lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 16 Oct 2010 00:58:02 +0200
From:	Frederic Weisbecker <fweisbec@...il.com>
To:	Stephane Eranian <eranian@...gle.com>
Cc:	Peter Zijlstra <peterz@...radead.org>,
	LKML <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>,
	Arnaldo Carvalho de Melo <acme@...hat.com>,
	Paul Mackerras <paulus@...ba.org>,
	Cyrill Gorcunov <gorcunov@...nvz.org>,
	Tom Zanussi <tzanussi@...il.com>,
	Masami Hiramatsu <mhiramat@...hat.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Robert Richter <robert.richter@....com>,
	David Miller <davem@...emloft.net>
Subject: Re: [RFC PATCH 2/9] perf: Add ability to dump user regs

On Fri, Oct 15, 2010 at 10:39:43AM +0200, Stephane Eranian wrote:
> Frederic,
> 
> On Thu, Oct 14, 2010 at 1:20 PM, Frederic Weisbecker <fweisbec@...il.com> wrote:
> > On Thu, Oct 14, 2010 at 01:06:30PM +0200, Stephane Eranian wrote:
> >> Hi,
> >>
> >>
> >>
> >> On Wed, Oct 13, 2010 at 9:20 AM, Peter Zijlstra <peterz@...radead.org> wrote:
> >> > On Wed, 2010-10-13 at 07:06 +0200, Frederic Weisbecker wrote:
> >> >> Add new PERF_SAMPLE_UREGS to perf sample type. This will dump the
> >> >> user space context as it was before the user entered the kernel for
> >> >> whatever reason.
> >> >>
> >> >> This is going to be useful to bring Dwarf CFI based stack unwinding
> >> >> on top of samples.
> >> >
> >> > This doesn't address any of the issues that were raised previously.
> >> >
> >> > There's a reason we don't have PERF_SAMPLE_*REGS like things.
> >> >
> >> We definitively need to find a solution to this problem. It is important
> >> to export this kind of information to users when using PEBS, for instance
> >
> >
> >
> > Would you need to export only a part of the regs for cases like PEBS?
> >
> Yes, PEBS does not capture the entire state.
> 
> Here is what you get on Intel Core:
>         u64 flags, ip;
>         u64 ax, bx, cx, dx;
>         u64 si, di, bp, sp;
>         u64 r8,  r9,  r10, r11;
>         u64 r12, r13, r14, r15;



Ok, that seems to cover most of the state. I guess few people care
about cs, ds, es, fs, gs, most of the time.



> 
> In 32-bit, the rXX are zero and would not need to be
> exposed.
> 
> >
> >
> >>
> >> What is exported depends on what is monitored and not just the ABI
> >> of the kernel. On a 64-bit kernel, you may capture samples from
> >> i386 or x86_64. Somehow the record needs to be self describing.
> >>
> >> What about something like:
> >> struct  {
> >>       int type; /* 32-bit, 64-bit */
> >>       int nr;    /* number of regs */
> >>       struct {
> >>           int reg_name; /* taken from an enum with all possible regs */
> >>           u64 reg_value;
> >>       } [0]
> >> };
> >
> >
> >
> > Yeah but in this case we can probably avoid to embed all the regnames
> > in every dumps. This can be retrieved from what we asked in the attrs,
> > which could be a u64 bitmap that tells which regs we want? (that only
> > if we want a per reg granularity).
> >
> Yes, that's another possibility and it may be better because if you want
> only one register,e.g,, EAX, then you can ask for it. That would limit the
> memory consumption in the sampling buffer.


But then I wonder who needs EAX only? If you need eax, then you almost
certainly need most the other general registers.

May be we can group them by "family"? Like one group for general registers
(r0 - r15), one for segment registers (cs - gs) and one for eflags.
We can perhaps isolate single groups for stack pointer, frame pointer and
instruction pointer.

But I can't imagine every possible uses of the regs dump, may be we should
just have one flag per register to enforce a maximum flexibility
and don't bother further.

Hm?


> You need a bitmask to name the registers you want. If the register is not
> accessible in the sampling mode you're requesting, then you should get
> an error.


Yep.


 
> I would not necessarily use the attr.sample_type because we might run out
> of bits on architecture with lots of registers. Another reason is that
> the register
> names are arch-specific, unlike what's in attr.sample_type.


Yeah we really need a new field for that, u64 so that we have enough bits
for every possible regs set (at least I hope...).

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ