[PATCH v4 2/9] perf/core: open access for CAP_SYS_PERFMON privileged process

Masami Hiramatsu mhiramat at kernel.org
Sun Jan 12 12:44:46 AEDT 2020 

On Fri, 10 Jan 2020 21:35:12 -0300
arnaldo.melo at gmail.com wrote:

> <keescook at chromium.org>,Jann Horn <jannh at google.com>,Thomas Gleixner <tglx at linutronix.de>,Tvrtko Ursulin <tvrtko.ursulin at linux.intel.com>,Lionel Landwerlin <lionel.g.landwerlin at intel.com>,linux-kernel <linux-kernel at vger.kernel.org>,"linux-security-module at vger.kernel.org" <linux-security-module at vger.kernel.org>,"selinux at vger.kernel.org" <selinux at vger.kernel.org>,"intel-gfx at lists.freedesktop.org" <intel-gfx at lists.freedesktop.org>,"bpf at vger.kernel.org" <bpf at vger.kernel.org>,"linux-parisc at vger.kernel.org" <linux-parisc at vger.kernel.org>,"linuxppc-dev at lists.ozlabs.org" <linuxppc-dev at lists.ozlabs.org>,"linux-perf-users at vger.kernel.org" <linux-perf-users at vger.kernel.org>,"linux-arm-kernel at lists.infradead.org" <linux-arm-kernel at lists.infradead.org>,"oprofile-list at lists.sf.net" <oprofile-list at lists.sf.net>
> From: Arnaldo Carvalho de Melo <acme at kernel.org>
> Message-ID: <A7F0BF73-9189-44BA-9264-C88F2F51CBF3 at kernel.org>
> 
> On January 10, 2020 9:23:27 PM GMT-03:00, Song Liu <songliubraving at fb.com> wrote:
> >
> >
> >> On Jan 10, 2020, at 3:47 PM, Masami Hiramatsu <mhiramat at kernel.org>
> >wrote:
> >> 
> >> On Fri, 10 Jan 2020 13:45:31 -0300
> >> Arnaldo Carvalho de Melo <acme at kernel.org> wrote:
> >> 
> >>> Em Sat, Jan 11, 2020 at 12:52:13AM +0900, Masami Hiramatsu escreveu:
> >>>> On Fri, 10 Jan 2020 15:02:34 +0100 Peter Zijlstra
> ><peterz at infradead.org> wrote:
> >>>>> Again, this only allows attaching to previously created kprobes,
> >it does
> >>>>> not allow creating kprobes, right?
> >>> 
> >>>>> That is; I don't think CAP_SYS_PERFMON should be allowed to create
> >>>>> kprobes.
> >>> 
> >>>>> As might be clear; I don't actually know what the user-ABI is for
> >>>>> creating kprobes.
> >>> 
> >>>> There are 2 ABIs nowadays, ftrace and ebpf. perf-probe uses ftrace
> >interface to
> >>>> define new kprobe events, and those events are treated as
> >completely same as
> >>>> tracepoint events. On the other hand, ebpf tries to define new
> >probe event
> >>>> via perf_event interface. Above one is that interface. IOW, it
> >creates new kprobe.
> >>> 
> >>> Masami, any plans to make 'perf probe' use the perf_event_open()
> >>> interface for creating kprobes/uprobes?
> >> 
> >> Would you mean perf probe to switch to perf_event_open()?
> >> No, perf probe is for setting up the ftrace probe events. I think we
> >can add an
> >> option to use perf_event_open(). But current kprobe creation from
> >perf_event_open()
> >> is separated from ftrace by design.
> >
> >I guess we can extend event parser to understand kprobe directly.
> >Instead of
> >
> >	perf probe kernel_func
> >	perf stat/record -e probe:kernel_func ...
> >
> >We can just do 
> >
> >	perf stat/record -e kprobe:kernel_func ...
> 
> 
> You took the words from my mouth, exactly, that is a perfect use case, an alternative to the 'perf probe' one of making a disabled event that then gets activated via record/stat/trace, in many cases it's better, removes the explicit probe setup case.

Ah, I got it. If the perf event parser just kicks perf's kprobe creation
interface, it will be easy. In that case, there should be following differences.

- perf * -e "kprobe":kernel_func will put a local (hidden) kprobe
  events. So ftrace user can not access it.
- perf * -e "kprobe":kernel_func may not support inline/function-body
  nor trace local variables etc.

Hm, if we support inline function via -e "kprobe" interface, we have to
expand perf_event_open() to support multi-probe event.

Thanks,

> 
> Regards, 
> 
> - Arnaldo
> 
> >
> >Thanks,
> >Song
> 


-- 
Masami Hiramatsu <mhiramat at kernel.org>

More information about the Linuxppc-dev mailing list