From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 391 invoked by alias); 10 May 2006 12:18:04 -0000 Received: (qmail 384 invoked by uid 22791); 10 May 2006 12:18:03 -0000 X-Spam-Status: No, hits=-2.1 required=5.0 tests=AWL,BAYES_00,SPF_PASS X-Spam-Check-By: sourceware.org Received: from e5.ny.us.ibm.com (HELO e5.ny.us.ibm.com) (32.97.182.145) by sourceware.org (qpsmtpd/0.31) with ESMTP; Wed, 10 May 2006 12:17:58 +0000 Received: from d01relay02.pok.ibm.com (d01relay02.pok.ibm.com [9.56.227.234]) by e5.ny.us.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id k4ACHpuB013363 for ; Wed, 10 May 2006 08:17:54 -0400 Received: from d01av02.pok.ibm.com (d01av02.pok.ibm.com [9.56.224.216]) by d01relay02.pok.ibm.com (8.12.10/NCO/VER6.8) with ESMTP id k4ACHpgp228222 for ; Wed, 10 May 2006 08:17:51 -0400 Received: from d01av02.pok.ibm.com (loopback [127.0.0.1]) by d01av02.pok.ibm.com (8.12.11/8.13.3) with ESMTP id k4ACHodg027623 for ; Wed, 10 May 2006 08:17:51 -0400 Received: from newton.in.ibm.com (N20wks267552wss.in.ibm.com [9.124.31.64] (may be forged)) by d01av02.pok.ibm.com (8.12.11/8.12.11) with ESMTP id k4ACHn5f027490; Wed, 10 May 2006 08:17:49 -0400 Received: by newton.in.ibm.com (Postfix, from userid 500) id 88D79CE3; Wed, 10 May 2006 17:47:50 +0530 (IST) Date: Wed, 10 May 2006 12:18:00 -0000 From: Prasanna S Panchamukhi To: Hugh Dickins Cc: linux-kernel@vger.kernel.org, systemtap@sources.redhat.com, akpm@osdl.org, Andi Kleen , davem@davemloft.net, suparna@in.ibm.com, richardj_moore@uk.ibm.com, hch@infradead.org Subject: Re: [RFC] [PATCH 6/6] Kprobes: Remove breakpoints from the copied pages Message-ID: <20060510121750.GD12463@in.ibm.com> Reply-To: prasanna@in.ibm.com References: <20060509065455.GA11630@in.ibm.com> <20060509065917.GA22493@in.ibm.com> <20060509070106.GB22493@in.ibm.com> <20060509070508.GC22493@in.ibm.com> <20060509070911.GD22493@in.ibm.com> <20060509071204.GE22493@in.ibm.com> <20060509071523.GF22493@in.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i X-IsSubscribed: yes Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm Precedence: bulk List-Subscribe: List-Post: List-Help: , Sender: systemtap-owner@sourceware.org X-SW-Source: 2006-q2/txt/msg00369.txt.bz2 On Tue, May 09, 2006 at 06:04:50PM +0100, Hugh Dickins wrote: > On Tue, 9 May 2006, Prasanna S Panchamukhi wrote: > > This patch removes the breakpoints if the pages read from the page > > cache contains breakpoints. If the pages containing the breakpoints > > is copied from the page cache, the copied image would also contain > > breakpoints in them. This could be a major problem for tools like > > tripwire etc and cause security concerns, hence must be prevented. > > This patch hooks up the actor routine, checks if the executable was > > a probed executable using the file inode and then replaces the > > breakpoints with the original opcodes in the copied image. > > You've done a nice job of making the code look like kernel code > throughout, it's a much tidier patchset than many. > > With that said... it looks to me like one of the scariest and > most inappropriate sets I can remember. Getting the kernel to > connive in presenting an incoherent view of its pagecache: > I don't think we'd ever want that. > As Andi Kleen and Christoph suggested pagecache contention can be avoided using the COW approach. Advantages of COW: 1. No need to hookup file_read_actor() to remove the breakpoints if a the probed page was read from pagecache. 2. No need to hookup readpage(s)() to insert probes when pages are read into the memory. Some thoughts about COW implications AFAIK 1. Need to hookup mmap() to make a per process copy. 2. Bring in the pages just to insert the probes. 3. All the text pages need to be in memory until process exits. 4. Free up the per process text pages by hooking exit() and exec(). 5. Maskoff probes visible across fork(), by hooking fork(). Any implications ? Thanks Prasanna -- Prasanna S Panchamukhi Linux Technology Center India Software Labs, IBM Bangalore Email: prasanna@in.ibm.com Ph: 91-80-41776329