lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090619123504.GB18428@Krystal>
Date:	Fri, 19 Jun 2009 08:35:04 -0400
From:	Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca>
To:	Frederic Weisbecker <fweisbec@...il.com>
Cc:	Jason Baron <jbaron@...hat.com>, linux-kernel@...r.kernel.org,
	mingo@...e.hu, laijs@...fujitsu.com, rostedt@...dmis.org,
	peterz@...radead.org, jiayingz@...gle.com, bligh@...gle.com,
	roland@...hat.com, fche@...hat.com
Subject: Re: [PATCH 4/7] add syscall tracepoints

* Frederic Weisbecker (fweisbec@...il.com) wrote:
> On Fri, Jun 12, 2009 at 05:24:54PM -0400, Jason Baron wrote:
> > 
> > add two tracepoints in syscall exit and entry path, conditioned on
> > TIF_SYSCALL_FTRACE. Supports the syscall trace event code.
> > 
> > 
> > Signed-off-by: Jason Baron <jbaron@...hat.com>
> > 
> > ---
> >  arch/x86/kernel/ptrace.c |    6 ++++--
> >  include/trace/syscall.h  |   18 ++++++++++++++++++
> >  kernel/tracepoint.c      |   38 ++++++++++++++++++++++++++++++++++++++
> >  3 files changed, 60 insertions(+), 2 deletions(-)
> > 
> > diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
> > index 09ecbde..1c7301a 100644
> > --- a/arch/x86/kernel/ptrace.c
> > +++ b/arch/x86/kernel/ptrace.c
> > @@ -36,6 +36,8 @@
> >  #include <asm/ds.h>
> >  
> >  #include <trace/syscall.h>
> > +DEFINE_TRACE(syscall_enter);
> > +DEFINE_TRACE(syscall_exit);
> >  
> >  #include "tls.h"
> >  
> > @@ -1498,7 +1500,7 @@ asmregparm long syscall_trace_enter(struct pt_regs *regs)
> >  		ret = -1L;
> >  
> >  	if (unlikely(test_thread_flag(TIF_SYSCALL_FTRACE)))
> > -		ftrace_syscall_enter(regs);
> > +		trace_syscall_enter(regs, regs->orig_ax);
> >  
> >  	if (unlikely(current->audit_context)) {
> >  		if (IS_IA32)
> > @@ -1524,7 +1526,7 @@ asmregparm void syscall_trace_leave(struct pt_regs *regs)
> >  		audit_syscall_exit(AUDITSC_RESULT(regs->ax), regs->ax);
> >  
> >  	if (unlikely(test_thread_flag(TIF_SYSCALL_FTRACE)))
> > -		ftrace_syscall_exit(regs);
> > +		trace_syscall_exit(regs, regs->ax);
> >  
> >  	if (test_thread_flag(TIF_SYSCALL_TRACE))
> >  		tracehook_report_syscall_exit(regs, 0);
> > diff --git a/include/trace/syscall.h b/include/trace/syscall.h
> > index 8cfe515..d5d8310 100644
> > --- a/include/trace/syscall.h
> > +++ b/include/trace/syscall.h
> > @@ -2,6 +2,24 @@
> >  #define _TRACE_SYSCALL_H
> >  
> >  #include <asm/ptrace.h>
> > +#include <linux/tracepoint.h>
> > +
> > +extern void syscall_regfunc(void);
> > +extern void syscall_unregfunc(void);
> > +
> > +DECLARE_TRACE_REG(syscall_enter,
> > +	TP_PROTO(struct pt_regs *regs, long id),
> > +	TP_ARGS(regs, id),
> > +	syscall_regfunc,
> > +	syscall_unregfunc
> > +);
> > +
> > +DECLARE_TRACE_REG(syscall_exit,
> > +	TP_PROTO(struct pt_regs *regs, long ret),
> > +	TP_ARGS(regs, ret),
> > +	syscall_regfunc,
> > +	syscall_unregfunc
> > +);
> >  
> >  /*
> >   * A syscall entry in the ftrace syscalls array.
> > diff --git a/kernel/tracepoint.c b/kernel/tracepoint.c
> > index 1ef5d3a..5b34ff9 100644
> > --- a/kernel/tracepoint.c
> > +++ b/kernel/tracepoint.c
> 
> 
> 
> At a first glance I wasn't sure tracepoint.c is the right
> place for these.
> But indeed putting those two callbacks here avoids any
> dependency to the syscall tracer when someone else needs
> the syscall tracepoints.
> 
> Well, I guess we can keep them there.
> 
> 
> 
> > @@ -24,6 +24,7 @@
> >  #include <linux/tracepoint.h>
> >  #include <linux/err.h>
> >  #include <linux/slab.h>
> > +#include <linux/sched.h>
> >  
> >  extern struct tracepoint __start___tracepoints[];
> >  extern struct tracepoint __stop___tracepoints[];
> > @@ -577,3 +578,40 @@ static int init_tracepoints(void)
> >  __initcall(init_tracepoints);
> >  
> >  #endif /* CONFIG_MODULES */
> > +
> > +DEFINE_MUTEX(regfunc_mutex);
> > +int sys_tracepoint_refcount;
> 
> 
> Looks like regfunc_mutex is only there to protect
> sys_tracepoint_refcount. May be you can just make it atomic_t?
> 

Nope, regfunc_mutex makes sure there is no disable/enable occuring
concurrently. They only take a tasklist read lock, so they can happen
concurrently if it wasn't for the regfunc_mutex.

Unless I'm missing something totally obvious about the refcount, the
mutex is needed, and there is no need to go for an atomic type in this
case.

Thanks,

Mathieu

> Thanks,
> Frederic.
> 
> 
> > +
> > +void syscall_regfunc(void)
> > +{
> > +	unsigned long flags;
> > +	struct task_struct *g, *t;
> > +
> > +	mutex_lock(&regfunc_mutex);
> > +	if (!sys_tracepoint_refcount) {
> > +		read_lock_irqsave(&tasklist_lock, flags);
> > +		do_each_thread(g, t) {
> > +			set_tsk_thread_flag(t, TIF_SYSCALL_FTRACE);
> > +		} while_each_thread(g, t);
> > +		read_unlock_irqrestore(&tasklist_lock, flags);
> > +	}
> > +	sys_tracepoint_refcount++;
> > +	mutex_unlock(&regfunc_mutex);
> > +}
> > +
> > +void syscall_unregfunc(void)
> > +{
> > +	unsigned long flags;
> > +	struct task_struct *g, *t;
> > +
> > +	mutex_lock(&regfunc_mutex);
> > +	sys_tracepoint_refcount--;
> > +	if (!sys_tracepoint_refcount) {
> > +		read_lock_irqsave(&tasklist_lock, flags);
> > +		do_each_thread(g, t) {
> > +			clear_tsk_thread_flag(t, TIF_SYSCALL_FTRACE);
> > +		} while_each_thread(g, t);
> > +		read_unlock_irqrestore(&tasklist_lock, flags);
> > +	}
> > +	mutex_unlock(&regfunc_mutex);
> > +}
> > -- 
> > 1.6.0.6
> > 
> 

-- 
Mathieu Desnoyers
OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F  BA06 3F25 A8FE 3BAE 9A68
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ