This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

RE: [RFC] Tracepoint proposal

From: "Takashi Nishiie" <t-nishiie at np dot css dot fujitsu dot com>
To: "'Masami Hiramatsu'" <mhiramat at redhat dot com>, "'Alexey Dobriyan'" <adobriyan at gmail dot com>
Cc: "'Mathieu Desnoyers'" <mathieu dot desnoyers at polymtl dot ca>, "'Peter Zijlstra'" <peterz at infradead dot org>, "'Steven Rostedt'" <rostedt at goodmis dot org>, "'Frank Ch. Eigler'" <fche at redhat dot com>, "'Ingo Molnar'" <mingo at elte dot hu>, "'LKML'" <linux-kernel at vger dot kernel dot org>, "'systemtap-ml'" <systemtap at sources dot redhat dot com>, "'Hideo AOKI'" <haoki at redhat dot com>
Date: Tue, 24 Jun 2008 16:15:35 +0900
Subject: RE: [RFC] Tracepoint proposal
References: <485BE2C6.1080901@redhat.com> <20080620174529.GB10943@Krystal> <1213992446.3223.195.camel@lappy.programming.kicks-ass.net> <20080622171135.GA19432@Krystal> <20080622175928.GA5022@martell.zuzino.mipt.ru> <20080622182705.GA23301@Krystal> <20080624002010.GA4777@martell.zuzino.mipt.ru> <486071AF.3080709@redhat.com>

Hi

Hiramatsu wrote:
>One reason why we need markers or other in-the-middle-of-function 
>trace point is that some events happen inside functions, not it's 
>interface.

  Each kernel sub-system seems to have its own way of dealing with 
debugging statements. Some of these methods include 'dprintk', 
'pr_debug', 'dev_debug', 'DEBUGP'. I think that these functions are
the tracepoints that has been availably mounted without setting up 
the tool set of the outside. I think whether mounting that unites 
these functions can be done if kernel marker and tracepoint are used.

  By the way, isn't there problem on security?
  What kprobe, jprobe, and kernel marker, etc. offer looks like what 
the framework of Linux Security Module had offered before. Gotten 
kprobe, jprobe, and kernel marker, etc. should not be exported to the 
userland for security because it becomes the hotbed of rootkits. Users
such as kprobe, jprobe, and kernel marker should not be Loadable Kernel
Module. I think that there are some solutions in LTTng about this 
security problem. However, will the environment to be able to operate
SystemTap be really secure?
　At least, kernel commandline option to invalidate all of kprobe, 
jprobe, and kernel marker, etc. because of the batch might be 
necessary.

Thank you,

--
Takashi Nishiie

Follow-Ups:
- Re: [RFC] Tracepoint proposal
  - From: Frank Ch. Eigler
- Re: [RFC] Tracepoint proposal
  - From: Masami Hiramatsu

References:
- [RFC][Patch 2/2] markers: example of irq regular kernel markers
  - From: Masami Hiramatsu
- Re: [RFC][Patch 2/2] markers: example of irq regular kernel markers
  - From: Mathieu Desnoyers
- Re: [RFC][Patch 2/2] markers: example of irq regular kernel markers
  - From: Peter Zijlstra
- [RFC] Tracepoint proposal
  - From: Mathieu Desnoyers
- Re: [RFC] Tracepoint proposal
  - From: Alexey Dobriyan
- Re: [RFC] Tracepoint proposal
  - From: Mathieu Desnoyers
- Re: [RFC] Tracepoint proposal
  - From: Alexey Dobriyan
- Re: [RFC] Tracepoint proposal
  - From: Masami Hiramatsu

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]