lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <a40a1add-00a5-49bd-887a-5fc722c9814a@cs.wisc.edu>
Date: Mon, 14 Apr 2025 18:14:24 -0500
From: Junxuan Liao <ljx@...wisc.edu>
To: Dave Hansen <dave.hansen@...el.com>, linux-trace-kernel@...r.kernel.org,
        linux-kernel@...r.kernel.org, x86@...nel.org
Cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
        Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "H. Peter Anvin" <hpa@...or.com>, Steven Rostedt <rostedt@...dmis.org>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
        "Paul E. McKenney" <paulmck@...nel.org>
Subject: Re: [PATCH] x86/tracing: introduce enter/exit tracepoint pairs for
 page faults

Sorry I forgot to reply to the list. :( It's my first time doing this.

On 4/14/25 4:56 PM, Dave Hansen wrote:
> On 4/14/25 13:52, Junxuan Liao wrote:
>> On 4/14/25 3:42 PM, Dave Hansen wrote:
>>> Is there a reason kprobes don't work for this?
>>
>> In this code path it's either noinstr or inline functions, so I believe
>> explicit tracepoints are necessary?
> 
> It'd be great to turn this "??" into some more certainty. ;)
> 
>> As Steven has mentioned, there are similar tracepoints for irq and it's
>> nice to have them for page faults too.
> 
> So, that code is:
> 
>>                 trace_irq_handler_entry(irq, action);
>>                 res = action->handler(irq, action->dev_id);
>>                 trace_irq_handler_exit(irq, action, res);
> 
> ... I think.
> 
> That's a heck of a lot simpler than a couple static keys and new
> conditionals.
> 
> Also, I honestly don't think we need separate user and kernel fault
> trace points. Maybe we should just zap that in the process.
> 
> Is there a reason we couldn't get this down to something dirt simple like:
> 
>  DEFINE_IDTENTRY_RAW_ERRORCODE(exc_page_fault)
>  {
>         instrumentation_begin();
> +	trace_page_fault_entry(...);
>         handle_page_fault(regs, error_code, address);
> +	trace_page_fault_exit(...);
>         instrumentation_end();
> 
> ??

If we don't need to separate user and kernel tracepoints, we won't need
those static keys anyway, and it's indeed much simpler.

Do people find separate user/kernel tracepoints useful? For me, I can
check regs in eBPF tracing code instead.

Junxuan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ