lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 15 Jan 2015 17:10:40 +1100
From:	Michael Ellerman <mpe@...erman.id.au>
To:	Steven Rostedt <rostedt@...dmis.org>
Cc:	linux-kernel@...r.kernel.org, mingo@...hat.com,
	paulmck@...ux.vnet.ibm.com, Andrew Morton <akpm@...l.org>,
	tglx@...utronix.de, mathieu.desnoyers@...icios.com,
	xiakaixu@...wei.com
Subject: Re: [PATCH] tracing: Allow raw_syscall tracepoints to work from boot

On Wed, 2015-01-14 at 13:03 -0500, Steven Rostedt wrote:
> On Wed, 14 Jan 2015 09:35:17 +1100
> Michael Ellerman <mpe@...erman.id.au> wrote:
> 
> > In commit 5f893b2639b2 "tracing: Move enabling tracepoints to just after
> > rcu_init()", tracing was enabled earlier in boot.
> > 
> > This broke tracing of the raw_syscall tracepoints from boot using the
> > trace_event kernel parameter.
> > 
> > We can fix it by explicitly setting TIF_SYSCALL_TRACEPOINT for the
> > init_task. That way when pid 1 is cloned from init_task it will inherit
> > TIF_SYSCALL_TRACEPOINT.
> 
> I don't like setting the swap task flag for syscall tracing, as nothing
> will unset it.

We could unset it in the unregfunc(), I did that in my original patch but took
it out because I wasn't sure it was necessary.

> > It feels a bit naughty to be whacking init_task like this, but it also
> > seems like the right fix?
> 
> No, I tried the following instead.
> 
> > Should we also clear it in the unregfunc? I can't see how that would
> > ever be needed in practice?
> 
> It just seems hacky to set swapper in the first place.

Actually I thought it was neat, basically everything else comes from init_task
via copy_process().
 
> Try my patch and let me know if it works for you?

Sure. It works.

I can still see the first syscalls in the trace:

    # entries-in-buffer/entries-written: 1021354/1021354   #P:8
    #
    #                              _-----=> irqs-off
    #                             / _----=> need-resched
    #                            | / _---=> hardirq/softirq
    #                            || / _--=> preempt-depth
    #                            ||| /     delay
    #           TASK-PID   CPU#  ||||    TIMESTAMP  FUNCTION
    #              | |       |   ||||       |         |
                init-1     [000] ....     3.706370: sys_exit: NR -1 = 0
                init-1     [000] ....     3.706394: sys_enter: NR 45 (0, 0, 3fffa2e20000, 3fffcfd4eac2, 80, 3fffa2e61820)
                init-1     [000] ....     3.706395: sys_exit: NR 45 = 70367490932736
                init-1     [000] ....     3.706409: sys_enter: NR 33 (3fffa2e694d0, 0, 3fffa2e7be20, 0, 1, ffffffffe0000000)
                init-1     [000] ....     3.713325: sys_exit: NR 33 = -2
    

I like my version better, but your call.

cheers



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists