| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 08 May 2012 09:04:55 -0400 From: Steven Rostedt <rostedt@...dmis.org> To: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com> Cc: "Frank Ch. Eigler" <fche@...hat.com>, linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...e.hu>, Andrew Morton <akpm@...ux-foundation.org>, Frederic Weisbecker <fweisbec@...il.com>, "H. Peter Anvin" <hpa@...or.com>, yrl.pp-manager.tt@...achi.com Subject: Re: Re: Re: [PATCH 6/9][RFC] kprobes: Allow probe on ftrace reserved text (but move it) On Tue, 2012-05-08 at 12:08 +0900, Masami Hiramatsu wrote: > (2012/05/07 21:43), Steven Rostedt wrote: > > On Mon, 2012-05-07 at 20:37 +0900, Masami Hiramatsu wrote: > > > >> By the way, there is another way to do that transparently which > >> we add a "real_addr" member to struct kprobes and put the real > >> probed address to the member (without changing kp->addr). This > >> will keep API compatibility. > > > > I like this a lot. Perhaps we don't need a flag at all, and just use > > these two addrs instead? > > Yes, just replacing all "*p->addr" and "kp.addr" with real_addr > and copying addr to real_addr when registering. That's the basic > idea. > > I just concern about the cost balance... this is feasible, but > we need to change many arch-dependent parts. Do we really need to > pay that cost just for the backward compatibility? > > I mean, the kprobes itself can be changed because we don't ensure > the stability of kernel APIs. If so, it looks enough to change the > behavior of kprobes and give an upgrade hint for users (current patch), > isn't it? > > Thank you, I guess the question is what's best long term. That's what I would like to do. If a flag is "good enough" for both now and long term, than that's fine with me. But if we find that it would be better to have a "real_addr" then we should do it now and bite the bullet with all archs. Otherwise, we'll have all the archs doing something special with the MOVE flag and that would cause even more pain to update it later. I also like the real addr because it helps with the optimize probes. We only need to search one location. This doesn't matter with this patch set, but with the code I have that uses ftrace hooks. One solution with that is to have the optimize code see that the probe was moved, (or its real addr was on a ftrace nop) and then just use the ftrace code on optimization instead of normal optimizations (replacing with a jump). Note, the big difference with using ftrace optimization and normal kprobe jump optimization is that the ftrace one can be used on a preempt kernel. But this code is still under development. I want to get a solution for the current code (this patch set) now. It would be nice if it was ready for 3.5. -- Steve -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists