Re: [PATCH v1 0/2] perf: Drop leaked kernel samples

From: Jin, Yao
Date: Fri Jun 15 2018 - 04:01:55 EST

Next message: Tomasz Figa: "Re: [RFC PATCH 1/2] media: docs-rst: Add decoder UAPI specification to Codec Interfaces"
Previous message: Julien Thierry: "Re: [RFC PATCH 03/23] genirq: Introduce IRQF_DELIVER_AS_NMI"
In reply to: Peter Zijlstra: "Re: [PATCH v1 0/2] perf: Drop leaked kernel samples"
Next in thread: Peter Zijlstra: "Re: [PATCH v1 0/2] perf: Drop leaked kernel samples"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/15/2018 3:45 PM, Peter Zijlstra wrote:

On Fri, Jun 15, 2018 at 06:03:21PM +0800, Jin Yao wrote:

On workloads that do a lot of kernel entry/exits we see kernel
samples, even though :u is specified. This is due to skid existing.

This might be a security issue because it can leak kernel addresses even
though kernel sampling support is disabled.

One patch "perf/core: Drop kernel samples even though :u is specified"
was posted in last year but it was reverted because it introduced a
regression issue that broke the rr-project.

Now this patch set uses sysctl to control the dropping of leaked
kernel samples.

So what happened to the suggestion of keeping the samples but 0-stuffing
all the tricky bits?

Bring more overhead to kernel if we zero the bits considering the number of leaked samples may be not too small?

And the skid information may be interesting (see example of hitting on page_fault in previous mail). If we zero it, we will not know.

Thanks
Jin Yao

Next message: Tomasz Figa: "Re: [RFC PATCH 1/2] media: docs-rst: Add decoder UAPI specification to Codec Interfaces"
Previous message: Julien Thierry: "Re: [RFC PATCH 03/23] genirq: Introduce IRQF_DELIVER_AS_NMI"
In reply to: Peter Zijlstra: "Re: [PATCH v1 0/2] perf: Drop leaked kernel samples"
Next in thread: Peter Zijlstra: "Re: [PATCH v1 0/2] perf: Drop leaked kernel samples"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]