[PATCH v7 08/14] x86/ftrace: Use text_poke_*() infrastructure
Nadav Amit
namit at vmware.com
Thu Dec 6 00:06:30 UTC 2018
> On Dec 4, 2018, at 5:34 PM, Nadav Amit <namit at vmware.com> wrote:
>
> A following patch is going to make module allocated memory
> non-executable. This requires to modify ftrace and make the memory
> executable again after it is configured.
>
> In addition, this patch makes ftrace use the general text poking
> infrastructure instead ftrace's homegrown text patching. This provides
> the advantages of having slightly "safer" code patching and avoiding
> races with module removal or other mechanisms that patch the kernel
> code.
>
> Cc: Steven Rostedt <rostedt at goodmis.org>
> Signed-off-by: Nadav Amit <namit at vmware.com>
> ---
> arch/x86/kernel/ftrace.c | 74 +++++++++++++---------------------------
> 1 file changed, 23 insertions(+), 51 deletions(-)
Steven Rostedt pointed that using text_poke() instead of
probe_kernel_write() would introduce considerable overheads. Running:
# time { echo function > current_tracer; }
takes 0.24s without this patch and 0.7s with. I don’t know whether to
consider it “so bad”. Obviously we can introduce a batching mechanism and/or
do some micro-optimization (the latter will not buy us much though).
Anyhow, in the meanwhile Steven asked that we’ll leave out the changes in
this patch-set, excluding the set_memory_x() that we need after calling
module_alloc(), and consider them later.
More information about the Linux-security-module-archive
mailing list