Re: [PING PATCH v7] kallsyms: new /proc/kallmodsyms with builtin modules

From: Nick Alcock
Date: Wed Jan 12 2022 - 12:00:08 EST

Next message: Vitaly Kuznetsov: "[PATCH v3 0/5] KVM: nVMX: Fix Windows 11 + WSL2 + Enlightened VMCS"
Previous message: Alexandre Belloni: "Re: [PATCH] selftests: rtc: Increase test timeout so that all tests run"
In reply to: Luis Chamberlain: "Re: [PING PATCH v7] kallsyms: new /proc/kallmodsyms with builtin modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12 Jan 2022, Luis Chamberlain stated:

> On Thu, Dec 16, 2021 at 08:19:12PM +0000, Nick Alcock wrote:
>> /proc/kallsyms is very useful for tracers and other tools that need to
>> map kernel symbols to addresses.
>>
>> It would be useful
>
> It took me digging on archives to see to *who* this is useful to.
> The short answer seeme to be dtrace. Can you work on getting use
> of this for something (I don't know, maybe kernelshark?) that does
> not taint the kernel? Last I checked using dtrace on linux taints the
> kernel.

It hasn't tainted the kernel for at least four years :) v1 (with a
kernel module) has been GPLv2 since 2017; v2 is pure-BPF and has no
DTrace-specific kernel modules, just using some new things we have to
add to the kernel, most of which seem plausibly useful to others too
(kallmodsyms, waitfd pro tem until pidfd supports ptracers, and CTF).

This is not a DTrace-specific feature in any case: all my submissions
have noted that it seems likely to be useful to anyone who wants a
stable reference to modules that doesn't change whenever the kernel
config changes, which probably means most tracers with support for
kernel modules which implement anything like a programming language.

> Without valid upstream users I see no need to add more complexity to the
> kernel. And complexity added by tainting modules or not upstream modules

We don't need any of those any more :) Even CTF is now generated by GCC
(once GCC 12 is released) and deduplicated by GNU ld: the CTF patch will
be only a few hundred lines long once GCC 12 is out and I drop the
DWARF->CTF translator.

> Without a valid non-taining user being made very clear with a value-add,
> I will have to ignore this.

I hope this gives you a reason to not ignore it! Have some links:

DTrace v1 (maintenance mode, fairly hefty GPL kernel module, UPL
userspace; fully-functional including fbt, kernel side will shrink):

https://github.com/oracle/dtrace-linux-kernel v1/5.15
https://github.com/oracle/dtrace-utils 1.x-branch-dev

DTrace v2 based on BPF, in progress, some features still missing (UPL
userspace and a few GPL kernel patches, including this one: needs a BPF
cross-compiler, which is a new GCC 12 target):

https://github.com/oracle/dtrace-linux-kernel v2/5.14.9
https://github.com/oracle/dtrace-utils 2.0-branch

(I'm going to respin all of these kernel branches against 5.17-rc once
the merge window closes, and bring the things both kernel trees have in
common into sync. I'll drop you a line once that's done.)

Config-wise both of these need kernels with CONFIG_KALLMODSYMS,
CONFIG_WAITFD and CONFIG_CTF turned on, and a kernel built with a 'make
ctf' done after 'make', and the kernel source tree available when DTrace
proper is built.

--
NULL && (void)

Next message: Vitaly Kuznetsov: "[PATCH v3 0/5] KVM: nVMX: Fix Windows 11 + WSL2 + Enlightened VMCS"
Previous message: Alexandre Belloni: "Re: [PATCH] selftests: rtc: Increase test timeout so that all tests run"
In reply to: Luis Chamberlain: "Re: [PING PATCH v7] kallsyms: new /proc/kallmodsyms with builtin modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]