lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 17 Jan 2012 15:52:32 +0530
From:	Srikar Dronamraju <srikar@...ux.vnet.ibm.com>
To:	Ingo Molnar <mingo@...e.hu>
Cc:	Jiri Olsa <jolsa@...hat.com>,
	Arnaldo Carvalho de Melo <acme@...hat.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Oleg Nesterov <oleg@...hat.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Linux-mm <linux-mm@...ck.org>, Andi Kleen <andi@...stfloor.org>,
	Christoph Hellwig <hch@...radead.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Roland McGrath <roland@...k.frob.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>,
	Arnaldo Carvalho de Melo <acme@...radead.org>,
	Anton Arapov <anton@...hat.com>,
	Ananth N Mavinakayanahalli <ananth@...ibm.com>,
	Jim Keniston <jkenisto@...ux.vnet.ibm.com>,
	Stephen Rothwell <sfr@...b.auug.org.au>
Subject: Re: [PATCH v9 3.2 7/9] tracing: uprobes trace_event interface

> > 
> > and commands like:
> >         perf record -a -e probe_libc:free  --filter "common_pid == 1127"
> >         perf record -e probe_libc:free --filter "arg1 == 0xa" ls
> > 
> > got me proper results.
> 
> Btw., Srikar, if that's the primary UI today then we'll need to 
> make it a *lot* more user-friendly than the above usage 
> workflow.
> 
> In particular this line:
> 
> >         echo "p:probe_libc/free /lib64/libc-2.13.so:0x7a4f0 %ax" > ./uprobe_events
> 
> is not something a mere mortal will be able to figure out.

Agree, perf probe is the primary interface to use uprobes.

> 
> There needs to be perf probe integration, that allows intuitive 
> usage, such as:
> 
>    perf probe add libc:free

Current usage is like perf probe -x <executable> -a <func1> -a <func2>
So we could use
perf probe -x /lib64/libc.so.6 free

or 
perf probe -x /lib64/libc.so.6 -a free -a malloc -a strcpy

The -x option helps perf to identify  that its a user space based probing.
This currently restricts that all probes defined per "perf probe"
invocation to just one executable. This usage was suggested by Masami.

Earlier we used perf probe free@...b/libc.so.6 malloc@...b/libc.so.6
The objection for this was that perf was already using @ to signify
source file. Similarly : is already used for Relative line number.

This also goes with perf probe -F -x /lib64/libc.so to list the
available probes in libc.

> 
> Using the perf symbols code it should first search a libc*so DSO 
> in the system, finding say /lib64/libc-2.15.so. The 'free' 
> symbol is readily available there:

While I understand the ease of using a libc instead of the full path, I
think it does have few issues.
- Do we need to keep checking if the new files created in the system
  match the pattern and if they match the pattern, dynamically add the
  files?

- Also the current model helps if the user wants to restrict his trace
  to particular executable where there are more that one executable with
  the same name.

> 
>   aldebaran:~> eu-readelf -s /lib64/libc-2.15.so  | grep ' free$'
>   7186: 00000039ff47f080    224 FUNC    GLOBAL DEFAULT       12 free
> 
> then the tool can automatically turn that symbol information 
> into the specific probe.
> 

Given a function in an executable, we are 

> Will it all work with DSO randomization, prelinking and default 
> placement as well?

Works with DSO randomization, I havent tried with prelinking.  did you
mean http://en.wikipedia.org/wiki/Placement_syntax#Default_placement
when you said default placement?


> 
> Users should not be expected to enter magic hexa numbers to get 
> a trivial usecase going ...

yes, that why we dont allow perf probe -x /lib/libc.so.6 0x1234

> 
> this bit:
> 
> >         perf record -a -e probe_libc:free  --filter "common_pid == 1127"
> >         perf record -e probe_libc:free --filter "arg1 == 0xa" ls
> 
> looks good and intuitive and 'perf list' should list all the 
> available uprobes.

Currently "perf probe -F -x /bin/zsh" lists all available functions in
zsh. perf probe --list has been enhanced to show uprobes that are
already registered.

Similar to kprobes based probes, available user space probes are not
part of "perf list".
> 
> Thanks,
> 
> 	Ingo
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ