From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932098AbbJUQ6I (ORCPT ); Wed, 21 Oct 2015 12:58:08 -0400 Received: from casper.infradead.org ([85.118.1.10]:34592 "EHLO casper.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753200AbbJUQ6F (ORCPT ); Wed, 21 Oct 2015 12:58:05 -0400 Date: Wed, 21 Oct 2015 18:57:58 +0200 From: Peter Zijlstra To: pi3orama Cc: "Wangnan (F)" , Alexei Starovoitov , xiakaixu , davem@davemloft.net, acme@kernel.org, mingo@redhat.com, masami.hiramatsu.pt@hitachi.com, jolsa@kernel.org, daniel@iogearbox.net, linux-kernel@vger.kernel.org, hekuang@huawei.com, netdev@vger.kernel.org Subject: Re: [PATCH V5 1/1] bpf: control events stored in PERF_EVENT_ARRAY maps trace data output when perf sampling Message-ID: <20151021165758.GK3604@twins.programming.kicks-ass.net> References: <20151021091254.GF2881@worktop.programming.kicks-ass.net> <56276968.6070604@huawei.com> <20151021113316.GM17308@twins.programming.kicks-ass.net> <56277BCE.6030400@huawei.com> <20151021121713.GC3604@twins.programming.kicks-ass.net> <56279634.5000606@huawei.com> <20151021134951.GH3604@twins.programming.kicks-ass.net> <1D2C9396-01CB-4981-B493-EA311F0457E7@163.com> <20151021140921.GI3604@twins.programming.kicks-ass.net> <586A5B33-C9C9-433D-B6E9-019264BF7DDB@163.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <586A5B33-C9C9-433D-B6E9-019264BF7DDB@163.com> User-Agent: Mutt/1.5.21 (2012-12-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 21, 2015 at 11:06:47PM +0800, pi3orama wrote: > > So explain; how does this eBPF stuff work. > > I think I get your point this time, and let me explain the eBPF stuff to you. > > You are aware that BPF programmer can break the system in this way: > > A=get_non_local_perf_event() > perf_event_read_local(A) > BOOM! > > However the above logic is impossible because BPF program can't work this > way. > > First of all, it is impossible for a BPF program directly invoke a > kernel function. Doesn't like kernel module, BPF program can only > invoke functions designed for them, like what this patch does. So the > ability of BPF programs is strictly restricted by kernel. If we don't > allow BPF program call perf_event_read_local() across core, we can > check this and return error in function we provide for them. > > Second: there's no way for a BPF program directly access a perf event. > All perf events have to be wrapped by a map and be accessed by BPF > functions described above. We don't allow BPF program fetch array > element from that map. So pointers of perf event is safely protected > from BPF program. > > In summary, your either-or logic doesn't hold in BPF world. A BPF > program can only access perf event in a highly restricted way. We > don't allow it calling perf_event_read_local() across core, so it > can't. Urgh, that's still horridly inconsistent. Can we please come up with a consistent interface to perf?