| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6B146FF6-B84E-40A2-A4FA-ABD5576BF463@gmail.com> Date: Fri, 29 Aug 2025 14:17:55 -0300 From: Arnaldo Carvalho de Melo <arnaldo.melo@...il.com> To: Linus Torvalds <torvalds@...ux-foundation.org>, Steven Rostedt <rostedt@...dmis.org> CC: Steven Rostedt <rostedt@...nel.org>, linux-kernel@...r.kernel.org, linux-trace-kernel@...r.kernel.org, bpf@...r.kernel.org, x86@...nel.org, Masami Hiramatsu <mhiramat@...nel.org>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Josh Poimboeuf <jpoimboe@...nel.org>, Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...nel.org>, Jiri Olsa <jolsa@...nel.org>, Arnaldo Carvalho de Melo <acme@...nel.org>, Namhyung Kim <namhyung@...nel.org>, Thomas Gleixner <tglx@...utronix.de>, Andrii Nakryiko <andrii@...nel.org>, Indu Bhagat <indu.bhagat@...cle.com>, "Jose E. Marchesi" <jemarch@....org>, Beau Belgrave <beaub@...ux.microsoft.com>, Jens Remus <jremus@...ux.ibm.com>, Andrew Morton <akpm@...ux-foundation.org>, Florian Weimer <fweimer@...hat.com>, Sam James <sam@...too.org>, Kees Cook <kees@...nel.org>, Carlos O'Donell <codonell@...hat.com> Subject: Re: [PATCH v6 5/6] tracing: Show inode and device major:minor in deferred user space stacktrace On August 29, 2025 1:59:21 PM GMT-03:00, Linus Torvalds <torvalds@...ux-foundation.org> wrote: >On Fri, 29 Aug 2025 at 09:49, Steven Rostedt <rostedt@...dmis.org> wrote: >> >> What do I use to make the hash? > >Literally just '(unsigned long)(vma->vm_file)'. > >Nothing else. > >> One thing this is trying to do is not have to look up the path name for >> every line of a stack trace. > >That's the *opposite* of what I've been suggesting. I've literally >been talking about just saving off the hash of the file pointer. > >(And I just suggested that what you actually save off isn't even the >hash - just the value - and that you can hash it later at a less >critical point in time) > >Don't do *any* work at all at trace collection time. All you need is >to literally access three fields in the 'vma': > > - 'vm_start' and 'vm_pgoff' are needed to calculate the offset in the >file using the user space address > > - save off the value of 'vm_file' for later hashing > >and I really think you're done. > >Then, for the actual trace, you need two things: > > - you need the mmap trace event that has the 'file' value, and you >create a mmap event with that value hashed, and at that point you also >output the pathname and/or things like the build ID > > - for the stack trace events, you output the offset in the file, and >you hash and output the file value > >now, in user space, you have all you need. All you do is match the >hashes. They are random numbers, and user space cannot know what they >are. They are just cookies as a mapping ID. > >And look, now you have the pathname and the build ID - or whatever you >saved off in that mmap event. And at stack trace time, you needed to >do *nothing*. > >And mmap is rare enough - and heavy enough - that doing that pathname >and build ID at *that* point is a non-issue. Or using a preexisting one in the DSO used for the executable mmap. As long as we don't lose those mmap events due to memory pressure/lost events and we have timestamps to order it all before lookups, yeah should work. - Arnaldo > >See what I'm trying to say? > > Linus - Arnaldo
Powered by blists - more mailing lists