lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 21 Mar 2015 09:02:54 -0700
From:	Alexei Starovoitov <ast@...mgrid.com>
To:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
CC:	Ingo Molnar <mingo@...nel.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Namhyung Kim <namhyung@...nel.org>,
	Arnaldo Carvalho de Melo <acme@...radead.org>,
	Jiri Olsa <jolsa@...hat.com>,
	"David S. Miller" <davem@...emloft.net>,
	Daniel Borkmann <daniel@...earbox.net>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	linux-api@...r.kernel.org, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v9 tip 3/9] tracing: attach BPF programs to kprobes

On 3/21/15 5:14 AM, Masami Hiramatsu wrote:
> (2015/03/21 8:30), Alexei Starovoitov wrote:
>>
>> Note, kprobes are _not_ a stable kernel ABI, so bpf programs attached to
>> kprobes must be recompiled for every kernel version and user must supply correct
>> LINUX_VERSION_CODE in attr.kern_version during bpf_prog_load() call.
>>
> 
> Would you mean that the ABI of kprobe-based BPF programs? Kprobe API/ABIs
> (register_kprobe() etc.) are stable, but the code who use kprobes certainly
> depends the kernel binary by design. So, if you meant it, BPF programs must
> be recompiled for every kernel binaries (including configuration changes,
> not only its version).

yes. I mainly meant that bpf+kprobe programs must be recompiled
for every kernel binary.
But you're incorrect saying that register_kprobe API is stable.
It's equally kernel dependent.
register_kprobe(struct kprobe *p) is export_gpl, but it takes
kernel internal 'struct kprobe' and it's not declared in uapi header.
Prototype of kprobe_handler_t is also kernel internal, so whoever
is using kprobes must recompile their code every time.
If we want, we can change register_kprobe function name to something
else. Just like kernel modules cannot expect that exported symbols
will stay around from version to version. We don't care when we
break out of tree modules.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ