| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZxlE2jEUzpt0WcFJ@google.com>
Date: Wed, 23 Oct 2024 11:47:54 -0700
From: Namhyung Kim <namhyung@...nel.org>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...nel.org>,
Kan Liang <kan.liang@...ux.intel.com>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
LKML <linux-kernel@...r.kernel.org>,
Stephane Eranian <eranian@...gle.com>,
Ravi Bangoria <ravi.bangoria@....com>,
Sandipan Das <sandipan.das@....com>, Kyle Huey <me@...ehuey.com>,
Alexei Starovoitov <ast@...nel.org>,
Andrii Nakryiko <andrii@...nel.org>, Song Liu <song@...nel.org>,
bpf@...r.kernel.org
Subject: Re: [PATCH v4 3/5] perf/core: Account dropped samples from BPF
Hello,
On Wed, Oct 23, 2024 at 09:12:52AM -0700, Andrii Nakryiko wrote:
> On Tue, Oct 22, 2024 at 5:09 PM Namhyung Kim <namhyung@...nel.org> wrote:
> >
> > Like in the software events, the BPF overflow handler can drop samples
> > by returning 0. Let's count the dropped samples here too.
> >
> > Acked-by: Kyle Huey <me@...ehuey.com>
> > Cc: Alexei Starovoitov <ast@...nel.org>
> > Cc: Andrii Nakryiko <andrii@...nel.org>
> > Cc: Song Liu <song@...nel.org>
> > Cc: bpf@...r.kernel.org
> > Signed-off-by: Namhyung Kim <namhyung@...nel.org>
> > ---
> > kernel/events/core.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/kernel/events/core.c b/kernel/events/core.c
> > index 5d24597180dec167..b41c17a0bc19f7c2 100644
> > --- a/kernel/events/core.c
> > +++ b/kernel/events/core.c
> > @@ -9831,8 +9831,10 @@ static int __perf_event_overflow(struct perf_event *event,
> > ret = __perf_event_account_interrupt(event, throttle);
> >
> > if (event->prog && event->prog->type == BPF_PROG_TYPE_PERF_EVENT &&
> > - !bpf_overflow_handler(event, data, regs))
> > + !bpf_overflow_handler(event, data, regs)) {
> > + atomic64_inc(&event->dropped_samples);
>
> I don't see the full patch set (please cc relevant people and mailing
> list on each patch in the patch set), but do we really want to pay the
Sorry, you can find the whole series here.
https://lore.kernel.org/lkml/20241023000928.957077-1-namhyung@kernel.org
I thought it's mostly for the perf part so I didn't CC bpf folks but
I'll do in the next version.
> price of atomic increment on what's the very typical situation of a
> BPF program returning 0?
Is it typical for BPF_PROG_TYPE_PERF_EVENT? I guess TRACING programs
usually return 0 but PERF_EVENT should care about the return values.
>
> At least from a BPF perspective this is no "dropping sample", it's
> just processing it in BPF and not paying the overhead of the perf
> subsystem continuing processing it afterwards. So the dropping part is
> also misleading, IMO.
In the perf tools, we have a filtering logic in BPF to read sample
values and to decide whether we want this sample or not. In that case
users would be interested in the exact number of samples.
Thanks,
Namhyung
>
> > return ret;
> > + }
> >
> > /*
> > * XXX event_limit might not quite work as expected on inherited
> > --
> > 2.47.0.105.g07ac214952-goog
> >
Powered by blists - more mailing lists