| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <56289589.1030008@huawei.com> Date: Thu, 22 Oct 2015 15:51:37 +0800 From: "Wangnan (F)" <wangnan0@...wei.com> To: Ingo Molnar <mingo@...nel.org> CC: Peter Zijlstra <peterz@...radead.org>, pi3orama <pi3orama@....com>, Alexei Starovoitov <ast@...mgrid.com>, xiakaixu <xiakaixu@...wei.com>, <davem@...emloft.net>, <acme@...nel.org>, <mingo@...hat.com>, <masami.hiramatsu.pt@...achi.com>, <jolsa@...nel.org>, <daniel@...earbox.net>, <linux-kernel@...r.kernel.org>, <hekuang@...wei.com>, <netdev@...r.kernel.org> Subject: Re: [PATCH V5 1/1] bpf: control events stored in PERF_EVENT_ARRAY maps trace data output when perf sampling On 2015/10/22 15:39, Ingo Molnar wrote: > * Wangnan (F) <wangnan0@...wei.com> wrote: > [SNIP] >> >> In summary, your either-or logic doesn't hold in BPF world. A BPF >> program can only access perf event in a highly restricted way. We >> don't allow it calling perf_event_read_local() across core, so it >> can't. >>> Urgh, that's still horridly inconsistent. Can we please come up with a >>> consistent interface to perf? >> BPF program and kernel module are two different worlds as I said before. >> >> I don't think making them to share a common interface is a good idea because >> such sharing will give BPF programs too much freedom than it really need, then >> it will be hard prevent them to do something bad. If we really need kernel >> interface, I think what we need is kernel module, not BPF program. > What do you mean, as this does not parse for me. Because I'm not very sure what the meaning of "inconsistent" in Peter's words... I think what Peter want us to do is to provide similar (consistent) interface between kernel and eBPF that, if kernel reads from a perf_event through perf_event_read_local(struct perf_event *), BPF program should do this work with similar code, or at least similar logic, so we need to create handler for a perf event, and provide a BPF function called BPF_FUNC_perf_event_read_local then pass such handler to it. I don't think like this because if we want kernel interface we'd better use kernel module, not eBPF so I mentioned kernel module here. Ingo, do you think BPF inerface should be *consistent* with anything? Thank you. > We obviously can (and very likely should) make certain perf functionality > available to BPF programs. > > It should still be a well defined yet flexible iterface, with safe behavior, > obviously - all in line with existing BPF sandboxing principles. > > 'Kernel modules' don't enter this consideration at all, not sure why you mention > them - all this functionality is also available if CONFIG_MODULES is turned off > completely. > > Thanks, > > Ingo > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists