From bdb059a29e601e98c2a81d2f90216db0b41f4bff Mon Sep 17 00:00:00 2001 From: Kris Van Hees Date: Tue, 13 Jun 2017 12:33:04 -0400 Subject: [PATCH] dtrace: FBT entry probes will now use int3 Due to some function prologues inserting an instruction between the push rbp and mov rsp,rbp instruction *and* that instruction being one that can validly take a LOCK profix (e.g. inc), it is not safe to continue using the LOCK prefix as a way to trigger an Invalid Opcode trap for FBT entry probes. The new trigger uses int3 (like the return probes already do). Orabug: 26190412 Orabug: 26174895 Signed-off-by: Kris Van Hees --- dtrace/fbt_x86_64.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/dtrace/fbt_x86_64.c b/dtrace/fbt_x86_64.c index 7b5611959fa5..dd3b1527654b 100644 --- a/dtrace/fbt_x86_64.c +++ b/dtrace/fbt_x86_64.c @@ -33,8 +33,14 @@ #include "dtrace_dev.h" #include "fbt_impl.h" -#define FBT_ENTRY_PATCHVAL 0xf0 +/* + * Use 0xf0 (LOCK Prefix) and X86_TRAP_UD for Invalid Opcode traps to be used. + * Use 0xcc (INT 3) and X86_TRAP_BP for Breakpoint traps to be used. + */ +#define FBT_ENTRY_PATCHVAL 0xcc +#define FBT_ENTRY_TRAP X86_TRAP_BP #define FBT_RETURN_PATCHVAL 0xcc +#define FBT_RETURN_TRAP X86_TRAP_BP static uint8_t fbt_invop(struct pt_regs *regs) { @@ -51,18 +57,18 @@ static uint8_t fbt_invop(struct pt_regs *regs) * the TLS thread key calculation. * * This is not pretty, but neither is the fact that - * int3 cause handlers to think they are called from + * int3 causes handlers to think they are called from * within an interrupt. */ this_cpu_core->cpu_dtrace_regs = regs; orig_ax = regs->orig_ax; if (fbp->fbp_roffset == 0) { - regs->orig_ax = X86_TRAP_UD; + regs->orig_ax = FBT_ENTRY_TRAP; dtrace_probe(fbp->fbp_id, regs->di, regs->si, regs->dx, regs->cx, regs->r8); } else { - regs->orig_ax = X86_TRAP_BP; + regs->orig_ax = FBT_RETURN_TRAP; dtrace_probe(fbp->fbp_id, fbp->fbp_roffset, regs->ax, 0, 0, 0); } -- 2.50.1