lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 15 Feb 2010 11:57:31 -0500
From:	Masami Hiramatsu <mhiramat@...hat.com>
To:	Ingo Molnar <mingo@...e.hu>
CC:	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, Steven Rostedt <rostedt@...dmis.org>,
	Fr??d??ric Weisbecker <fweisbec@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Arnaldo Carvalho de Melo <acme@...hat.com>
Subject: Re: [GIT PULL] tracing fixes

Ingo Molnar wrote:
> 
> * Masami Hiramatsu <mhiramat@...hat.com> wrote:
> 
>> Hi Ingo,
>>
>> Could you push this commit too?
>>
>> 5ecaafdbf44b1ba400b746c60c401d54c7ee0863
>> kprobes: Add mcount to the kprobes blacklist
>>
>> Since this bug can be easily reproduced with kprobe-tracer.
> 
> Ok, i've cherry-picked it into urgent.
> 
> I'm wondering, how complete is the kprobes blacklist? You can test it by 
> putting a probe on every single function in the system via something like:
> 
>   for N in $(cut -d' ' -f3 /proc/kallsyms  | cut -f1); do
>     perf probe $N
>     perf probe -d $N
>   done

Yeah, something like that, and I used kprobe stress test tool which
I attached for that :)

 From http://lkml.org/lkml/2009/8/13/497
---
Usage
-----
   kprobestest [-s SYMLIST] [-b BLACKLIST] [-w WHITELIST]
      Run stress test. If SYMLIST file is specified, use it as
      an initial symbol list (This is useful for verifying white list
      after diagnosing all symbols).
   kprobestest cleanup
      Cleanup all lists


How to Work
-----------
This tool list up all symbols in the kernel via /proc/kallsyms, and sorts
it into groups (each of them including 64 symbols in default). And then,
it tests each group by using kprobe-tracer. If a kernel crash occurred,
that group is moved into 'failed' dir. If the group passed the test, this
script moves it into 'passed' dir and saves kprobe_profile into
'passed/profiles/'.
After testing all groups, all 'failed' groups are merged and sorted into
smaller groups (divided by 4, in default). And those are tested again.
This loop will be repeated until all group has just 1 symbol.
Finally, the script sorts all 'passed' symbols into 'tested', 'untested',
and 'missed' based on profiles.


Note
----
  - This script just gives us some clues to the blacklisted functions.
    In some cases, a combination of probe points will cause a problem, but
    each of them doesn't cause the problem alone.
---

Thank you,

-- 
Masami Hiramatsu

Software Engineer
Hitachi Computer Products (America), Inc.
Software Solutions Division

e-mail: mhiramat@...hat.com


View attachment "kprobestest" of type "text/plain" (4956 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ