From: Peter Zijlstra <peterz@infradead.org>
To: Adrian Hunter <adrian.hunter@intel.com>
Cc: Ingo Molnar <mingo@kernel.org>, Andi Kleen <ak@linux.intel.com>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
Jiri Olsa <jolsa@redhat.com>, Song Liu <songliubraving@fb.com>,
Daniel Borkmann <daniel@iogearbox.net>,
Alexei Starovoitov <ast@kernel.org>,
linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH] perf, bpf: Retain kernel executable code in memory to aid Intel PT tracing
Date: Fri, 8 Feb 2019 10:12:40 +0100 [thread overview]
Message-ID: <20190208091240.GN32477@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <76a91fb3-0f4e-c55f-3176-3ad9a996e936@intel.com>
On Fri, Feb 08, 2019 at 10:53:41AM +0200, Adrian Hunter wrote:
> On 7/02/19 10:02 PM, Peter Zijlstra wrote:
> > On Thu, Feb 07, 2019 at 01:19:01PM +0200, Adrian Hunter wrote:
> >> Subject to memory pressure and other limits, retain executable code, such
> >> as JIT-compiled bpf, in memory instead of freeing it immediately it is no
> >> longer needed for execution.
> >>
> >> While perf is primarily aimed at statistical analysis, tools like Intel
> >> PT can aim to provide a trace of exactly what happened. As such, corner
> >> cases that can be overlooked statistically need to be addressed. For
> >> example, there is a gap where JIT-compiled bpf can be freed from memory
> >> before a tracer has a chance to read it out through the bpf syscall.
> >> While that can be ignored statistically, it contributes to a death by
> >> 1000 cuts for tracers attempting to assemble exactly what happened. This is
> >> a bit gratuitous given that retaining the executable code is relatively
> >> simple, and the amount of memory involved relatively small. The retained
> >> executable code is then available in memory images such as /proc/kcore.
> >>
> >> This facility could perhaps be extended also to init sections.
> >>
> >> Note that this patch is compile tested only and, at present, is missing
> >> the ability to retain symbols.
> >
> > You don't need the symbols; you already have them through
> > PERF_RECORD_KSYMBOL.
>
> And you intend to use that for module loading/unloading also?
>
> >
> > Also; afaict this patch guarantees exactly nothing. It registers a
> > shrinker which will (given enough memory pressure) happily free your
> > text before we get around to copying it out.
>
> No, there is a minimum size (default 0) which is not subject to the shrinker.
>
> >
> > Did you read this proposal?
>
> Please cc me on anything affecting Intel PT decoding.
>
> >
> > https://lkml.kernel.org/r/20190109101808.GG1900@hirez.programming.kicks-ass.net
> >
> > (also: s/KCORE_QC/KCORE_QS/ for quiescent state)
> >
> > That would create an RCU like interface to /proc/kcore and give you the
> > guarantees you need, while also allowing the memory to get freed once
> > you've obtained a copy.
>
> So, open /proc/kcore and it pins all executable code in memory?
>
> Do you intend to extend that to module / module init unloads?
I didn't intent to write it at all; but yes the intend was for this to
apply to all executable maps. Modules, BPF, ftrace, everything.
next prev parent reply other threads:[~2019-02-08 9:13 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-07 11:19 [RFC PATCH] perf, bpf: Retain kernel executable code in memory to aid Intel PT tracing Adrian Hunter
2019-02-07 20:02 ` Peter Zijlstra
2019-02-08 8:53 ` Adrian Hunter
2019-02-08 9:12 ` Peter Zijlstra [this message]
2019-02-11 7:46 ` Ingo Molnar
2019-02-08 23:29 ` Alexei Starovoitov
2019-02-11 7:54 ` Adrian Hunter
2019-02-11 8:18 ` Alexei Starovoitov
2019-02-11 8:24 ` Adrian Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190208091240.GN32477@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=acme@kernel.org \
--cc=adrian.hunter@intel.com \
--cc=ak@linux.intel.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=ast@kernel.org \
--cc=daniel@iogearbox.net \
--cc=jolsa@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=songliubraving@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.