lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 1 Jun 2019 00:16:25 +0900 From: Masami Hiramatsu <mhiramat@...nel.org> To: Steven Rostedt <rostedt@...dmis.org> Cc: Masami Hiramatsu <mhiramat@...nel.org>, Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org, Tom Zanussi <tom.zanussi@...ux.intel.com>, Ravi Bangoria <ravi.bangoria@...ux.ibm.com>, Namhyung Kim <namhyung@...nel.org>, Arnaldo Carvalho de Melo <acme@...nel.org> Subject: [PATCH 00/21] tracing/probe: Add multi-probes per event support Hello, This is a series to add multi-probes per event support to probe-event. For trace-event, we can insert same trace-event on several places on the code, and those can record similar information as a same event with same format. This series implements similar feature on probe-event. Since the probe event is based on the compiled binary, sometimes we find that the target source line is complied into several different addresses, e.g. inlined function, unrolled loop, etc. In those cases, it is useful to put a same probe-event on different addresses. With this series, we can append multi probes on one event as below # echo p:testevent _do_fork r1=%ax r2=%dx > kprobe_events # echo p:testevent fork_idle r1=%ax r2=%cx >> kprobe_events # kprobe_events p:kprobes/testevent _do_fork r1=%ax r2=%dx p:kprobes/testevent fork_idle r1=%ax r2=%cx This means testevent is hit on both of _do_fork and fork_idle. As you can see, the appended event must have same number of arguments and those must have same 'type' and 'name' as original one. This is like a function signature, it checks whether the appending event has the same type and name of event arguments and same probe type, but doesn't care about the assignment. So, below appending commands will be rejected. # echo p:testevent _do_fork r1=%ax r2=%dx > kprobe_events # echo p:testevent fork_idle r1=%ax >> kprobe_events (No 2nd argument) # echo p:testevent fork_idle r1=%ax r2=%ax:x8 >> kprobe_events (The type of 2nd argument is different) If one inlined code has an argument on a register, but another inlined code has fixed value (as a result of optimization), you can also specify the fixed immediate value, e.g. # echo p:testevent _do_fork r1=%ax r2=%dx > kprobe_events # echo p:testevent fork_idle r1=%ax r2=\1 >> kprobe_events Of course, it is hard to find those assignment changes by manual. I'm preparing another series of patches for perf-probe, which will automatically find such "cloned" targets and fold those into one event. (Should I merge that series into this series?) Thank you, --- Masami Hiramatsu (21): tracing/kprobe: Set print format right after parsed command tracing/uprobe: Set print format when parsing command tracing/probe: Add trace_probe init and free functions tracing/probe: Add trace_event_call register API for trace_probe tracing/probe: Add trace_event_file access APIs for trace_probe tracing/probe: Add trace flag access APIs for trace_probe tracing/probe: Add probe event name and group name accesses APIs tracing/probe: Add trace_event_call accesses APIs tracing/kprobe: Check registered state using kprobe tracing/probe: Split trace_event related data from trace_probe tracing/dynevent: Delete all matched events tracing/dynevent: Pass extra arguments to match operation tracing/kprobe: Add multi-probe per event support tracing/uprobe: Add multi-probe per uprobe event support tracing/kprobe: Add per-probe delete from event tracing/uprobe: Add per-probe delete from event tracing/probe: Add immediate parameter support tracing/probe: Add immediate string parameter support selftests/ftrace: Add a testcase for kprobe multiprobe event selftests/ftrace: Add syntax error test for immediates selftests/ftrace: Add syntax error test for multiprobe Documentation/trace/kprobetrace.rst | 1 Documentation/trace/uprobetracer.rst | 1 kernel/trace/trace.c | 8 kernel/trace/trace_dynevent.c | 10 kernel/trace/trace_dynevent.h | 7 kernel/trace/trace_events_hist.c | 4 kernel/trace/trace_kprobe.c | 408 +++++++++++--------- kernel/trace/trace_probe.c | 247 ++++++++++++ kernel/trace/trace_probe.h | 121 +++++- kernel/trace/trace_uprobe.c | 358 ++++++++++-------- tools/testing/selftests/ftrace/test.d/functions | 2 .../ftrace/test.d/kprobe/kprobe_multiprobe.tc | 35 ++ .../ftrace/test.d/kprobe/kprobe_syntax_errors.tc | 15 + 13 files changed, 830 insertions(+), 387 deletions(-) create mode 100644 tools/testing/selftests/ftrace/test.d/kprobe/kprobe_multiprobe.tc -- Masami Hiramatsu (Linaro) <mhiramat@...nel.org>
Powered by blists - more mailing lists