| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250421214423.393661-1-jolsa@kernel.org>
Date: Mon, 21 Apr 2025 23:44:00 +0200
From: Jiri Olsa <jolsa@...nel.org>
To: Oleg Nesterov <oleg@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Andrii Nakryiko <andrii@...nel.org>
Cc: Alejandro Colomar <alx@...nel.org>,
Eyal Birger <eyal.birger@...il.com>,
kees@...nel.org,
bpf@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-trace-kernel@...r.kernel.org,
x86@...nel.org,
Song Liu <songliubraving@...com>,
Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
Hao Luo <haoluo@...gle.com>,
Steven Rostedt <rostedt@...dmis.org>,
Masami Hiramatsu <mhiramat@...nel.org>,
Alan Maguire <alan.maguire@...cle.com>,
David Laight <David.Laight@...LAB.COM>,
Thomas Weißschuh <thomas@...ch.de>,
Ingo Molnar <mingo@...nel.org>
Subject: [PATCH perf/core 00/22] uprobes: Add support to optimize usdt probes on x86_64
hi,
this patchset adds support to optimize usdt probes on top of 5-byte
nop instruction.
The generic approach (optimize all uprobes) is hard due to emulating
possible multiple original instructions and its related issues. The
usdt case, which stores 5-byte nop seems much easier, so starting
with that.
The basic idea is to replace breakpoint exception with syscall which
is faster on x86_64. For more details please see changelog of patch 8.
The run_bench_uprobes.sh benchmark triggers uprobe (on top of different
original instructions) in a loop and counts how many of those happened
per second (the unit below is million loops).
There's big speed up if you consider current usdt implementation
(uprobe-nop) compared to proposed usdt (uprobe-nop5):
current:
usermode-count : 152.501 ± 0.012M/s
syscall-count : 14.463 ± 0.062M/s
--> uprobe-nop : 3.160 ± 0.005M/s
uprobe-push : 3.003 ± 0.003M/s
uprobe-ret : 1.100 ± 0.003M/s
uprobe-nop5 : 3.132 ± 0.012M/s
uretprobe-nop : 2.103 ± 0.002M/s
uretprobe-push : 2.027 ± 0.004M/s
uretprobe-ret : 0.914 ± 0.002M/s
uretprobe-nop5 : 2.115 ± 0.002M/s
after the change:
usermode-count : 152.343 ± 0.400M/s
syscall-count : 14.851 ± 0.033M/s
uprobe-nop : 3.204 ± 0.005M/s
uprobe-push : 3.040 ± 0.005M/s
uprobe-ret : 1.098 ± 0.003M/s
--> uprobe-nop5 : 7.286 ± 0.017M/s
uretprobe-nop : 2.144 ± 0.001M/s
uretprobe-push : 2.069 ± 0.002M/s
uretprobe-ret : 0.922 ± 0.000M/s
uretprobe-nop5 : 3.487 ± 0.001M/s
I see bit more speed up on Intel (above) compared to AMD. The big nop5
speed up is partly due to emulating nop5 and partly due to optimization.
The key speed up we do this for is the USDT switch from nop to nop5:
uprobe-nop : 3.160 ± 0.005M/s
uprobe-nop5 : 7.286 ± 0.017M/s
Changes from last rfc:
- change to emulate all nops got in
- rebased on top of tip/perf/core,mm/unstable,bpf-next/master to get latest
uprobe and bpf changes
- used guard(rcu_tasks_trace) in handle_syscall_uprobe [Andrii]
- patch#6 change orig argument to is_register, which turned
out to be less changes
This patchset is adding new syscall, here are notes to check list items
in Documentation/process/adding-syscalls.rst:
- System Call Alternatives
New syscall seems like the best way in here, because we need
just to quickly enter kernel with no extra arguments processing,
which we'd need to do if we decided to use another syscall.
- Designing the API: Planning for Extension
The uprobe syscall is very specific and most likely won't be
extended in the future.
- Designing the API: Other Considerations
N/A because uprobe syscall does not return reference to kernel
object.
- Proposing the API
Wiring up of the uprobe system call is in separate change,
selftests and man page changes are part of the patchset.
- Generic System Call Implementation
There's no CONFIG option for the new functionality because it
keeps the same behaviour from the user POV.
- x86 System Call Implementation
It's 64-bit syscall only.
- Compatibility System Calls (Generic)
N/A uprobe syscall has no arguments and is not supported
for compat processes.
- Compatibility System Calls (x86)
N/A uprobe syscall is not supported for compat processes.
- System Calls Returning Elsewhere
N/A.
- Other Details
N/A.
- Testing
Adding new bpf selftests.
- Man Page
Attached.
- Do not call System Calls in the Kernel
N/A
pending todo (or follow ups):
- use PROCMAP_QUERY in tests
- alloc 'struct uprobes_state' for mm_struct only when needed [Andrii]
thanks,
jirka
Cc: Alejandro Colomar <alx@...nel.org>
Cc: Eyal Birger <eyal.birger@...il.com>
Cc: kees@...nel.org
---
Jiri Olsa (21):
uprobes: Rename arch_uretprobe_trampoline function
uprobes: Make copy_from_page global
uprobes: Move ref_ctr_offset update out of uprobe_write_opcode
uprobes: Add uprobe_write function
uprobes: Add nbytes argument to uprobe_write
uprobes: Add is_register argument to uprobe_write and uprobe_write_opcode
uprobes: Remove breakpoint in unapply_uprobe under mmap_write_lock
uprobes/x86: Add mapping for optimized uprobe trampolines
uprobes/x86: Add uprobe syscall to speed up uprobe
uprobes/x86: Add support to optimize uprobes
selftests/bpf: Use 5-byte nop for x86 usdt probes
selftests/bpf: Reorg the uprobe_syscall test function
selftests/bpf: Rename uprobe_syscall_executed prog to test_uretprobe_multi
selftests/bpf: Add uprobe/usdt syscall tests
selftests/bpf: Add hit/attach/detach race optimized uprobe test
selftests/bpf: Add uprobe syscall sigill signal test
selftests/bpf: Add optimized usdt variant for basic usdt test
selftests/bpf: Add uprobe_regs_equal test
selftests/bpf: Change test_uretprobe_regs_change for uprobe and uretprobe
seccomp: passthrough uprobe systemcall without filtering
selftests/seccomp: validate uprobe syscall passes through seccomp
arch/arm/probes/uprobes/core.c | 2 +-
arch/x86/entry/syscalls/syscall_64.tbl | 1 +
arch/x86/include/asm/uprobes.h | 7 ++
arch/x86/kernel/uprobes.c | 532 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
include/linux/syscalls.h | 2 +
include/linux/uprobes.h | 20 +++-
kernel/events/uprobes.c | 147 +++++++++++++++++--------
kernel/fork.c | 1 +
kernel/seccomp.c | 32 ++++--
kernel/sys_ni.c | 1 +
tools/testing/selftests/bpf/prog_tests/uprobe_syscall.c | 478 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------
tools/testing/selftests/bpf/prog_tests/usdt.c | 38 ++++---
tools/testing/selftests/bpf/progs/uprobe_syscall.c | 4 +-
tools/testing/selftests/bpf/progs/uprobe_syscall_executed.c | 41 ++++++-
tools/testing/selftests/bpf/sdt.h | 9 +-
tools/testing/selftests/bpf/test_kmods/bpf_testmod.c | 11 +-
tools/testing/selftests/seccomp/seccomp_bpf.c | 107 +++++++++++++++----
17 files changed, 1299 insertions(+), 134 deletions(-)
Jiri Olsa (1):
man2: Add uprobe syscall page
man/man2/uprobe.2 | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
man/man2/uretprobe.2 | 2 ++
2 files changed, 51 insertions(+)
create mode 100644 man/man2/uprobe.2
Powered by blists - more mailing lists