From: Joel Fernandes <joel@joelfernandes.org>
To: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Cc: linux-kernel@vger.kernel.org,
Adrian Ratiu <adrian.ratiu@collabora.com>,
Alexei Starovoitov <ast@kernel.org>,
bpf@vger.kernel.org, Brendan Gregg <brendan.d.gregg@gmail.com>,
connoro@google.com, Daniel Borkmann <daniel@iogearbox.net>,
duyuchao <yuchao.du@unisoc.com>, Ingo Molnar <mingo@redhat.com>,
jeffv@google.com, Karim Yaghmour <karim.yaghmour@opersys.com>,
kernel-team@android.com, linux-kselftest@vger.kernel.org,
Manali Shukla <manalishukla14@gmail.com>,
Manjo Raja Rao <linux@manojrajarao.com>,
Martin KaFai Lau <kafai@fb.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Matt Mullins <mmullins@fb.com>,
Michal Gregorczyk <michalgr@fb.com>,
Michal Gregorczyk <michalgr@live.com>,
Mohammad Husain <russoue@gmail.com>,
namhyung@google.com, namhyung@kernel.org, netdev@vger.kernel.org,
paul.chaignon@gmail.com, primiano@google.com,
Qais Yousef <qais.yousef@arm.com>, Shuah Khan <shuah@kernel.org>,
Song Liu <songliubraving@fb.com>,
Srinivas Ramana <sramana@codeaurora.org>,
Steven Rostedt <rostedt@goodmis.org>,
Tamir Carmeli <carmeli.tamir@gmail.com>,
Yonghong Song <yhs@fb.com>
Subject: Re: [PATCH RFC 0/4] Add support to directly attach BPF program to ftrace
Date: Tue, 16 Jul 2019 18:41:50 -0400 [thread overview]
Message-ID: <20190716224150.GC172157@google.com> (raw)
In-Reply-To: <20190716222650.tk2coihjtsxszarf@ast-mbp.dhcp.thefacebook.com>
On Tue, Jul 16, 2019 at 03:26:52PM -0700, Alexei Starovoitov wrote:
> On Tue, Jul 16, 2019 at 05:30:50PM -0400, Joel Fernandes wrote:
> >
> > I also thought about the pinning idea before, but we also want to add support
> > for not just raw tracepoints, but also regular tracepoints (events if you
> > will). I am hesitant to add a new BPF API just for creating regular
> > tracepoints and then pinning those as well.
>
> and they should be done through the pinning as well.
Hmm ok, I will give it some more thought.
> > I don't see why a new bpf node for a trace event is a bad idea, really.
>
> See the patches for kprobe/uprobe FD-based api and the reasons behind it.
> tldr: text is racy, doesn't scale, poor security, etc.
Is it possible to use perf without CAP_SYS_ADMIN and control security at the
per-event level? We are selective about who can access which event, using
selinux. That's how our ftrace-based tracers work. Its fine grained per-event
control. That's where I was going with the tracefs approach since we get that
granularity using the file system.
Thanks.
next prev parent reply other threads:[~2019-07-16 22:41 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-10 14:15 [PATCH RFC 0/4] Add support to directly attach BPF program to ftrace Joel Fernandes (Google)
2019-07-10 14:15 ` [PATCH RFC 1/4] Move bpf_raw_tracepoint functionality into bpf_trace.c Joel Fernandes (Google)
2019-07-10 14:15 ` [PATCH RFC 2/4] trace/bpf: Add support for attach/detach of ftrace events to BPF Joel Fernandes (Google)
2019-07-10 14:15 ` [PATCH RFC 3/4] lib/bpf: Add support for ftrace event attach and detach Joel Fernandes (Google)
2019-07-10 14:15 ` [PATCH RFC 4/4] selftests/bpf: Add test for ftrace-based BPF attach/detach Joel Fernandes (Google)
2019-07-16 20:54 ` [PATCH RFC 0/4] Add support to directly attach BPF program to ftrace Alexei Starovoitov
2019-07-16 21:30 ` Joel Fernandes
2019-07-16 22:26 ` Alexei Starovoitov
2019-07-16 22:41 ` Joel Fernandes [this message]
2019-07-16 23:55 ` Joel Fernandes
2019-07-17 1:24 ` Alexei Starovoitov
2019-07-17 13:01 ` Joel Fernandes
2019-07-17 21:40 ` Alexei Starovoitov
2019-07-18 2:51 ` Joel Fernandes
2019-07-23 22:11 ` Alexei Starovoitov
2019-07-24 13:57 ` Joel Fernandes
2019-07-26 18:39 ` Alexei Starovoitov
2019-07-26 19:18 ` Joel Fernandes
2019-07-26 19:49 ` Joel Fernandes
2019-07-16 22:43 ` Steven Rostedt
2019-07-16 22:31 ` Steven Rostedt
2019-07-16 22:46 ` Joel Fernandes
2019-07-17 1:30 ` Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190716224150.GC172157@google.com \
--to=joel@joelfernandes.org \
--cc=adrian.ratiu@collabora.com \
--cc=alexei.starovoitov@gmail.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brendan.d.gregg@gmail.com \
--cc=carmeli.tamir@gmail.com \
--cc=connoro@google.com \
--cc=daniel@iogearbox.net \
--cc=jeffv@google.com \
--cc=kafai@fb.com \
--cc=karim.yaghmour@opersys.com \
--cc=kernel-team@android.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux@manojrajarao.com \
--cc=manalishukla14@gmail.com \
--cc=mhiramat@kernel.org \
--cc=michalgr@fb.com \
--cc=michalgr@live.com \
--cc=mingo@redhat.com \
--cc=mmullins@fb.com \
--cc=namhyung@google.com \
--cc=namhyung@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=paul.chaignon@gmail.com \
--cc=primiano@google.com \
--cc=qais.yousef@arm.com \
--cc=rostedt@goodmis.org \
--cc=russoue@gmail.com \
--cc=shuah@kernel.org \
--cc=songliubraving@fb.com \
--cc=sramana@codeaurora.org \
--cc=yhs@fb.com \
--cc=yuchao.du@unisoc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).