| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240522215616.762195-1-namhyung@kernel.org>
Date: Wed, 22 May 2024 14:56:10 -0700
From: Namhyung Kim <namhyung@...nel.org>
To: Arnaldo Carvalho de Melo <acme@...nel.org>,
Ian Rogers <irogers@...gle.com>,
Kan Liang <kan.liang@...ux.intel.com>
Cc: Jiri Olsa <jolsa@...nel.org>,
Adrian Hunter <adrian.hunter@...el.com>,
Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...nel.org>,
LKML <linux-kernel@...r.kernel.org>,
linux-perf-users@...r.kernel.org,
KP Singh <kpsingh@...nel.org>,
Stephane Eranian <eranian@...gle.com>,
Song Liu <song@...nel.org>,
bpf@...r.kernel.org
Subject: [RFC 0/6] perf record: Use pinned BPF program for filter (v1)
Hello,
This is to support the unprivileged BPF filter for profiling per-task events.
Until now only root (or any user with CAP_BPF) can use the filter and we
cannot add a new unprivileged BPF program types. After talking with the BPF
folks at LSF/MM/BPF 2024, I was told that this is the way to go. Finally I
managed to make it working with pinned BPF objects. :)
But it requires the one-time setup (by root) before using it like below.
# perf record --setup-filter pin
This will load the BPF program and maps and pin them in the BPF-fs. Then
normal users can use the filter.
$ perf record -o- -e cycles:u --filter 'period < 10000' perf test -w noploop | perf script -i-
[ perf record: Woken up 1 times to write data ]
[ perf record: Captured and wrote 0.011 MB - ]
perf 759982 448227.214189: 1 cycles:u: 7f153719f4d0 _start+0x0 (/usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2)
perf 759982 448227.214195: 1 cycles:u: 7f153719f4d0 _start+0x0 (/usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2)
perf 759982 448227.214196: 7 cycles:u: 7f153719f4d0 _start+0x0 (/usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2)
perf 759982 448227.214196: 223 cycles:u: 7f153719f4d0 _start+0x0 (/usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2)
perf 759982 448227.214198: 9475 cycles:u: ffffffff8ee012a0 [unknown] ([unknown])
perf 759982 448227.548608: 1 cycles:u: 559a9f03c81c noploop+0x5c (/home/namhyung/linux/tools/perf/perf)
perf 759982 448227.548611: 1 cycles:u: 559a9f03c81c noploop+0x5c (/home/namhyung/linux/tools/perf/perf)
perf 759982 448227.548612: 12 cycles:u: 559a9f03c81c noploop+0x5c (/home/namhyung/linux/tools/perf/perf)
perf 759982 448227.548613: 466 cycles:u: 559a9f03c81c noploop+0x5c (/home/namhyung/linux/tools/perf/perf)
It's also possible to unload (and unpin, of course) using this command:
# perf record --setup-filter unpin
The code is avaiable in 'perf/pinned-filter-v1' branch at
git://git.kernel.org/pub/scm/linux/kernel/git/namhyung/linux-perf.git
Thanks,
Namhyung
Namhyung Kim (6):
perf bpf-filter: Make filters map a single entry hashmap
perf bpf-filter: Pass 'target' to perf_bpf_filter__prepare()
perf bpf-filter: Split per-task filter use case
perf bpf-filter: Support pin/unpin BPF object
perf record: Fix a potential error handling issue
perf record: Add --setup-filter option
tools/perf/Documentation/perf-record.txt | 5 +
tools/perf/builtin-record.c | 23 +-
tools/perf/builtin-stat.c | 2 +-
tools/perf/builtin-trace.c | 2 +-
tools/perf/util/bpf-filter.c | 369 +++++++++++++++++--
tools/perf/util/bpf-filter.h | 19 +-
tools/perf/util/bpf_skel/sample-filter.h | 4 +-
tools/perf/util/bpf_skel/sample_filter.bpf.c | 58 ++-
tools/perf/util/evlist.c | 5 +-
tools/perf/util/evlist.h | 4 +-
tools/perf/util/python.c | 3 +-
11 files changed, 428 insertions(+), 66 deletions(-)
base-commit: ea558c86248b4955e5c5f3c0c921df450880605e
--
2.45.1.288.g0e0cd299f1-goog
Powered by blists - more mailing lists