lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 15 Apr 2019 10:05:31 -0400
From:   Joel Fernandes <>
To:     Olof Johansson <>
Cc:     Alexei Starovoitov <>,
        Linux Kernel Mailing List <>,
        Qais Yousef <>,
        Dietmar Eggemann <>,
        Manoj Rao <>,
        Andrew Morton <>,
        Alexei Starovoitov <>,
        atish patra <>,
        Daniel Colascione <>,
        Dan Williams <>,
        Greg Kroah-Hartman <>,
        Guenter Roeck <>,
        Jonathan Corbet <>,
        Karim Yaghmour <>,
        Kees Cook <>,
        Android Kernel Team <>,
        "open list:DOCUMENTATION" <>,
        "open list:KERNEL SELFTEST FRAMEWORK" 
        Masahiro Yamada <>,
        Masami Hiramatsu <>,
        Randy Dunlap <>,
        Steven Rostedt <>,
        Shuah Khan <>, Yonghong Song <>
Subject: Re: [PATCH v5 1/3] Provide in-kernel headers to make extending
 kernel easier

On Sun, Apr 14, 2019 at 12:38:34PM -0700, Olof Johansson wrote:
> On Wed, Apr 10, 2019 at 8:15 PM Alexei Starovoitov
> <> wrote:
> >
> > On Wed, Apr 10, 2019 at 09:34:49AM -0700, Olof Johansson wrote:
> > > On Wed, Apr 10, 2019 at 8:51 AM Joel Fernandes <> wrote:
> > > >
> > > > On Wed, Apr 10, 2019 at 11:07 AM Olof Johansson <> wrote:
> > > > [snip]
> > > > > > > Wouldn't it be more convenient to provide it in a standardized format
> > > > > > > such that you won't have to take an additional step, and always have
> > > > > > > This is that form IMO.
> > ...
> > > Compared to:
> > >  - Extract tarball
> > >  - Build and load
> > >  - Remove file tree from filesystem
> >
> > I think there are too many assumptions in this thread in regard to what
> > is more convenient for user space.
> > I think bcc should try to avoid extracting tarball into file system.
> > For example libbcc can uncompress kheader.tar.xz into virtual file system
> > of clang front-end. It's more or less std::map<string, string>
> > with key=path, value=content of the file. Access to such in-memory
> > 'files' is obviously faster than doing open/read syscalls.
> I think performance is a red herring, especially since you have to
> uncompress it on every compiler invocation. With this you'd need to
> read/touch/write _all_ header files, not just the one your current
> compiler invocation will use.
> In the grand scheme of things, open/mmap syscalls wouldn't necessarily
> be slower.


> > bcc already uses this approach for some bcc internal 'files' that
> > it passes to clang during compilation.
> > All of /proc/kheaders.tar.xz files can be passed the same way
> > without extracting them into real file system.
> This is now a circular argument. Joel was stating that the plain text
> headers took up too much memory, but now it's preferred to create such
> filesystem in userspace memory on *every compiler invocation*?
> That's... not better. And definitely worse if you want to compile in
> parallel.

The BCC patch does not extract purely into memory, but uses temporary
I believe this is a good approach.

> From my perspective, this is where we're at:
> This patch seems to have been met with a lot of responses in the tone
> of "this is not an appealing solution". Meanwhile, some of the
> suggested alternative solutions have not worked out, and we are now at
> a point where there's less interest in exploring alternatives and
> arguments to merge as-is with only minor adjustments.
> I understand the desire to solve this. It'd be really convenient to
> have a way to runtime build against the same structure layouts that
> the kernel was built with. But I haven't heard anyone say that they

About structure layouts, I'm assuming you mean compiler generated debug info.
That does not work for eBPF tools as was mentioned previously in these threads:

> *like* the solution proposed, and I haven't seen many of those
> expressing concerns being converted to support it.

IMHO there has been good number of people on both sides of the argument. If
it were as strong of an opposition as you think, then I would have personally
not wanted this merged tbh. We do want a solution that is clean and works, and
I think this is a candidate.

> I'd be a *lot* less hesitant if this went into debugfs or another
> location than /proc, which is one of the most regression-sensitive
> interfaces we have in the kernel.

The solution should be regression-sensitive imho, we don't want the tracing
tools to break, people use them. And their usability and robustness is
important which prompted these patches. For some time we have been hosting
downloadable headers for popular kernels (such as LTS versions) to workaround
this issue, but this both a maintenance issue and non-scalable, and not
robust (someone boots a custom kernel or we forget to update headers for a
future LTS release and the tools break).


 - Joel

Powered by blists - more mailing lists