From: Steven Rostedt <rostedt@goodmis.org>
To: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@gmail.com>
Cc: linux-trace-devel@vger.kernel.org
Subject: Re: [PATCH] trace-cmd: document expected behaviour of execvp for record command
Date: Thu, 5 Jan 2023 22:07:27 -0500 [thread overview]
Message-ID: <20230105220727.0660a0e4@gandalf.local.home> (raw)
In-Reply-To: <Y7eC9o4JDO7XWjlw@mail.google.com>
On Fri, 6 Jan 2023 15:09:58 +1300
Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@gmail.com> wrote:
> That's a good point. I thought about it for a while and this is really a pickle.
>
> I'll dump the things I'm thinking about and peharps you can help me
> choosing between the approaches :-)
>
> Launching executables via:
>
> libc->execvp: It avoid some sorts of TOCTOU race conditions by trying to
> execve executables and leave it up to the kernel to do a 'single'
> file-exists validation (best case scenario) instead of validate whether
> file exists twice, once in user-space and again in kernel (best case
> scenario).
>
> bash: As a counter point (and also because that's most
> likely how trace-cmd will be executed). Bash actually does the
> open-coding execvp() approach as shown below:
>
> # trace-cmd record -p function_graph \
> -g __x64_sys_execve -O nofuncgraph-irqs \
> --max-graph-depth 1 \
> -F /usr/bin/bash -c "ls" > /dev/null
>
>
> ls-178525 [010] 197387.772776: funcgraph_entry: ! 775.074 us | __x64_sys_execve(); # for /usr/bin/bash
> ls-178525 [010] 197387.775568: funcgraph_entry: ! 993.453 us | __x64_sys_execve(); # for /usr/bin/ls
>
> I guess this will boil down to whether you want to make trace-cmd as
> 'transparent' as possible (in comparison to running the command without
> prepending trace-cmd) OR if you actually care about/want to abide by
> the TOCTOU 'guarantees' that libc implements for userspace applications
>
> Let me know your thoughts. I'm flexible with either approach
I think I rather do it the bash way. I don't believe TOCTOU is important
here.
-- Steve
next prev parent reply other threads:[~2023-01-06 3:07 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-05 22:52 [PATCH] trace-cmd: document expected behaviour of execvp for record command Paulo Miguel Almeida
2023-01-05 23:13 ` Steven Rostedt
2023-01-06 2:09 ` Paulo Miguel Almeida
2023-01-06 3:07 ` Steven Rostedt [this message]
2023-01-13 22:58 ` [PATCH v2] trace-cmd: open code execvp routine to avoid multiple execve syscalls Paulo Miguel Almeida
2023-01-13 23:05 ` Paulo Miguel Almeida
2023-01-14 4:58 ` Paulo Miguel Almeida
2023-01-14 5:51 ` Steven Rostedt
2023-01-14 14:43 ` Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230105220727.0660a0e4@gandalf.local.home \
--to=rostedt@goodmis.org \
--cc=linux-trace-devel@vger.kernel.org \
--cc=paulo.miguel.almeida.rodenas@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.