| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060923155006.GA27012@Krystal> Date: Sat, 23 Sep 2006 11:50:06 -0400 From: Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca> To: Ingo Molnar <mingo@...e.hu> Cc: Theodore Tso <tytso@....edu>, Nicholas Miell <nmiell@...cast.net>, Paul Mundt <lethal@...ux-sh.org>, linux-kernel <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...hat.com>, Jes Sorensen <jes@....com>, Andrew Morton <akpm@...l.org>, Tom Zanussi <zanussi@...ibm.com>, Richard J Moore <richardj_moore@...ibm.com>, "Frank Ch. Eigler" <fche@...hat.com>, Michel Dagenais <michel.dagenais@...ymtl.ca>, Christoph Hellwig <hch@...radead.org>, Greg Kroah-Hartman <gregkh@...e.de>, Thomas Gleixner <tglx@...utronix.de>, William Cohen <wcohen@...hat.com>, "Martin J. Bligh" <mbligh@...igh.org> Subject: Re: LTTng and SystemTAP (Everyone who is scared to read this huge thread, skip to here) * Ingo Molnar (mingo@...e.hu) wrote: > > * Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca> wrote: > > > > Some of the extensive hooking you do in LTT could be aleviated to a > > > great degree if you used dynamic probes. For example the syscall > > > entry hackery in LTT looks truly scary. > > > > Yes, agreed. The last time I checked, I thought about moving this > > tracing code to the syscall_trace_entry/exit (used for security hooks > > and ptrace if I remember well). I just didn't have the time to do it > > yet. > > correct, that's where all such things (auditing, seccomp, ptrace, > sigstop, freezing, etc.) hook into. Much (all?) of the current entry.S > hacks can go away in favor of a much easier .c patch to > do_syscall_trace() and this would reduce a significantion portion of the > present intrusiveness of LTTng. > Hi Ingo, The only problem with do_syscall_trace is that it is only called at the beginning of the system call. LTT also needs a marker at the end of the system call to know when the control went back to user space. Any idea of a nice location (in C code preferably) for such a marker ? Mathieu OpenPGP public key: http://krystal.dyndns.org:8080/key/compudj.gpg Key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists