| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Apr 2008 08:32:34 -0400 From: Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca> To: Peter Zijlstra <a.p.zijlstra@...llo.nl> Cc: prasad@...ux.vnet.ibm.com, linux-kernel@...r.kernel.org, tglx@...utronix.de, mingo@...e.hu, Christoph Hellwig <hch@...radead.org>, "Frank Ch. Eigler" <fche@...hat.com> Subject: Re: [RFC PATCH 1/2] Marker probes in futex.c * Peter Zijlstra (a.p.zijlstra@...llo.nl) wrote: > On Tue, 2008-04-15 at 17:23 +0530, K. Prasad wrote: > > > + trace_mark(futex_wait_called, "uaddr:%p fshared:%p val:%u " > > + "abs_time:%p bitset:%d", > > + uaddr, fshared, val, abs_time, bitset); > > This is some seriuosly ugly looking gunk, why would we want stuff like > that scattered across the code? > I don't really see how it differs so much from printks, which kernel developers are already familiar with. > What is wrong with a few simple hooks like: > > trace_futex_wait(uaddr, fshares, val, abs_time, bitset); > > and then deal with that. > If any of your variable type changes, then you are exporting an unknown data structure to user-space. _That_ would break a userspace tracer whenever you change any of these kernel variables and you don't want that. Exporting the field names and variable types helps to identify the variables by their given names rather than their respective order. Having the field type insures binary compatibility. Clearly we can turn your trace_futex_wait(uaddr, fshares, val, abs_time, bitset); into a trace_mark() with a simple define, and I don't see any problem with that. I just want to make sure the event name, field names and field types are exported, and this is done by markers. However, I wonder why none of the kernel printk() are turned into specialized defines to make the code "cleaner".. maybe it's because it is useful to have everything declared in one spot after all. > Also, you seem to expose way too much futex internals; do you really > need that? People will go use this marker crap like ABI and further > restrain us from changing the code. > Because we extract the field names and types, we can create tracer plugins that would hook on field names rather than expect a specific number of fields and fixed field types. It makes it possible to tolerate missing fields pretty easily. But yes, tracer tools might have to be adapted to internal kernel changes, since they must follow kernel structure changes. However, staying as close as possible to a canonical representation of event fields, staying far from the specific implemetation, would help to lessen the inter-dependency. On the other hand, it would probably hurt trace compactness and efficiency. Mathieu > /me unhappy. > > > -- Mathieu Desnoyers Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists