From: Daniel Thompson <daniel.thompson@linaro.org>
To: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Steven Rostedt <rostedt@goodmis.org>,
LKML <linux-kernel@vger.kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Alexei Starovoitov <ast@kernel.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
"Paul E. McKenney" <paulmck@kernel.org>,
Joel Fernandes <joel@joelfernandes.org>,
Frederic Weisbecker <frederic@kernel.org>,
Jason Wessel <jason.wessel@windriver.com>
Subject: Re: Instrumentation and RCU
Date: Tue, 10 Mar 2020 17:05:36 +0000 [thread overview]
Message-ID: <20200310170536.w4p5r2fnsyaorys5@holly.lan> (raw)
In-Reply-To: <20200310170951.87c29e9c1cfbddd93ccd92b3@kernel.org>
On Tue, Mar 10, 2020 at 05:09:51PM +0900, Masami Hiramatsu wrote:
> Hi,
>
> On Mon, 09 Mar 2020 19:59:18 +0100
> Thomas Gleixner <tglx@linutronix.de> wrote:
>
> > >> #2) Breakpoint utilization
> > >>
> > >> As recent findings have shown, breakpoint utilization needs to be
> > >> extremly careful about not creating infinite breakpoint recursions.
> > >>
> > >> I think that's pretty much obvious, but falls into the overall
> > >> question of how to protect callchains.
> > >
> > > This is rather unique, and I agree that its best to at least get to a point
> > > where we limit the tracing within breakpoint code. I'm fine with making
> > > rcu_nmi_exit() nokprobe too.
> >
> > Yes, the break point stuff is unique, but it has nicely demonstrated how
> > much of the code is affected by it.
>
> I see. I had followed the callchain several times, and always found new function.
> So I agree with the off-limit section idea. That is a kind of entry code section
> but more generic one. It is natural to split such sensitive code in different
> place.
>
> BTW, what about kdb stuffs? (+Cc Jason)
There is some double breakpoint detection code but IIRC this merely
retrospectively warns the user that they have their hurt their system...
and whether the system would run long enough to reach that logic is
relatively unlikely.
For both kdb and kgdb, the main "defence" is the use case. Neither kdb
or kgdb faces the userspace (except via a SysRq, which can be disabled)
and triggering either already implies the user is not especially
concerned about things like availability guarantees since they are happy
for everything running on the system to be halted indefinitely.
Additionally breakpoints in kgdb/kdb are not wildcarded so there are no
need to worry about a user selecting a bad pattern! Setting a breakpoint
with kgdb/kdb needs a user (who is assumed to have kernel knowledge) to
have explicitly chose to study the dynamic behaviour of that particular
bit of code.
I'm not saying kgdb/kdb would not benefit from additional safety
barriers (it would), simply that the problem is less acute.
Daniel.
next prev parent reply other threads:[~2020-03-10 17:05 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-09 17:02 Instrumentation and RCU Thomas Gleixner
2020-03-09 18:15 ` Steven Rostedt
2020-03-09 18:42 ` Joel Fernandes
2020-03-09 19:07 ` Steven Rostedt
2020-03-09 19:20 ` Mathieu Desnoyers
2020-03-16 15:02 ` Joel Fernandes
2020-03-09 18:59 ` Thomas Gleixner
2020-03-10 8:09 ` Masami Hiramatsu
2020-03-10 11:43 ` Thomas Gleixner
2020-03-10 15:31 ` Mathieu Desnoyers
2020-03-10 15:46 ` Steven Rostedt
2020-03-10 16:21 ` Mathieu Desnoyers
2020-03-11 0:18 ` Masami Hiramatsu
2020-03-11 0:37 ` Mathieu Desnoyers
2020-03-11 7:48 ` Masami Hiramatsu
2020-03-10 16:06 ` Masami Hiramatsu
2020-03-12 13:53 ` Peter Zijlstra
2020-03-10 15:24 ` Mathieu Desnoyers
2020-03-10 17:05 ` Daniel Thompson [this message]
2020-03-09 18:37 ` Mathieu Desnoyers
2020-03-09 18:44 ` Steven Rostedt
2020-03-09 18:52 ` Mathieu Desnoyers
2020-03-09 19:09 ` Steven Rostedt
2020-03-09 19:25 ` Mathieu Desnoyers
2020-03-09 19:52 ` Thomas Gleixner
2020-03-10 15:03 ` Mathieu Desnoyers
2020-03-10 16:48 ` Thomas Gleixner
2020-03-10 17:40 ` Mathieu Desnoyers
2020-03-10 18:31 ` Thomas Gleixner
2020-03-10 18:37 ` Mathieu Desnoyers
2020-03-10 1:40 ` Alexei Starovoitov
2020-03-10 8:02 ` Thomas Gleixner
2020-03-10 16:54 ` Paul E. McKenney
2020-03-17 17:56 ` Joel Fernandes
2020-03-09 20:18 ` Peter Zijlstra
2020-03-09 20:47 ` Paul E. McKenney
2020-03-09 20:58 ` Steven Rostedt
2020-03-09 21:25 ` Paul E. McKenney
2020-03-09 23:52 ` Frederic Weisbecker
2020-03-10 2:26 ` Paul E. McKenney
2020-03-10 15:13 ` Mathieu Desnoyers
2020-03-10 16:49 ` Paul E. McKenney
2020-03-10 17:22 ` Mathieu Desnoyers
2020-03-10 17:26 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200310170536.w4p5r2fnsyaorys5@holly.lan \
--to=daniel.thompson@linaro.org \
--cc=ast@kernel.org \
--cc=frederic@kernel.org \
--cc=jason.wessel@windriver.com \
--cc=joel@joelfernandes.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mhiramat@kernel.org \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).