From: Thomas Gleixner <tglx@linutronix.de>
To: Peter Collingbourne <pcc@google.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>, Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Juri Lelli <juri.lelli@redhat.com>,
Vincent Guittot <vincent.guittot@linaro.org>,
Dietmar Eggemann <dietmar.eggemann@arm.com>,
Steven Rostedt <rostedt@goodmis.org>,
Ben Segall <bsegall@google.com>, Mel Gorman <mgorman@suse.de>,
Daniel Bristot de Oliveira <bristot@redhat.com>,
Andy Lutomirski <luto@kernel.org>,
Kees Cook <keescook@chromium.org>,
Andrew Morton <akpm@linux-foundation.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Sami Tolvanen <samitolvanen@google.com>,
YiFei Zhu <yifeifz2@illinois.edu>,
Mark Rutland <mark.rutland@arm.com>,
Frederic Weisbecker <frederic@kernel.org>,
Viresh Kumar <viresh.kumar@linaro.org>,
Andrey Konovalov <andreyknvl@gmail.com>,
Gabriel Krisman Bertazi <krisman@collabora.com>,
Chris Hyser <chris.hyser@oracle.com>,
Daniel Vetter <daniel.vetter@ffwll.ch>,
Chris Wilson <chris@chris-wilson.co.uk>,
Arnd Bergmann <arnd@arndb.de>, Dmitry Vyukov <dvyukov@google.com>,
Christian Brauner <christian.brauner@ubuntu.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Alexey Gladkov <legion@kernel.org>,
Ran Xiaokai <ran.xiaokai@zte.com.cn>,
David Hildenbrand <david@redhat.com>,
Xiaofeng Cao <caoxiaofeng@yulong.com>,
Cyrill Gorcunov <gorcunov@gmail.com>,
Thomas Cedeno <thomascedeno@google.com>,
Marco Elver <elver@google.com>,
Alexander Potapenko <glider@google.com>,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
Evgenii Stepanov <eugenis@google.com>
Subject: Re: [PATCH v4 4/7] uaccess-buffer: add CONFIG_GENERIC_ENTRY support
Date: Fri, 17 Dec 2021 19:42:18 +0100 [thread overview]
Message-ID: <875yrncbud.ffs@tglx> (raw)
In-Reply-To: <CAMn1gO7iaaXEgAt3kQVRSN3ueY7MPt0yww40ADAmUZLOb0ZwZg@mail.gmail.com>
Peter,
On Thu, Dec 16 2021 at 16:09, Peter Collingbourne wrote:
> userspace program sets addr to 0. Furthermore, a userspace program
> setting addr to 0 would not automatically cause the pending signals to
> be delivered (because simply storing a value to memory from userspace
> will not necessarily trigger a kernel entry), and signals could
> therefore be left blocked for longer than expected (at least until the
> next kernel entry).
Groan, so what you are trying to prevent is:
*ptr = addr;
--> interrupt
signal raised
signal delivery
signal handler
syscall() <- Logs this syscall
sigreturn;
syscall() <- Is not logged
I must have missed that detail in these novel sized comments all over
the place.
Yes, I can see how that pre/post muck solves this, but TBH while it is
admittedly a smart hack it's also a horrible hack.
There are a two aspects which I really dislike:
- It's yet another ad hoc 'solution' to scratch 'my particular itch'
- It's adding a horrorshow in the syscall hotpath. We have already
enough gunk there. No need to add more.
The problem you are trying to solve is to instrument user accesses of
the kernel, which is special purpose tracing, right?
May I ask why this is not solvable via tracepoints?
DECLARE_EVENT_CLASS(uaccess_class,....);
DECLARE_EVENT(uaccess_class, uaccess_read,...);
DECLARE_EVENT(uaccess_class, uaccess_write,...);
trace_uaccess_read(from, n);
trace_uaccess_write(to, n);
Tracepoints have filters, tooling, libraries etc. Zero code except for
the tracepoints themself. They are disabled by default with a static
key, which means very close to 0 overhead.
Aside of that such tracepoints can be used for other purposes as well
and are therefore not bound to 'my particular itch'.
There are obviously some questions to solve versus filtering, but even
with a stupid tid based filter, it's easy enough to filter out the stuff
you're interested in. E.g. to filter out the signal scenario above all
you need is to enable two more tracepoints:
signal:signal_deliver
syscalls:sys_enter_rt_sigreturn
and when analyzing the event stream you can just skip the noise between
signal:signal_deliver and syscalls:sys_enter_rt_sigreturn trace entries.
There are other fancies like BPF which can be used for filtering and
filling a map with entries.
The only downside is that system configuration restricts access and
requires certain priviledges. But is that a real problem for the purpose
at hand, sanitizers and validation tools?
I don't think it is, but you surely can provide more information here.
Thanks,
tglx
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-12-17 18:53 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-09 22:15 [PATCH v4 0/7] kernel: introduce uaccess logging Peter Collingbourne
2021-12-09 22:15 ` [PATCH v4 1/7] include: split out uaccess instrumentation into a separate header Peter Collingbourne
2021-12-10 12:45 ` Marco Elver
2021-12-09 22:15 ` [PATCH v4 2/7] uaccess-buffer: add core code Peter Collingbourne
2021-12-10 3:52 ` Dmitry Vyukov
2021-12-10 12:39 ` Marco Elver
2021-12-09 22:15 ` [PATCH v4 3/7] fs: use copy_from_user_nolog() to copy mount() data Peter Collingbourne
2021-12-09 22:15 ` [PATCH v4 4/7] uaccess-buffer: add CONFIG_GENERIC_ENTRY support Peter Collingbourne
2021-12-11 11:50 ` Thomas Gleixner
2021-12-16 1:25 ` Peter Collingbourne
2021-12-16 13:05 ` Thomas Gleixner
2021-12-17 0:09 ` Peter Collingbourne
2021-12-17 18:42 ` Thomas Gleixner [this message]
2022-01-10 21:43 ` Peter Collingbourne
2021-12-09 22:15 ` [PATCH v4 5/7] arm64: add support for uaccess logging Peter Collingbourne
2021-12-09 22:15 ` [PATCH v4 6/7] Documentation: document " Peter Collingbourne
2021-12-09 22:15 ` [PATCH v4 7/7] selftests: test " Peter Collingbourne
2021-12-10 13:30 ` Marco Elver
2021-12-11 17:23 ` [PATCH v4 0/7] kernel: introduce " David Laight
2021-12-13 19:48 ` Peter Collingbourne
2021-12-13 23:07 ` David Laight
2021-12-14 3:47 ` Peter Collingbourne
2021-12-15 4:27 ` Peter Collingbourne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=875yrncbud.ffs@tglx \
--to=tglx@linutronix.de \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=arnd@arndb.de \
--cc=bristot@redhat.com \
--cc=bsegall@google.com \
--cc=caoxiaofeng@yulong.com \
--cc=catalin.marinas@arm.com \
--cc=chris.hyser@oracle.com \
--cc=chris@chris-wilson.co.uk \
--cc=christian.brauner@ubuntu.com \
--cc=daniel.vetter@ffwll.ch \
--cc=david@redhat.com \
--cc=dietmar.eggemann@arm.com \
--cc=dvyukov@google.com \
--cc=ebiederm@xmission.com \
--cc=elver@google.com \
--cc=eugenis@google.com \
--cc=frederic@kernel.org \
--cc=glider@google.com \
--cc=gorcunov@gmail.com \
--cc=juri.lelli@redhat.com \
--cc=keescook@chromium.org \
--cc=krisman@collabora.com \
--cc=legion@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=masahiroy@kernel.org \
--cc=mgorman@suse.de \
--cc=mingo@redhat.com \
--cc=pcc@google.com \
--cc=peterz@infradead.org \
--cc=ran.xiaokai@zte.com.cn \
--cc=rostedt@goodmis.org \
--cc=samitolvanen@google.com \
--cc=thomascedeno@google.com \
--cc=vincent.guittot@linaro.org \
--cc=viresh.kumar@linaro.org \
--cc=will@kernel.org \
--cc=yifeifz2@illinois.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).