Re: [PATCH v1 2/2] perf/core: Fake regs for leaked kernel samples

From: Jin, Yao
Date: Tue Aug 11 2020 - 23:52:49 EST


Hi Peter,

On 8/11/2020 4:45 PM, Peter Zijlstra wrote:
On Tue, Aug 11, 2020 at 04:31:10PM +0800, Jin, Yao wrote:
Hi Peter,

On 8/11/2020 3:59 PM, Peter Zijlstra wrote:
On Tue, Aug 11, 2020 at 03:50:43PM +0800, Jin, Yao wrote:
Could I post v2 which basically refers to your patch but removes some
conditions since I see some issues in test if we use these conditions.

1. Remove '!event->attr.exclude_hv || !event->attr.exclude_host ||
!event->attr.exclude_guest' at the entry of sanitize_sample_regs().

2. Remove '!attr.exclude_hv || !attr.exclude_host || !attr.exclude_guest'
at the perf_event_open syscall entry.

exclude_host, maybe -- due to the dodgy semantics of it, but the others
should definitely be there.


exclude_guest and exclude_hv are tricky too.

If we do 'perf record -e cycles:u' in both host and guest, we can see:

event->attr.exclude_guest = 0

thus sanitize_sample_regs() returns regs directly even if exclude_kernel = 1.

And in guest, exclude_hv = 0, it's out of my expectation too.

I'm confused, how can 'perf record -e cycles:u' _ever_ have
exclude_guest=0, exclude_hv=0 ? That simply makes no sense and is utterly
broken.

You explicitly ask for userspace-only, reporting hypervisor or guest
events is a straight up bug.


If we run 'perf record -e cycles:u',

1. On host, exclude_guest = 0 and exclude_hv = 1

perf tool doesn't specially set 'exclude_guest' when it parses the 'u' modifier. I agree that can be improved. I will post a perf tool patch to fix that.

2. On guest, exclude_guest = 0 and exclude_hv = 0.

For exclude_hv = 0, it looks like a bug but x86 doesn't use exclude_hv. But yes, we should fix that.

CC Like Xu <like.xu@xxxxxxxxxxxxxxx>.

Thanks
Jin Yao