On Tue, Jul 16, 2019 at 06:41:50PM -0400, Joel Fernandes wrote: > On Tue, Jul 16, 2019 at 03:26:52PM -0700, Alexei Starovoitov wrote: > > On Tue, Jul 16, 2019 at 05:30:50PM -0400, Joel Fernandes wrote: > > > > > > I also thought about the pinning idea before, but we also want to add support > > > for not just raw tracepoints, but also regular tracepoints (events if you > > > will). I am hesitant to add a new BPF API just for creating regular > > > tracepoints and then pinning those as well. > > > > and they should be done through the pinning as well. > > Hmm ok, I will give it some more thought. I think I can make the new BPF API + pinning approach work, I will try to work on something like this and post it soon. Also, I had a question below if you don't mind taking a look: thanks Alexei! > > > I don't see why a new bpf node for a trace event is a bad idea, really. > > > > See the patches for kprobe/uprobe FD-based api and the reasons behind it. > > tldr: text is racy, doesn't scale, poor security, etc. > > Is it possible to use perf without CAP_SYS_ADMIN and control security at the > per-event level? We are selective about who can access which event, using > selinux. That's how our ftrace-based tracers work. Its fine grained per-event > control. That's where I was going with the tracefs approach since we get that > granularity using the file system. > > Thanks. >
