| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Aug 2013 13:54:22 +0200 From: Robert Richter <rric@...nel.org> To: Vince Weaver <vincent.weaver@...ne.edu> Cc: Borislav Petkov <bp@...en8.de>, Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...nel.org>, Arnaldo Carvalho de Melo <acme@...radead.org>, Jiri Olsa <jolsa@...hat.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH v3 12/12] [RFC] perf, persistent: ioctl functions to control persistency On 23.08.13 17:08:11, Vince Weaver wrote: > On Fri, 23 Aug 2013, Borislav Petkov wrote: > > > Maybe this makes it more understandable for you but this is beside the > > point. > > Understandability doesn't matter? I agree with Vince on this, the naming should be intuitive. Esp. since 'attach' is used in tracing in different context, we should avoid using the term here for less confusion. I got another idea for this, what about UNCLAIM and CLAIM? It is exactly, what it is. A process unclaims an event telling it doesn't care anymore. Another process comes and claims the event, meaning the process wants the event no longer to be shared with others and being released after closing. > > But I have to say the reversed thing above does sound confusing, now > > that I'm looking at the code. Actually, at the time we discussed this, > > my idea was to do it like this: > > > > 1. we open a perf event and get its file descriptor > > 2. ioctl ATTACH to it so that it is attached to the process. > > > > ... do some tracing and collecting and fiddling... You don't need to attach to a persistent event, you can just use the event with perf_event_open, mmap, close. > > 3. ioctl DETACH from it so that it is "forked in the background" so to > > speak, very similar to a background job in the shell. With 'detach' we move the event into the 'background' so that it is still available after opening. > Would it make sense to actually fork a kernel thread that "owns" the > event? There is no need for a kernel thread, there is nothing to do. We just increase the refcount so that the event is not destroyed. > The way it is now events can "get loose" if either the user > forgets about them or the tool that opened them crashes, and it's > impossible to kill these events with normal tools. You possibly > wouldn't even know one was running (except you'd have one fewer > counter to work with) unless you poked around under /sys. As boris said, there could be some sort of 'kill' tool for events. That's what we need sysfs for, it tells which events are running. > > 4. The rest of the code continues and deallocates the event *BUT* (and > > this is the key thing!) the counter/tracepoint remains operational in > > the kernel, running all the time. The event remains operational esp. after closing it or killing/ terminating the process owning it. > > 5. Now, after a certain point, you come back and ioctl ATTACH to this > > already opened event and read/collect its buffers again. -Robert -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists