lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20081022094033.GA18510@csn.ul.ie>
Date:	Wed, 22 Oct 2008 10:41:14 +0100
From:	mel@...net.ie (Mel Gorman)
To:	Albert Cahalan <acahalan@...il.com>
Cc:	adobriyan@...il.com, kosaki.motohiro@...fujitsu.com,
	linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 0/2] Report the size of pages backing VMAs in /proc V3

On Mon, Oct 20, 2008 at 02:07:28PM -0400, Albert Cahalan wrote:
> On Mon, Oct 20, 2008 at 6:06 AM, Mel Gorman <mel@....ul.ie> wrote:
> > On (20/10/08 05:18), Albert Cahalan didst pronounce:
> 
> >> Looping on stat() while chopping off suspected tags is dreadful.
> >> Besides just being gross, it's slow.
> >
> > You're probably right. It's a bit weird that it's what you have to do to
> > figure out if the file in /proc/PID/maps is really there or not.
> 
> Actually you can't do this, because of directory permissions.
> 

Good point.

> >> Obviously, every author of a /proc-based tool has been forced to
> >> take a random guess at the ABI. The /proc/*/smaps is so gross and
> >> that I put off writing a parser for years.
> >
> > I intend to take a stab at it for the purposes of teaching pmap to print
> > the pagesizes if the smaps change gets picked up.
> 
> FYI, "KernelPageSize" is at least unique under the perfect
> hash function I'm using to parse the damn smaps file.
> 
> hash = ( ( (s[8]&15) + (s[1]&15) ) ^ (s[0]&3) ) & 31;
> 

Good to know.

> I have to wonder if we'll be getting mixed page sizes
> within a single mapping, making such info unusable.
> 

It's not planned right now, but even if it is, KernelPageSize would
remain as the intended page size. VMAs would either split around each
mixed page size in which case there will be separate VMAs or an
additional field will be added that indicates what number of each
pagesize makes up the mapping.

> >> Right before the filename, you can add anything except a '/'.
> >> You could add a few columns of numbers or a second flags field.
> >
> > My fear was about parsers that hard-coded what number field stored the
> > filename. If a column was added for pagesize for example, then parsers
> > would think the pagesize was the filename.
> 
> It's possible. Every parser I've examined does strchr()
> or similar to find that '/' character.
> 

I might be the only criminal. A mucky shell script used awk to display
field X and everything past it to find the filename. A more rational
person would have used strchr or found the first / with cut or similar.

> Maybe try some dummy patches in a linux-next kernel?
> Give each one a month. You could do "xyz" concatenated
> to the flags, a second "rwx" concatenated to the flags,
> a single column of "0" before the filename, and several
> columns of "parsertest" before the filename.
> 

That sounds reasonable.

> > Now, that is an interested idea, albeit it's not one that is easily
> > human-readable and would need a second parser like pmap but that's ok. If
> > parsing smaps turns into a total pain in the ass
> 
> I assure you that parsing smaps is a total pain in the ass,
> especially if you want tolerable performance. Something
> like "top" is not viable if it performs like a Python script.
> 

I had assumed that smaps + performance were mutually exclusive because
of the PSS calculation and any active monitoring from something like top
would blow bigtime. That's why I tried modifying maps as well.

> >> BTW, I'm thinking that the /proc/*/*maps files fail when the
> >> lines exceed 4096 bytes. The pathname may legitimately be that
> >> long, plus it can be backslash escaped, plus there is all the
> >> junk on the beginning.
> >
> > Yes. While it's unlikely to be exceeded, a file could be 4096 bytes long
> > and the other fields will then cause a problem. It was because of things
> > like this, I was ok with dropping the idea of adding (attribute[=value])
> > from the end of the filename.
> 
> "unlikely" is not something one should trust. I think you
> can even get a name longer than 4096 bytes if you make
> directories relative to the current directory and keep
> changing directories as you make the directories.
> Then double that with backslashes becoming \\ or
> newlines becoming \n (must be escaped) in the output.
> 
> I think /proc/*/maps has been broken ever since it was
> converted to seq_file, and maybe ever since it got filenames.
> Prior to the filenames, lines were fixed-width records.
> 

You could be right. Only one way to find out for sure really.

-- 
Mel Gorman
Part-time Phd Student                          Linux Technology Center
University of Limerick                         IBM Dublin Software Lab
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ