From: pi3orama <pi3orama@163.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: "Wangnan (F)" <wangnan0@huawei.com>,
Alexei Starovoitov <ast@plumgrid.com>,
xiakaixu <xiakaixu@huawei.com>,
davem@davemloft.net, acme@kernel.org, mingo@redhat.com,
masami.hiramatsu.pt@hitachi.com, jolsa@kernel.org,
daniel@iogearbox.net, linux-kernel@vger.kernel.org,
hekuang@huawei.com, netdev@vger.kernel.org
Subject: Re: [PATCH V5 1/1] bpf: control events stored in PERF_EVENT_ARRAY maps trace data output when perf sampling
Date: Wed, 21 Oct 2015 23:06:47 +0800 [thread overview]
Message-ID: <586A5B33-C9C9-433D-B6E9-019264BF7DDB@163.com> (raw)
In-Reply-To: <20151021140921.GI3604@twins.programming.kicks-ass.net>
发自我的 iPhone
> 在 2015年10月21日,下午10:09,Peter Zijlstra <peterz@infradead.org> 写道:
>
> On Wed, Oct 21, 2015 at 10:01:46PM +0800, pi3orama wrote:
>>> 在 2015年10月21日,下午9:49,Peter Zijlstra <peterz@infradead.org> 写道:
>>>
>>>> On Wed, Oct 21, 2015 at 09:42:12PM +0800, Wangnan (F) wrote:
>>>> How can an eBPF program access a !local event:
>>>>
>>>> when creating perf event array we don't care which perf event
>>>> is for which CPU, so perf program can access any perf event in
>>>> that array.
>>>
>>> So what is stopping the eBPF thing from calling perf_event_read_local()
>>> on a !local event and triggering a kernel splat?
>>
>> I can understand the perf_event_read_local() case, but I really can't understand
>> what is stopping us to write to an atomic field belong to a !local perf event.
>> Could you please give a further explanation?
>
> I simply do not get how this eBPF stuff works.
>
> Either I have access to !local events and I can hand one to
> perf_event_read_local() and cause badness, or I do not have access to
> !local events and the whole 'soft enable/disable' thing is simple.
>
> They cannot be both true.
>
> So explain; how does this eBPF stuff work.
I think I get your point this time, and let me explain the eBPF stuff to you.
You are aware that BPF programmer can break the system in this way:
A=get_non_local_perf_event()
perf_event_read_local(A)
BOOM!
However the above logic is impossible because BPF program can't work this
way.
First of all, it is impossible for a BPF program directly invoke a kernel function.
Doesn't like kernel module, BPF program can only invoke functions designed for
them, like what this patch does. So the ability of BPF programs is strictly
restricted by kernel. If we don't allow BPF program call perf_event_read_local()
across core, we can check this and return error in function we provide for them.
Second: there's no way for a BPF program directly access a perf event. All perf
events have to be wrapped by a map and be accessed by BPF functions described
above. We don't allow BPF program fetch array element from that map. So
pointers of perf event is safely protected from BPF program.
In summary, your either-or logic doesn't hold in BPF world. A BPF program can
only access perf event in a highly restricted way. We don't allow it calling
perf_event_read_local() across core, so it can't.
Thank you.
next prev parent reply other threads:[~2015-10-21 15:12 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-20 7:22 [PATCH V5 0/1] bpf: control events stored in PERF_EVENT_ARRAY maps trace data output when perf sampling Kaixu Xia
2015-10-20 7:22 ` [PATCH V5 1/1] " Kaixu Xia
2015-10-20 22:53 ` Alexei Starovoitov
2015-10-21 9:12 ` Peter Zijlstra
2015-10-21 10:31 ` xiakaixu
2015-10-21 11:33 ` Peter Zijlstra
2015-10-21 11:49 ` Wangnan (F)
2015-10-21 12:17 ` Peter Zijlstra
2015-10-21 13:42 ` Wangnan (F)
2015-10-21 13:49 ` Peter Zijlstra
2015-10-21 14:01 ` pi3orama
2015-10-21 14:09 ` Peter Zijlstra
2015-10-21 15:06 ` pi3orama [this message]
2015-10-21 16:57 ` Peter Zijlstra
2015-10-21 21:19 ` Alexei Starovoitov
2015-10-22 9:06 ` Peter Zijlstra
2015-10-22 10:28 ` Wangnan (F)
2015-10-23 12:52 ` Peter Zijlstra
2015-10-23 15:12 ` Peter Zijlstra
2015-10-27 6:43 ` xiakaixu
2015-10-22 2:46 ` Wangnan (F)
2015-10-22 7:39 ` Ingo Molnar
2015-10-22 7:51 ` Wangnan (F)
2015-10-22 9:24 ` Peter Zijlstra
2015-10-22 1:56 ` Wangnan (F)
2015-10-22 3:09 ` Alexei Starovoitov
2015-10-22 3:12 ` Wangnan (F)
2015-10-22 3:26 ` Alexei Starovoitov
2015-10-22 9:49 ` Peter Zijlstra
2015-10-21 11:34 ` Wangnan (F)
2015-10-21 11:56 ` Peter Zijlstra
2015-10-21 12:03 ` Wangnan (F)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=586A5B33-C9C9-433D-B6E9-019264BF7DDB@163.com \
--to=pi3orama@163.com \
--cc=acme@kernel.org \
--cc=ast@plumgrid.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=hekuang@huawei.com \
--cc=jolsa@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masami.hiramatsu.pt@hitachi.com \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=wangnan0@huawei.com \
--cc=xiakaixu@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).