| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240826221045.1202305-1-namhyung@kernel.org>
Date: Mon, 26 Aug 2024 15:10:41 -0700
From: Namhyung Kim <namhyung@...nel.org>
To: Arnaldo Carvalho de Melo <acme@...nel.org>,
Ian Rogers <irogers@...gle.com>,
Kan Liang <kan.liang@...ux.intel.com>
Cc: Jiri Olsa <jolsa@...nel.org>,
Adrian Hunter <adrian.hunter@...el.com>,
Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...nel.org>,
LKML <linux-kernel@...r.kernel.org>,
linux-perf-users@...r.kernel.org,
Stephane Eranian <eranian@...gle.com>
Subject: [PATCH 0/4] perf bpf-filter: Add cgroup filter term (v1)
Hello,
I'm adding a new 'cgroup' filter term in the filter expression so that
it can be used in the BPF.
The cgroup filter takes a pathname and allows either '==' or '!='
operators only. The requires '--all-cgroups' option so it can see the
cgroup_id in the sample data. Actually BPF programs can get the
cgroup of the current task without looking sample data, but I added it
for consistency with other fields.
$ sudo perf record --synth=cgroup -e cycles --filter 'cgroup > /' -a true
perf_bpf_filter: cgroup accepts '==' or '!=' only
Usage: perf record [<options>] [<command>]
or: perf record [<options>] -- <command> [<options>]
--filter <filter>
event filter
$ sudo perf record -e cycles --filter 'cgroup == /' \
-a --synth=cgroup -o- sleep 1 | perf report -i- -s cgroup
Error: cycles event does not have PERF_SAMPLE_CGROUP
Hint: please add --all-cgroups option to perf record
Failed to process filter entries
failed to set filter "BPF" on event cycles with 2 (No such file or directory)
incompatible file format (rerun with -v to learn more)
On the filter syntax, it used to reject arbitrary strings. But it
needs to handle strings because of the cgroup paths. For now, the bpf
filter parser will reject strings if it's not used for cgroups.
For now, it only supports the exact matching of target cgroups. So
specifying the root cgroup ("/") will match tasks in the root cgroup
directly (not in the descendants).
$ sudo perf record --all-cgroups -e cycles --filter 'cgroup == /' \
-a --synth=cgroup -o- sleep 1 | perf report -i- -s cgroup
...
#
# Total Lost Samples: 0
#
# Samples: 621 of event 'cycles'
# Event count (approx.): 108101281
#
# Overhead Cgroup
# ........ ......
#
100.00% /
Thanks,
Namhyung
Namhyung Kim (4):
perf report: Fix segfault when 'sym' sort key is not used
perf bpf-filter: Add build dependency to header files
perf bpf-filter: Support filtering on cgroups
perf test: Add perf record cgroup filtering test
tools/perf/tests/shell/record_bpf_filter.sh | 39 ++++++++++++++++++--
tools/perf/util/Build | 4 +-
tools/perf/util/bpf-filter.c | 1 +
tools/perf/util/bpf-filter.l | 28 +++++++++++---
tools/perf/util/bpf-filter.y | 28 +++++++++++++-
tools/perf/util/bpf_skel/sample-filter.h | 2 +-
tools/perf/util/bpf_skel/sample_filter.bpf.c | 4 +-
tools/perf/util/bpf_skel/vmlinux/vmlinux.h | 1 +
tools/perf/util/hist.c | 2 +-
9 files changed, 94 insertions(+), 15 deletions(-)
--
2.46.0.295.g3b9ea8a38a-goog
Powered by blists - more mailing lists