lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 11 Aug 2009 14:01:36 +0200
From:	Frederic Weisbecker <fweisbec@...il.com>
To:	Ingo Molnar <mingo@...e.hu>
Cc:	Jason Baron <jbaron@...hat.com>, linux-kernel@...r.kernel.org,
	laijs@...fujitsu.com, rostedt@...dmis.org, peterz@...radead.org,
	mathieu.desnoyers@...ymtl.ca, jiayingz@...gle.com,
	mbligh@...gle.com, lizf@...fujitsu.com
Subject: Re: [PATCH 08/12] add trace events for each syscall entry/exit

On Tue, Aug 11, 2009 at 01:45:12PM +0200, Ingo Molnar wrote:
> 
> * Frederic Weisbecker <fweisbec@...il.com> wrote:
> 
> > > +struct trace_event event_syscall_enter = {
> > > +	.trace			= print_syscall_enter,
> > > +	.type			= TRACE_SYSCALL_ENTER
> > > +};
> > > +
> > > +struct trace_event event_syscall_exit = {
> > > +	.trace			= print_syscall_exit,
> > > +	.type			= TRACE_SYSCALL_EXIT
> > > +};
> > > -- 
> > > 1.6.2.5
> > > 
> > 
> > Nice.
> > 
> > It's a bit too bad that enter and exit must be that separated 
> > whereas their callbacks are pretty the same.
> > 
> > But I guess if we want to nicely decouple both, we don't have the 
> > choice.
> 
> Yeah - and enter and exit are different, in terms of state.
> 
> One thing that would be nice in the future (as an add-on - this 
> patch-set looks useful already) is to allow the sampling of user 
> register state as well via these tracepoints. That way we'd have a 
> much faster (and completely transparent) implementation of strace in 
> essence, with unique features such as system-wide or per cpu 
> strace-ing.
> 
> 	Ingo


Indeed, a missing piece is the syscall record sampling with registers.
Actually, IMO the registers themselves are not the right piece to export
to perfcounter. It's too low-level.

What we need are the fetched arguments, because a lot of them are adresses
(even user adresses), pretty useless for perf tools.

We can already and easily implement that simple args, like we do for ftrace.
That's pretty trivial.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ