhat dot com
- Cc: Masami Hiramatsu <hiramatu at sdl dot hitachi dot co dot jp>, Yumiko Sugita <sugita at sdl dot hitachi dot co dot jp>, Satoshi Oshima <soshima at redhat dot com>, Hideo Aoki <haoki at redhat dot com>
- Date: Mon, 28 Nov 2005 23:28:59 +0900
- Subject: [RFC][Patch 0/2][take2]kprobe: kprobe-booster against 2.6.14-mm1 for i386
- References: <43870DDB.8020306@sdl.hitachi.co.jp>
Hi,
I’m sorry. I found some mistakes in the previous patches.
So, I fixed those mistakes, and retake them in next mails.
Masami Hiramatsu wrote:
> What kinds of instructions can be executed directly or not?
> - Call instructions are NG. We should correct the return
> address pushed into top of stack.
> - Indirect instructions except for absolute indirect-jumps
> are NG. Those instructions changes EIP randomly. We should
> check EIP and correct it.
> - Instructions that change EIP beyond the range of the
> instruction buffer are NG.
> - Instructions that change EIP to tail 5 bytes of the
> instruction buffer (it is the size of a jump instruction).
> We must write a jump instruction which backs to original
> kernel code in the instruction buffer.
> - Break point instruction is NG. We should not touch EIP and
> pass to other handlers.
> - Absolute direct/indirect jumps are OK.
- Conditional Jumps are NG.
- Halt and software-interruptions are NG. Because it will stay on the
instruction buffer of kprobes.
- Prefixes are NG.
- Unknown/reserved opcode is NG.
- Other 1 byte instructions are OK. But those instructions need a
jump back code.
- 2 bytes instructions are mapped sparsely. So, in this release,
this patch don’t boost those instructions.
From Intel’s IA-32 opcode map described in IA-32 Intel
Architecture Software Developer’s Manual Vol.2 B,
I determined that following opcodes are not boostable.
- 0FH (2byte escape)
- 70H - 7FH (Jump on condition)
- 9AH (Call) and 9CH (Pushf)
- C0H-C1H (Grp 2: includes reserved opcode)
- C6H-C7H (Grp11: includes reserved opcode)
- CCH-CEH (Software-interrupt)
- D0H-D3H (Grp2: includes reserved opcode)
- D6H (Reserved)
- D8H-DFH (Coprocessor)
- E0H-E3H (loop/conditional jump)
- E8H (Call)
- F0H-F3H (Prefixes and reserved)
- F4H (Halt)
- F6H-F7H (Grp3: includes reserved opcode)
- FEH-FFH(Grp4,5: includes reserved opcode)
Kprobe-booster checks whether target instruction can
be boost (executed directly) at arch_copy_kprobe()
function. If the target instruction can be boost, it
clears "boostable" flag. If not, it sets "boostable"
flag -1. This is disabled status.
In resume_execution() function, If "boostable" flag is
cleared, kprobe-booster measures the size of the target
instruction and sets “boostable” flag 1.
In kprobe_handler(), kprobe checks the "boostable" flag.
If the flag is 1, it resets current kprobe and executes
instruction buffer directly instead of single stepping.
Best Regards,
--
Masami HIRAMATSU
2nd Research Dept.
Hitachi, Ltd., Systems Development Laboratory
E-mail: hiramatu@sdl.hitachi.co.jp