|From:||Kyle Moffett <kyle-AT-moffetthome.net>|
|To:||Linus Torvalds <torvalds-AT-linux-foundation.org>|
|Subject:||Re: linux-next: add utrace tree|
|Date:||Sat, 23 Jan 2010 01:20:53 -0500|
|Cc:||"Frank Ch. Eigler" <fche-AT-redhat.com>, Oleg Nesterov <oleg-AT-redhat.com>, Andrew Morton <akpm-AT-linux-foundation.org>, Stephen Rothwell <sfr-AT-canb.auug.org.au>, Peter Zijlstra <a.p.zijlstra-AT-chello.nl>, Peter Zijlstra <peterz-AT-infradead.org>, "Fr??d??ric Weisbecker" <fweisbec-AT-gmail.com>, LKML <linux-kernel-AT-vger.kernel.org>, Steven Rostedt <rostedt-AT-goodmis.org>, Arnaldo Carvalho de Melo <acme-AT-redhat.com>, linux-next-AT-vger.kernel.org, "H. Peter Anvin" <hpa-AT-zytor.com>, utrace-devel-AT-redhat.com, Thomas Gleixner <tglx-AT-linutronix.de>|
On Fri, Jan 22, 2010 at 19:22, Linus Torvalds <firstname.lastname@example.org> wrote: > There are cases where we really _want_ to have common code. We want to > have a common VFS interface because we want to show _one_ interface to > user space across a gazillion different filesystems. We want to have a > common driver layer (as far as possible) because - again - we expose a > metric shitload of drivers, and we want to have one unified interface to > them. So... Everybody agrees that ptrace() is horrible and a royal pain to use, let alone use correctly and without bugs. Everybody also agrees that ptrace() needs to stay around for a long time to avoid breaking all the existing users. Now how do we get from here to a moderately portable API for interrogating, controlling, and intercepting process state? Essentially it would need to support all of the things that a powerful debugger would want to do, including modifying registers and memory, substituting syscall return values, etc. I believe that "utrace" is the kernel side of that API. The killer app for this will be the ability to delete thousands of lines of code from GDB, strace, and all the various other tools that have to painfully work around the major interface gotchas of ptrace(), while at the same time making their handling of complex processes much more robust. The *second* killer app for this is to make it much easier for people to write new userspace debugging tools. I love the various crash-catching tools that different distributions or applications provide, but they all basically have to trap the SIGSEGV and hope they're still sensible enough to fork() and exec() a gdb process. Furthermore, I would love to be able to write debugging tools for scripting languages that allow me to step across Perl, C, PHP, assembly code, etc, all within the same process. In theory that's all possible today, but given how much of a *pain* ptrace() is to use correctly, nobody bothers. Now, with all that said, "utrace" does not provide any of the userspace side APIs today... but I think it is a necessary refactoring if we want to provide a new ideal process-introspection interface without breaking all the ptrace() users. Think of the "utrace" interface as very much like the LSM interface. Just like with LSMs, there is a lot of active research in debugging and tracing tools, and nobody can even remotely agree what the hell they want out of the hooks. In theory you could add one hook for every place each security module needs one... but then your fast-path is littered with always-false test-and-jump statements. What "utrace" provides is the one single test in each fast path that then searches for and executes the appropriate slow path(s) for that process. I personally would be very happy to see "utrace" merged. Cheers, Kyle Moffett
Copyright © 2010, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds