lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 06 May 2015 10:37:37 +0900
From:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
To:	He Kuang <hekuang@...wei.com>, ast@...mgrid.com,
	davem@...emloft.net, acme@...nel.org, mingo@...hat.com,
	a.p.zijlstra@...llo.nl, jolsa@...nel.org
CC:	wangnan0@...wei.com, lizefan@...nel.org,
	linux-kernel@...r.kernel.org, pi3orama@....com
Subject: Re: [RFC PATCH 0/6] perf bpf: Probing with local variable

On 2015/05/05 19:10, He Kuang wrote:
> This patch set is based on https://lkml.org/lkml/2015/4/30/264
> 
> By using bpf 'config' section like this:
> 
>   char _config2[] SEC("config") = "generic_perform_write=generic_perform_write+122 file->f_mapping->a_ops bytes offset";
>   SEC("generic_perform_write")
>   int NODE_generic_perform_write (struct pt_regs *ctx, void *a_ops, void *bytes, void* offset) {
>           char fmt[] = "NODE_generic_perform_write, a_ops=%p, bytes=%p, offset=%p\n";
>           bpf_trace_printk(fmt, sizeof(fmt), a_ops, bytes, offset);
>           return 1;
>   }
> 
> In this example, 'bytes' and 'offset' are local variables, a_ops is in
> the structure field of file parameter, and we probe in the body of the
> generic_perform_write() function.
> 
> Perf can fetch and convert all the arguments and then we translate them
> into bpf bytecode as a prologue before calling bpf body functions. In
> the prologue, we fetch arguments from bpf context register and place
> them according to bpf calling conventions so the body function can
> access them as formal parameters.
> 
> The perf command is as following:
> 
>   $ perf bpf -v bpf_bytecode.o
>   ...
>   bpf_prologue: insn num=26
>   (bf) r6 = r1
>   (79) r3 = *(u64 *)(r6 +112)
>   (07) r3 += 248
>   (b7) r1 = 0
>   (7b) *(u64 *)(r10 -8) = r1
>   (bf) r1 = r10
>   (07) r1 += -8
>   (b7) r2 = 8
>   (85) call 4
>   (79) r3 = *(u64 *)(r10 -8)
>   (07) r3 += 104
>   (b7) r1 = 0
>   (7b) *(u64 *)(r10 -8) = r1
>   (bf) r1 = r10
>   (07) r1 += -8
>   (b7) r2 = 8
>   (85) call 4
>   (79) r3 = *(u64 *)(r10 -8)
>   (bf) r7 = r3
>   (79) r3 = *(u64 *)(r6 +24)
>   (bf) r8 = r3
>   (79) r3 = *(u64 *)(r6 +88)
>   (bf) r9 = r3
>   (bf) r2 = r7
>   (bf) r3 = r8
>   (bf) r4 = r9

Hmm, this idea looks good to me, I need to learn what the bpf needs for review.
BTW, if it is so easily to compose the byte code in perf, can we do it in the
kernel too? I'd like to check the possibility of replacing the old fetch_arg
functions with these byte code for optimizing performance and reduce redundant
functionality. :)

Thank you,



-- 
Masami HIRAMATSU
Linux Technology Research Center, System Productivity Research Dept.
Center for Technology Innovation - Systems Engineering
Hitachi, Ltd., Research & Development Group
E-mail: masami.hiramatsu.pt@...achi.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ