Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On 2020/8/12 11:52, Jin, Yao wrote: Hi Peter, On 8/11/2020 4:45 PM, Peter Zijlstra wrote: On Tue, Aug 11, 2020 at 04:31:10PM +0800, Jin, Yao wrote: Hi Peter, On 8/11/2020 3:59 PM, Peter Zijlstra wrote: On Tue, Aug 11, 2020 at 03:50:43PM +0800, Jin, Yao wrote: Could I post v2 which basically

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/11/2020 4:45 PM, Peter Zijlstra wrote: On Tue, Aug 11, 2020 at 04:31:10PM +0800, Jin, Yao wrote: Hi Peter, On 8/11/2020 3:59 PM, Peter Zijlstra wrote: On Tue, Aug 11, 2020 at 03:50:43PM +0800, Jin, Yao wrote: Could I post v2 which basically refers to your patch but removes som

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Tue, Aug 11, 2020 at 04:31:10PM +0800, Jin, Yao wrote: > Hi Peter, > > On 8/11/2020 3:59 PM, Peter Zijlstra wrote: > > On Tue, Aug 11, 2020 at 03:50:43PM +0800, Jin, Yao wrote: > > > Could I post v2 which basically refers to your patch but removes some > > > conditions since I see some issues i

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/11/2020 3:59 PM, Peter Zijlstra wrote: On Tue, Aug 11, 2020 at 03:50:43PM +0800, Jin, Yao wrote: Could I post v2 which basically refers to your patch but removes some conditions since I see some issues in test if we use these conditions. 1. Remove '!event->attr.exclude_hv || !

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Tue, Aug 11, 2020 at 03:50:43PM +0800, Jin, Yao wrote: > Could I post v2 which basically refers to your patch but removes some > conditions since I see some issues in test if we use these conditions. > > 1. Remove '!event->attr.exclude_hv || !event->attr.exclude_host || > !event->attr.excl

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/6/2020 10:26 AM, Jin, Yao wrote: Hi Peter, On 8/5/2020 8:44 PM, pet...@infradead.org wrote: On Wed, Aug 05, 2020 at 10:15:26AM +0800, Jin, Yao wrote: Hi Peter, On 8/4/2020 7:49 PM, pet...@infradead.org wrote: On Fri, Jul 31, 2020 at 10:56:17AM +0800, Jin Yao wrote: @@ -6973,

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/7/2020 5:02 PM, pet...@infradead.org wrote: On Fri, Aug 07, 2020 at 02:24:30PM +0800, Jin, Yao wrote: Hi Peter, On 8/6/2020 7:00 PM, pet...@infradead.org wrote: On Thu, Aug 06, 2020 at 11:18:27AM +0200, pet...@infradead.org wrote: Suppose we have nested virt: L0-hv

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Fri, Aug 07, 2020 at 02:24:30PM +0800, Jin, Yao wrote: > Hi Peter, > > On 8/6/2020 7:00 PM, pet...@infradead.org wrote: > > On Thu, Aug 06, 2020 at 11:18:27AM +0200, pet...@infradead.org wrote: > > > > > Suppose we have nested virt: > > > > > > L0-hv > > > | > > > G0/L1-hv > > > |

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/6/2020 7:00 PM, pet...@infradead.org wrote: On Thu, Aug 06, 2020 at 11:18:27AM +0200, pet...@infradead.org wrote: Suppose we have nested virt: L0-hv | G0/L1-hv | G1 And we're running in G0, then: - 'exclude_hv' would exclude L0

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/6/2020 5:24 PM, pet...@infradead.org wrote: On Thu, Aug 06, 2020 at 11:18:27AM +0200, pet...@infradead.org wrote: On Thu, Aug 06, 2020 at 10:26:29AM +0800, Jin, Yao wrote: +static struct pt_regs *sanitize_sample_regs(struct perf_event *event, struct pt_regs *regs) +{ + s

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/6/2020 5:18 PM, pet...@infradead.org wrote: On Thu, Aug 06, 2020 at 10:26:29AM +0800, Jin, Yao wrote: +static struct pt_regs *sanitize_sample_regs(struct perf_event *event, struct pt_regs *regs) +{ + struct pt_regs *sample_regs = regs; + + /* user only */ + if

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Thu, Aug 06, 2020 at 11:18:27AM +0200, pet...@infradead.org wrote: > Suppose we have nested virt: > > L0-hv > | > G0/L1-hv > | > G1 > > And we're running in G0, then: > > - 'exclude_hv' would exclude L0 events > - 'exclude_host' would ... exclude L1-hv e

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Thu, Aug 06, 2020 at 11:18:27AM +0200, pet...@infradead.org wrote: > On Thu, Aug 06, 2020 at 10:26:29AM +0800, Jin, Yao wrote: > > > > +static struct pt_regs *sanitize_sample_regs(struct perf_event *event, > > > struct pt_regs *regs) > > > +{ > > > + struct pt_regs *sample_regs = regs; > > > +

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Thu, Aug 06, 2020 at 10:26:29AM +0800, Jin, Yao wrote: > > +static struct pt_regs *sanitize_sample_regs(struct perf_event *event, > > struct pt_regs *regs) > > +{ > > + struct pt_regs *sample_regs = regs; > > + > > + /* user only */ > > + if (!event->attr.exclude_kernel || !event->attr.e

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/5/2020 8:44 PM, pet...@infradead.org wrote: On Wed, Aug 05, 2020 at 10:15:26AM +0800, Jin, Yao wrote: Hi Peter, On 8/4/2020 7:49 PM, pet...@infradead.org wrote: On Fri, Jul 31, 2020 at 10:56:17AM +0800, Jin Yao wrote: @@ -6973,7 +6973,8 @@ static struct perf_callchain_entry __

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Wed, Aug 05, 2020 at 10:15:26AM +0800, Jin, Yao wrote: > Hi Peter, > > On 8/4/2020 7:49 PM, pet...@infradead.org wrote: > > On Fri, Jul 31, 2020 at 10:56:17AM +0800, Jin Yao wrote: > > > @@ -6973,7 +6973,8 @@ static struct perf_callchain_entry > > > __empty_callchain = { .nr = 0, }; > > > st

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Wed, Aug 05, 2020 at 02:44:54PM +0200, pet...@infradead.org wrote: > How's this? Clearly I didn't even hold it near a compiler... > --- > kernel/events/core.c | 38 +- > 1 file changed, 33 insertions(+), 5 deletions(-) > > diff --git a/kernel/events/core.

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

Hi Peter, On 8/4/2020 7:49 PM, pet...@infradead.org wrote: On Fri, Jul 31, 2020 at 10:56:17AM +0800, Jin Yao wrote: @@ -6973,7 +6973,8 @@ static struct perf_callchain_entry __empty_callchain = { .nr = 0, }; struct perf_callchain_entry * perf_callchain(struct perf_event *event, struct pt_re

Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

On Fri, Jul 31, 2020 at 10:56:17AM +0800, Jin Yao wrote: > @@ -6973,7 +6973,8 @@ static struct perf_callchain_entry __empty_callchain = > { .nr = 0, }; > struct perf_callchain_entry * > perf_callchain(struct perf_event *event, struct pt_regs *regs) > { > - bool kernel = !event->attr.exclude

[PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

When doing sampling, for example, perf record -e cycles:u ... On workloads that do a lot of kernel entry/exits we see kernel samples, even though :u is specified. This is due to skid. This is a potential security issue because it may leak kernel address even though kernel sampling is disabled.