lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <5512A4EB.90604@hitachi.com>
Date:	Wed, 25 Mar 2015 21:07:07 +0900
From:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
To:	Alexei Starovoitov <ast@...mgrid.com>
CC:	Ingo Molnar <mingo@...nel.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Namhyung Kim <namhyung@...nel.org>,
	Arnaldo Carvalho de Melo <acme@...radead.org>,
	Jiri Olsa <jolsa@...hat.com>,
	"David S. Miller" <davem@...emloft.net>,
	Daniel Borkmann <daniel@...earbox.net>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	linux-api@...r.kernel.org, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: bpf+tracing next steps. Was: [PATCH v9 tip 3/9] tracing: attach
 BPF programs to kprobes

(2015/03/25 9:40), Alexei Starovoitov wrote:
> On 3/23/15 2:27 AM, Masami Hiramatsu wrote:
>> (2015/03/23 13:57), Alexei Starovoitov wrote:
>>> On 3/22/15 7:17 PM, Masami Hiramatsu wrote:
>>>> (2015/03/23 3:03), Alexei Starovoitov wrote:
>>>>
>>>>> User space tools that will compile ktap/dtrace scripts into bpf might
>>>>> use build-id for their own purpose, but that's a different discussion.
>>>>
>>>> Agreed.
>>>> I'd like to discuss it since kprobe event interface may also have same
>>>> issue.
>>>
>>> I'm not sure what 'issue' you're seeing. My understanding is that
>>> build-ids are used by perf to associate binaries with their debug info
>>> and by systemtap to make sure that probes actually match the kernel
>>> they were compiled for. In bpf case it probably will be perf way only.
>>
>> Ah, I see. So perftools can check the build-id if needed, right?
> 
> yes. of course.
> 
>>> Are you interested in doing something with bpf ? ;)
>>
>> Of course :)
> 
> Great :)
> 
>>> I know that Jovi is working on clang-based front-end, He Kuang is doing
>>> something fancy and I'm going to focus on 'tcp instrumentation' once
>>> bpf+kprobes is in. I think these efforts will help us make it
>>> concrete and will establish a path towards bpf+tracepoints
>>> (debug tracepoints or trace markers) and eventual integration with perf.
>>> Here is the wish-list (for kernel and userspace) inspired by Brendan:
>>> - access to pid, uid, tid, comm, etc
>>> - access to kernel stack trace
>>> - access to user-level stack trace
>>> - kernel debuginfo for walking kernel structs, and accessing kprobe
>>> entry args as variables
>>
>> perf probe can provide this to bpf.
> 
> I was thinking about deeper integration with perf actually.
> perf has all the right infra to find debug info in kernel and user
> binaries, to extract and understand all the dwarf stuff.
> The future tracing language can use more of it.
> The programs should be able refer to names of in-kernel variables
> and arguments natively.
> When I'm writing a program that attaches to blk_update_request()
> I would like to write:
> bpf_printk("req %p bytes %d\n", req->q, nr_bytes);
> and perf with debug info should be able to figure out that 'req'
> is the first function argument, then find out offset of '->q'
> within the struct and that 'nr_bytes' is the 3rd argument in
> appropriate register. Then generate llvm ir on the fly,
> compile it, load into kernel and attach to kprobe event at
> this blk_update_request() function. All seamlessly.

Yes, that is what perf probe providing now. I think it is easy
to do that with probe-finder.c. :)

>>> - tracing of uprobes
>>> - tracing of user markers
>>
>> I'm working on the perf-cache which will also support SDT (based on Hemant Kumar's work).
> 
> yep. waiting for SDT stuff to finalize. Would be nice to
> have 'follow' button for interesting patches :)

:)

Thank you!


-- 
Masami HIRAMATSU
Software Platform Research Dept. Linux Technology Research Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@...achi.com


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ