lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 12 Mar 2019 11:07:14 +0000
From:   Qais Yousef <>
To:     Steven Rostedt <>,
        Ingo Molnar <>
CC:     Alexei Starovoitov <>,
        Daniel Borkmann <>,
        Martin KaFai Lau <>,
        Song Liu <>, Yonghong Song <>,
        "" <>,
        "" <>,
        "" <>
Subject: [RFC][PATCH] Export supported trace features in debugfs

eBPF tools like bcc-tools have hard time figuring out when features like
raw_tracepoint are supported in the kernel on which we are running. At
the moment a fragile mechanism of matching bpf_find_raw_tracepoint()
function in /proc/kallsyms is used to find out whether raw tracepoints
can be used or not. But when this function was renamed recently to
bpf_get_raw_tracepoint() the tool started to fail to use raw

To help in providing a more reliable way to detect features like
RAW_TRACEPOINT, add a new file in trace debugfs to export the supported

$cat /sys/kernel/debug/tracing/supported_features

Signed-off-by: Qais Yousef <>

This is a half baked patch to probe the potential of this solution.

The breakage mentioned in the commit message is here:

I am not sure what else beside raw_tracepoint makes sense to expose right now.

 kernel/trace/trace.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index c4238b441624..daae09238e62 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -6670,6 +6670,28 @@ static const struct file_operations snapshot_raw_fops = {


+#define TRACE_FEATURE(feat)__stringify(feat) "\n"
+static ssize_t
+tracing_read_trace_features(struct file *filp, char __user *ubuf,
+size_t cnt, loff_t *ppos)
+char *buf = TRACE_FEATURES;
+size_t len = sizeof(TRACE_FEATURES);
+return simple_read_from_buffer(ubuf, cnt, ppos, buf, len);
+static const struct file_operations show_trace_features_fops = {           = tracing_read_trace_features,
+.llseek         = no_llseek,
 static int tracing_buffers_open(struct inode *inode, struct file *filp)
 struct trace_array *tr = inode->i_private;
@@ -8242,6 +8264,9 @@ static __init int tracer_init_tracefs(void)
 &ftrace_update_tot_cnt, &tracing_dyn_info_fops);

+trace_create_file("trace_features", 0444, d_tracer,
+NULL, &show_trace_features_fops);


IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

Powered by blists - more mailing lists