lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 2 Mar 2021 17:46:32 -0800
From:   Andy Lutomirski <luto@...capital.net>
To:     Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc:     Andy Lutomirski <luto@...nel.org>, bpf <bpf@...r.kernel.org>,
        Oleg Nesterov <oleg@...hat.com>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Anil S Keshavamurthy <anil.s.keshavamurthy@...el.com>,
        "David S. Miller" <davem@...emloft.net>, X86 ML <x86@...nel.org>,
        Andrew Cooper <andrew.cooper3@...rix.com>
Subject: Re: Why do kprobes and uprobes singlestep?


> On Mar 2, 2021, at 5:22 PM, Alexei Starovoitov <alexei.starovoitov@...il.com> wrote:
> 
> On Tue, Mar 2, 2021 at 1:02 PM Andy Lutomirski <luto@...capital.net> wrote:
>> 
>> 
>>>> On Mar 2, 2021, at 12:24 PM, Alexei Starovoitov <alexei.starovoitov@...il.com> wrote:
>>> 
>>> On Tue, Mar 2, 2021 at 10:38 AM Andy Lutomirski <luto@...nel.org> wrote:
>>>> 
>>>> Is there something like a uprobe test suite?  How maintained /
>>>> actively used is uprobe?
>>> 
>>> uprobe+bpf is heavily used in production.
>>> selftests/bpf has only one test for it though.
>>> 
>>> Why are you asking?
>> 
>> Because the integration with the x86 entry code is a mess, and I want to know whether to mark it BROKEN or how to make sure the any cleanups actually work.
> 
> Any test case to repro the issue you found?
> Is it a bug or just messy code?

Just messy code.

> Nowadays a good chunk of popular applications (python, mysql, etc) has
> USDTs in them.
> Issues reported with bcc:
> https://github.com/iovisor/bcc/issues?q=is%3Aissue+USDT
> Similar thing with bpftrace.
> Both standard USDT and semaphore based are used in the wild.
> uprobe for containers has been a long standing feature request.
> If you can improve uprobe performance that would be awesome.
> That's another thing that people report often. We optimized it a bit.
> More can be done.


Wait... USDT is much easier to implement well.  Are we talking just USDT or are we talking about general uprobes in which almost any instruction can get probed?  If the only users that care about uprobes are doing USDT, we could vastly simplify the implementation and probably make it faster, too.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ