lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <55691218.6010303@plumgrid.com>
Date:	Fri, 29 May 2015 18:27:52 -0700
From:	Alexei Starovoitov <ast@...mgrid.com>
To:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>,
	He Kuang <hekuang@...wei.com>, wangnan0@...wei.com,
	paulus@...ba.org, a.p.zijlstra@...llo.nl, mingo@...hat.com,
	acme@...nel.org, namhyung@...nel.org, jolsa@...nel.org,
	dsahern@...il.com, brendan.d.gregg@...il.com, daniel@...earbox.net
CC:	lizefan@...wei.com, linux-kernel@...r.kernel.org,
	cti.systems-productivity-manager.ts@...achi.com
Subject: Re: [RFC PATCH v2 09/15] perf probe: Support $params without debuginfo

On 5/29/15 4:55 PM, Masami Hiramatsu wrote:
> On 2015/05/29 15:30, He Kuang wrote:
>> hi, Alexei
>>
>> On 2015/5/29 2:10, Alexei Starovoitov wrote:
>>> On 5/28/15 6:01 AM, He Kuang wrote:
>>>>> I don't think you can break it down in two steps like this.
>>>>>> There is no such thing as 'calling regs'. x86_32 with ax,dx,cx
>>>>>> are not 'calling regs'. 64-bit values will be passed in a pair.
>>>>>> Only 'pt_regs + arch + func_proto + asmlinkage' makes sense
>>>>> >from the user point of view.
>>>>>> Adding 'asmlinkage' attr is also trivial.
>>>>>> 'func(long, char) asmlinkage' is easy to parse and the user
>>>> I think at this early stage, we could make our bpf variable
>>>> prologue work with debuginfo while keeping bpf 'SEC' syntax
>>>> consistent with original perf probe. After all, we can use
>>>> pt_regs directly or relay to perf-probe cache by Masami to deal
>>>> with non-debug cases.
>>>
>>> so you're saying you don't want to support non-debug case for now?
>>> Sure, as long as section name parser will be able to support
>>> 'func(long, char) asmlinkage' syntax in the future without breaking
>>> compatibility. I'm mostly interested in cases when debug info
>>> is not available at all. So perf-probe cache is of no use to me.
>>>
>>>
>>
>> Yes, that syntax do deal with the situation which current 'perf
>> probe' syntax not covered, so not only bpf prologue would benifit
>> from that, maybe we could try to let perf probe involve that.
> 
> Hmm, then how about below syntax?
> 
>   perf probe x86_acpi_enter_sleep_state $regparams:asmlinkage(char)
> 
> So, regparams has following synopsis.
> 
>   $regparams[:[asmlinkage|0-6]([u8|u16|u32|u64|ptr][,...])]

the number doesn't make sense in generic command. Only x86_32 plays
with calling convention. All other archs are not doing anything special
for asmlinkage.
I think the following is enough:
$regparams[[:asmlinkage]([u8|u16|u32|u64|ptr|char|short|long|
long long|void*][,...])]
asmlinkage most of the time won't be used and typical command will look
like: 'func=func $regparams(char, long, void*)'
which is ok for kprobe.
For bpf section name I would still prefer 'func(char, long, void*)'
since it's more concise, easier to remember, more similar to C declaration.

> Note that asmlinkage is a synonym of 0, and default depends on arch :)
> Some architecture ignores this part, e.g. x86_64 always uses regs.
> And it is automatically expanded to argX="%reg or $stackX".
> 
> e.g.
>   $regparams is expanded to
>    arg1=%di arg2=%si arg3=%dx arg4=%cx arg5=%r8 arg6=%r9 (on x86_64)
>    arg1=%ax arg2=%dx arg3=%cx arg4=$stack1 arg5=$stack2 arg6=$stack3 (on i386)
> 
>   $regparams:0 is expanded to
>    arg1=%di arg2=%si arg3=%dx arg4=%cx arg5=%r8 arg6=%r9 (on x86_64)
>    arg1=$stack1 arg2=$stack2 arg3=$stack3 arg4=$stack4 arg5=$stack5 arg6=$stack6 (on i386)
> 
>   $regparams:3(char,long) is expanded to
>    arg1=%di:s8 arg2=%si:s64 (on x86_64)
>    arg1=%ax:s8 arg2=%dx:s64 (on i386)
> 
> How is this?
> 
> Thank you,
> 
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ