| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 30 Jan 2010 12:49:10 -0500 From: Steven Rostedt <rostedt@...dmis.org> To: Ingo Molnar <mingo@...e.hu> Cc: Ananth N Mavinakayanahalli <ananth@...ibm.com>, Jim Keniston <jkenisto@...ibm.com>, Stephen Rothwell <sfr@...b.auug.org.au>, Kyle Moffett <kyle@...fetthome.net>, Arnaldo Carvalho de Melo <acme@...hat.com>, Peter Zijlstra <peterz@...radead.org>, Fr??d??ric Weisbecker <fweisbec@...il.com>, Oleg Nesterov <oleg@...hat.com>, LKML <linux-kernel@...r.kernel.org>, Tom Tromey <tromey@...hat.com>, "Frank Ch. Eigler" <fche@...hat.com>, linux-next@...r.kernel.org, "H. Peter Anvin" <hpa@...or.com>, utrace-devel@...hat.com, Linus Torvalds <torvalds@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de> Subject: Re: linux-next: add utrace tree On Fri, 2010-01-29 at 08:42 +0100, Ingo Molnar wrote: > * Ananth N Mavinakayanahalli <ananth@...ibm.com> wrote: > > > On Thu, Jan 28, 2010 at 09:55:02AM +0100, Ingo Molnar wrote: > > > > ... > > > > > Lets compare the two cases via a drawing. Your current uprobes submission > > > does: > > > > > > [kernel] do probe thing single-step trap > > > ^ | ^ | > > > | v | v > > > [user] INT3 XOL-ins next ins-stream > > > > > > ( add the need for serialization to make sure the whole single-step thing > > > does not get out of sync with reality. ) > > > > > > And emulator approach would do: > > > > > > [kernel] emul-demux-fastpath, do probe thing > > > ^ | > > > | v > > > [user] INT3 next ins-stream > > > > > > far simpler conceptually, and faster as well, because it's one kernel entry. > > > > Ingo, > > > > Yes, conceptually, emulation is simpler. In fact, it may even be the > > right thing to do from a housekeeping POV if gdb were enabled to use > > breakpoint assistance in the kernel. However... emulation is not > > easy. Just quoting Peter Anvin: > > > > > On the more general rule of interpretation: I'm really concerned about > > > having a bunch of partially-capable x86 interpreters all over the > > > kernel. x86 is *hard* to emulate, and it will only get harder as the > > > architecture evolves. > > > > > > -hpa > > This is obviously true for a full emulator. Except for the fact that: > > > Yes, I know you suggested we start with a small subset. > > and for the fact that we already have emulators in the kernel. But this would be emulating userspace instructions, correct? The kernel is limited to what instructions it can perform, no floating point for example (of course there are some exceptions). But generally, the instructions in the kernel should be easier to emulate than in userspace. Userspace is free to do any wacky thing it wants. Will this limit the ability to probe apps that take advantage of some strange op code that the user knows is available on their platform? -- Steve > > Plus we _already_ need to decode instructions for safe kprobing and have the > code for that upstream. So it's not like we can avoid decoding the > instructions. (and emulating certain instruction patterns is really just a > natural next step of a good decoder.) -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists