Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Gentoo Dtrace
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo Chat
View previous topic :: View next topic  
Author Message
pingtoo
Veteran
Veteran


Joined: 10 Sep 2021
Posts: 1339
Location: Richmond Hill, Canada

PostPosted: Thu Oct 31, 2024 4:59 pm    Post subject: Gentoo Dtrace Reply with quote

When enable dtrace, those kernel configuration options must be static link in to kernel? Can they be set to as module? This question is conceptual as in I know this can be find from kconfig. But question is about is it better to have it static therefor lesser limitation or it does not matter.

And is there additional kernel stuff (files) required on file system in order for dtrace to function? (I mean beside user space dtraec utilities)
Back to top
View user's profile Send private message
sam_
Developer
Developer


Joined: 14 Aug 2020
Posts: 2038

PostPosted: Fri Nov 01, 2024 3:59 am    Post subject: Reply with quote

Thanks for playing with it! Really nice to see all the interest in it so far.

The kernel configuration options the ebuild marks (see https://wiki.gentoo.org/wiki/DTrace#Kernel_configuration) must be on, of course. As for whether they need to be a module or built-in "modules": there is better support for them being real modules for now. There are patches in gentoo-sources (not yet in the default config in gentoo-kernel so not in gentoo-kernel-bin but the patches are there too) which better support modules being built-in. The issue is obtaining range information when they're in the kernel image rather than separate modules. The only downside there is not being able to probe things in those affected modules.

No other stuff should be needed other than correct kernel configuration and dev-debug/dtrace installed.

TL;DR: Enable the kernel config options the ebuild mentions, prefer modules rather than built-in for now, install dev-debug/dtrace.
Back to top
View user's profile Send private message
pingtoo
Veteran
Veteran


Joined: 10 Sep 2021
Posts: 1339
Location: Richmond Hill, Canada

PostPosted: Fri Nov 01, 2024 3:07 pm    Post subject: Reply with quote

sam_,

Thank you for the information.
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Fri Nov 01, 2024 7:01 pm    Post subject: Reply with quote

Nice question and clarification from both of you.
Hence currently installing...

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Sat Nov 02, 2024 12:33 pm    Post subject: Reply with quote

Kernel config base is highly constrained here:
Only what is functionnaly required.
Mostly following app-admin/kernel-hardening-checker too.

Kernel config requirements aren't defined at ebuild level.

Thus emerging here throws:
Code:
>>> Running pre-merge checks for dev-debug/dtrace-2.0.1.1-r2
 * Determining the location of the kernel source code
 * Found kernel source directory:
 *     /usr/src/linux
 * Could not detect kernel version.
 * Please ensure that /usr/src/linux points to a complete set of Linux sources.
 * Unable to calculate Linux Kernel version for build, attempting to use running version
 * Checking for suitable kernel configuration options ...
 *   CONFIG_DEBUG_INFO_BTF:    is not set when it should be.
 *   CONFIG_KALLSYMS_ALL:    is not set when it should be.
 *   CONFIG_CUSE:    is not set when it should be.
 *   CONFIG_TRACING:    is not set when it should be.
 *   CONFIG_UPROBES:    is not set when it should be.
 *   CONFIG_UPROBE_EVENTS:    is not set when it should be.
 *   CONFIG_FTRACE:    is not set when it should be.
 *   CONFIG_FTRACE_SYSCALLS:    is not set when it should be.
 *   CONFIG_DYNAMIC_FTRACE:    is not set when it should be.
 *   CONFIG_FUNCTION_TRACER:    is not set when it should be.
 *   CONFIG_FPROBE:    is not set when it should be.
 *   CONFIG_GCC_PLUGIN_RANDSTRUCT:    should not be set. But it is.   [ !! ]
which is quite informative what should be changed here.
Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
pingtoo
Veteran
Veteran


Joined: 10 Sep 2021
Posts: 1339
Location: Richmond Hill, Canada

PostPosted: Sat Nov 02, 2024 2:19 pm    Post subject: Reply with quote

I think it was said in the Gentoo Wiki for Dtrace that harden kernel not supported.

But in any case does the package dev-debug/dtrace actually build?
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Sat Nov 02, 2024 2:56 pm    Post subject: Reply with quote

pingtoo wrote:
I think it was said in the Gentoo Wiki for Dtrace that harden kernel not supported.
Code:
eselect profile list
[45]  default/linux/amd64/23.0/split-usr (stable) *
However I admit kernel config is fully manual here.
pingtoo wrote:
But in any case does the package dev-debug/dtrace actually build?
Yes it does build, although
CONFIG_DEBUG_INFO_BTF wasn't configured yet.

As far as 6.11.6 is concerned here, diff is as follows:
Code:
diff config-2024-11-02_14:51:17  config-2024-11-02_17:20:29
117c117
< # CONFIG_BPF_SYSCALL is not set
---
> CONFIG_BPF_SYSCALL=y
118a119,120
> CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
> # CONFIG_BPF_PRELOAD is not set
147a150,153
> CONFIG_TASKS_RCU_GENERIC=y
> CONFIG_NEED_TASKS_RCU=y
> CONFIG_TASKS_RUDE_RCU=y
> CONFIG_TASKS_TRACE_RCU=y
188a195
> # CONFIG_CGROUP_BPF is not set
247c254,257
< # CONFIG_KALLSYMS is not set
---
> CONFIG_KALLSYMS=y
> # CONFIG_KALLSYMS_SELFTEST is not set
> CONFIG_KALLSYMS_ALL=y
> CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y
259a270
> CONFIG_TRACEPOINTS=y
648a660
> CONFIG_UPROBES=y
782,783c794
< CONFIG_GCC_PLUGINS=y
< CONFIG_GCC_PLUGIN_LATENT_ENTROPY=y
---
> # CONFIG_GCC_PLUGINS is not set
820c831
< CONFIG_UNUSED_KSYMS_WHITELIST="/usr/src/linux-6.11.6-gentoo-dtrc/KSYMS_WHITELIST.tMF5"
---
> CONFIG_UNUSED_KSYMS_WHITELIST="/usr/src/linux-6.11.6-gentoo-dtrc/KSYMS_WHITELIST.cXgE"
1019a1031,1032
> CONFIG_NET_EGRESS=y
> CONFIG_NET_XGRESS=y
1031a1045
> # CONFIG_XDP_SOCKETS is not set
1063a1078
> CONFIG_NETFILTER_BPF_LINK=y
1178a1194
> # CONFIG_NET_DROP_MONITOR is not set
1251a1268,1270
> CONFIG_NET_SOCK_MSG=y
> CONFIG_PAGE_POOL=y
> # CONFIG_PAGE_POOL_STATS is not set
1625a1645
> # CONFIG_NETKIT is not set
3936c3956
< # CONFIG_CUSE is not set
---
> CONFIG_CUSE=m
4123,4127d4142
< CONFIG_GCC_PLUGIN_STACKLEAK=y
< # CONFIG_GCC_PLUGIN_STACKLEAK_VERBOSE is not set
< CONFIG_STACKLEAK_TRACK_MIN_SIZE=100
< # CONFIG_STACKLEAK_METRICS is not set
< # CONFIG_STACKLEAK_RUNTIME_DISABLE is not set
4141,4145c4156
< # CONFIG_RANDSTRUCT_NONE is not set
< CONFIG_RANDSTRUCT_FULL=y
< # CONFIG_RANDSTRUCT_PERFORMANCE is not set
< CONFIG_RANDSTRUCT=y
< CONFIG_GCC_PLUGIN_RANDSTRUCT=y
---
> CONFIG_RANDSTRUCT_NONE=y
4374a4386,4387
> CONFIG_BINARY_PRINTF=y
>
4512a4526
> CONFIG_DEBUG_INFO=y
4514,4515c4528,4529
< CONFIG_DEBUG_INFO_NONE=y
< # CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT is not set
---
> # CONFIG_DEBUG_INFO_NONE is not set
> CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y
4517a4532,4542
> # CONFIG_DEBUG_INFO_REDUCED is not set
> CONFIG_DEBUG_INFO_COMPRESSED_NONE=y
> # CONFIG_DEBUG_INFO_COMPRESSED_ZLIB is not set
> # CONFIG_DEBUG_INFO_COMPRESSED_ZSTD is not set
> # CONFIG_DEBUG_INFO_SPLIT is not set
> CONFIG_DEBUG_INFO_BTF=y
> CONFIG_PAHOLE_HAS_SPLIT_BTF=y
> CONFIG_PAHOLE_HAS_LANG_EXCLUDE=y
> CONFIG_DEBUG_INFO_BTF_MODULES=y
> # CONFIG_MODULE_ALLOW_BTF_MISMATCH is not set
> # CONFIG_GDB_SCRIPTS is not set
4572a4598
> # CONFIG_DEBUG_PAGE_REF is not set
4688a4715
> CONFIG_NOP_TRACER=y
4689a4717
> CONFIG_RETHOOK=y
4690a4719,4720
> CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
> CONFIG_HAVE_FUNCTION_GRAPH_RETVAL=y
4702a4733,4739
> CONFIG_BUILDTIME_MCOUNT_SORT=y
> CONFIG_TRACE_CLOCK=y
> CONFIG_RING_BUFFER=y
> CONFIG_EVENT_TRACING=y
> CONFIG_CONTEXT_SWITCH_TRACER=y
> CONFIG_TRACING=y
> CONFIG_GENERIC_TRACER=y
4704c4741,4785
< # CONFIG_FTRACE is not set
---
> CONFIG_FTRACE=y
> # CONFIG_BOOTTIME_TRACING is not set
> CONFIG_FUNCTION_TRACER=y
> # CONFIG_FUNCTION_GRAPH_TRACER is not set
> CONFIG_DYNAMIC_FTRACE=y
> CONFIG_DYNAMIC_FTRACE_WITH_REGS=y
> CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y
> CONFIG_DYNAMIC_FTRACE_WITH_ARGS=y
> CONFIG_FPROBE=y
> # CONFIG_FUNCTION_PROFILER is not set
> # CONFIG_STACK_TRACER is not set
> # CONFIG_IRQSOFF_TRACER is not set
> # CONFIG_SCHED_TRACER is not set
> # CONFIG_HWLAT_TRACER is not set
> # CONFIG_OSNOISE_TRACER is not set
> # CONFIG_TIMERLAT_TRACER is not set
> # CONFIG_MMIOTRACE is not set
> CONFIG_FTRACE_SYSCALLS=y
> # CONFIG_TRACER_SNAPSHOT is not set
> CONFIG_BRANCH_PROFILE_NONE=y
> # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
> # CONFIG_BLK_DEV_IO_TRACE is not set
> CONFIG_FPROBE_EVENTS=y
> CONFIG_PROBE_EVENTS_BTF_ARGS=y
> CONFIG_UPROBE_EVENTS=y
> CONFIG_BPF_EVENTS=y
> CONFIG_DYNAMIC_EVENTS=y
> CONFIG_PROBE_EVENTS=y
> CONFIG_FTRACE_MCOUNT_RECORD=y
> CONFIG_FTRACE_MCOUNT_USE_CC=y
> # CONFIG_SYNTH_EVENTS is not set
> # CONFIG_USER_EVENTS is not set
> # CONFIG_HIST_TRIGGERS is not set
> # CONFIG_TRACE_EVENT_INJECT is not set
> # CONFIG_TRACEPOINT_BENCHMARK is not set
> # CONFIG_RING_BUFFER_BENCHMARK is not set
> # CONFIG_TRACE_EVAL_MAP_FILE is not set
> # CONFIG_FTRACE_RECORD_RECURSION is not set
> # CONFIG_FTRACE_VALIDATE_RCU_IS_WATCHING is not set
> # CONFIG_FTRACE_STARTUP_TEST is not set
> # CONFIG_FTRACE_SORT_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS is not set
> # CONFIG_PREEMPTIRQ_DELAY_TEST is not set
> # CONFIG_RV is not set

Plz it could be some activated settings aren't required, and are only a result of kernel cascading activation.

CONFIG_BPF_SYSCALL, which seems required here, isn't explicitly mentioned in the wiki.
However it may be cascaded by another advised setting.

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Sat Nov 02, 2024 3:17 pm    Post subject: Reply with quote

On openrc, manual
Code:
rc-update add dtprobed default
wasn't required here.
From wiki
Code:
root #dtrace -l
...
As of August 2024, on an ~amd64 system with linux-6.6, around 125000 probes are registered. If the number is substantially lower than that, it's possible some required kernel config options are not enabled.
Something must be wrong here as:
Code:
dtrace -l|wc -l
172
Indeed wiki's first basic sanity check fails here as
Code:
dtrace -n 'BEGIN { exit(0); }'
dtrace: invalid probe specifier BEGIN { exit(0); }: "/usr/lib64/dtrace/6.10/ip.d", line 248: skc_v6_daddr is not a member of struct sock_common


My 2 cent is that ip6 kernel stack is expected...

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
nullnix
n00b
n00b


Joined: 04 Nov 2024
Posts: 4
Location: Ely, UK

PostPosted: Mon Nov 04, 2024 3:16 pm    Post subject: Reply with quote

CaptainBlood wrote:
On openrc, manual
Code:
rc-update add dtprobed default
wasn't required here.


Yeah, we try to start that automatically because it's really an implementation detail that users shouldn't need to be concerned by (and because it needs to be running before any processes with USDT probes start if you want to be able to probe them).

CaptainBlood wrote:
From wiki
Code:
root #dtrace -l
...
As of August 2024, on an ~amd64 system with linux-6.6, around 125000 probes are registered. If the number is substantially lower than that, it's possible some required kernel config options are not enabled.
Something must be wrong here as:
Code:
dtrace -l|wc -l
172
Indeed wiki's first basic sanity check fails here as
Code:
dtrace -n 'BEGIN { exit(0); }'
dtrace: invalid probe specifier BEGIN { exit(0); }: "/usr/lib64/dtrace/6.10/ip.d", line 248: skc_v6_daddr is not a member of struct sock_common


My 2 cent is that ip6 kernel stack is expected...


It's certainly the case that operation with unusual kernel configs is very little tested so far, and operation without IPv6 (or IPv4, for that matter) is likely even less tested. (Indeed, my local test systems are IPv6-only these days specifically so I can make sure IPv6 doesn't break, though they do have IPv4 compiled in as well.)

I'd recommend trying to compile IPv6 in and see what happens. If it still fails, try running with DTRACE_DEBUG=t set in the environment and post the spray of output it prints on stderr. There may be extra error messages hiding in there that we need to expose as non-debugging messages.

More generally, we should probably add some way to test kernel configs in translators and skip them if specific things aren't set (or disable bits of them, in this case). Right now we can test for the presence of providers, but since both ipv4 and ipv6 are implemented via the "ip" provider, this isn't much help...

More generally yet, if you only have hundreds of probes, something else is wrong: the fbt provider alone should be providing tens of thousands, so that's not initializing properly for some reason.

What does

Code:
cat /sys/kernel/debug/tracing/available_filter_functions | wc -l

report on your kernel? I get a figure around 60000...
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Mon Nov 04, 2024 7:08 pm    Post subject: Reply with quote

nullnix wrote:
I'd recommend trying to compile IPv6 in and see what happens. If it still fails, try running with DTRACE_DEBUG=t set in the environment and post the spray of output it prints on stderr. There may be extra error messages hiding in there that we need to expose as non-debugging messages.
dpaste
Obviously more work required beyond solely IPv6 activation... In progress.

nullnix wrote:
Code:
cat /sys/kernel/debug/tracing/available_filter_functions | wc -l

report on your kernel? I get a figure around 60000...
Code:
LC_MESSAGES=C cat /sys/kernel/debug/tracing/available_filter_functions|wc -l
cat: /sys/kernel/debug/tracing/available_filter_functions: No such file or directory
0


Any idea more than welcome.

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Mon Nov 04, 2024 8:55 pm    Post subject: Reply with quote

Oracle Dtrace tutorial refers to About DTrace Providers as kernel modules which seems to be missing in the dpaste above.
Code:
libdtrace DEBUG 1730746374: creating provider fbt
libdtrace DEBUG 1730746374: loaded 0 probes for fbt
libdtrace DEBUG 1730746374: creating provider sdt
libdtrace DEBUG 1730746374: loaded 0 probes for sdt
libdtrace DEBUG 1730746374: creating provider syscall
libdtrace DEBUG 1730746374: loaded 0 probes for syscall
However
Code:
libdtrace DEBUG 1730746374: creating provider profile
libdtrace DEBUG 1730746374: loaded 13 probes for profile
seems provided.

dtrace and fasttrap modules aren't reported for some reason.

I don't know how critical these are but I must have done something wrong.

Any idea?

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Tue Nov 05, 2024 1:52 am    Post subject: Reply with quote

These missing modules are likely to be oracle specific, available with sys-kernel/uek-sources.

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
nullnix
n00b
n00b


Joined: 04 Nov 2024
Posts: 4
Location: Ely, UK

PostPosted: Tue Nov 05, 2024 2:09 pm    Post subject: Reply with quote

The kernel modules are all obsolete: DTrace v1 used a pile of in-kernel stuff, v2 uses only BPF and native kernel facilities (well, and CTF if available, but that is not a runtime feature). The tutorial is I believe being updated as we speak...

But this is lethal for DTrace and explains your problems:

Code:
cat: /sys/kernel/debug/tracing/available_filter_functions: No such file or directory


Without that, we don't have fbt, and fbt is what most other in-kernel tracing is based on.

The question is why. Do you not have tracefs mounted on /sys/kernel/debug/tracing? More or less every tracer requires this mount. (We should diagnose the lack of this dir at startup, I suppose.)
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Tue Nov 05, 2024 10:12 pm    Post subject: Reply with quote

After adding CONFIG_DEBUG_FS, now kernel seed has evolved as:
Code:
/usr/src/linux-6.11.6-gentoo-dtrc # diff config.sav/config-2024-11-02_14:32:04 .config|grep -v "is not set" 
80a81
117c118
---
> CONFIG_BPF_SYSCALL=y
118a120,121
> CONFIG_BPF_UNPRIV_DEFAULT_OFF=y
147a151,154
> CONFIG_TASKS_RCU_GENERIC=y
> CONFIG_NEED_TASKS_RCU=y
> CONFIG_TASKS_RUDE_RCU=y
> CONFIG_TASKS_TRACE_RCU=y
156a164
188a197
247c256,259
---
> CONFIG_KALLSYMS=y
> CONFIG_KALLSYMS_ALL=y
> CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y
259a272
> CONFIG_TRACEPOINTS=y
307a321
393a408
413a429
648a665
> CONFIG_UPROBES=y
759a777
777a796
782,783c801
< CONFIG_GCC_PLUGINS=y
< CONFIG_GCC_PLUGIN_LATENT_ENTROPY=y
---
793a812
820c839
< CONFIG_UNUSED_KSYMS_WHITELIST="/usr/src/linux-6.11.6-gentoo-std/KSYMS_WHITELIST.9avU"
---
> CONFIG_UNUSED_KSYMS_WHITELIST="/usr/src/linux-6.11.6-gentoo-dtrc/KSYMS_WHITELIST.I1KW"
830a850
> CONFIG_BLK_DEBUG_FS=y
993,996c1013
<
< #
< # GUP_TEST needs to have DEBUG_FS enabled
< #
---
1019a1037,1038
> CONFIG_NET_EGRESS=y
> CONFIG_NET_XGRESS=y
1031a1051
1037a1058
> CONFIG_NET_IP_TUNNEL=m
1040a1062
1044a1067
> CONFIG_INET_TUNNEL=m
1049d1071
1051c1073,1091
---
> CONFIG_IPV6=m
> CONFIG_IPV6_SIT=m
> CONFIG_IPV6_NDISC_NODETYPE=y
1063a1104
> CONFIG_NETFILTER_BPF_LINK=y
1066c1107
---
> CONFIG_NF_LOG_SYSLOG=m
1126a1168,1185
> #
> # IPv6: Netfilter Configuration
> #
> CONFIG_IP6_NF_IPTABLES_LEGACY=m
> CONFIG_NF_REJECT_IPV6=m
> CONFIG_NF_LOG_IPV6=m
> CONFIG_IP6_NF_IPTABLES=m
> CONFIG_IP6_NF_MATCH_IPV6HEADER=m
> CONFIG_IP6_NF_FILTER=m
> CONFIG_IP6_NF_TARGET_REJECT=m
> CONFIG_IP6_NF_MANGLE=m
> # end of IPv6: Netfilter Configuration
>
> CONFIG_NF_DEFRAG_IPV6=m
1147a1207
1178a1239
1196a1258
> CONFIG_BT_DEBUGFS=y
1228a1291
1250a1314,1315
> CONFIG_DST_CACHE=y
> CONFIG_GRO_CELLS=y
1251a1317,1319
> CONFIG_NET_SOCK_MSG=y
> CONFIG_PAGE_POOL=y
1625a1694
1844a1914
2317a2388
2904a2976
3566a3639
3714a3788
3936c4010
---
> CONFIG_CUSE=m
4123,4127d4196
< CONFIG_GCC_PLUGIN_STACKLEAK=y
< CONFIG_STACKLEAK_TRACK_MIN_SIZE=100
4141,4145c4210
< CONFIG_RANDSTRUCT_FULL=y
< CONFIG_RANDSTRUCT=y
< CONFIG_GCC_PLUGIN_RANDSTRUCT=y
---
> CONFIG_RANDSTRUCT_NONE=y
4374a4440,4441
> CONFIG_BINARY_PRINTF=y
>
4450a4518
4512a4581
> CONFIG_DEBUG_INFO=y
4514,4515c4583,4584
< CONFIG_DEBUG_INFO_NONE=y
---
> CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y
4517a4587,4597
> CONFIG_DEBUG_INFO_COMPRESSED_NONE=y
> CONFIG_DEBUG_INFO_BTF=y
> CONFIG_PAHOLE_HAS_SPLIT_BTF=y
> CONFIG_PAHOLE_HAS_LANG_EXCLUDE=y
> CONFIG_DEBUG_INFO_BTF_MODULES=y
4534c4614,4617
---
> CONFIG_DEBUG_FS=y
> CONFIG_DEBUG_FS_ALLOW_ALL=y
4572a4656
4577a4662
4581a4667
4630a4717
> CONFIG_SCHED_DEBUG=y
4688a4776
> CONFIG_NOP_TRACER=y
4689a4778
> CONFIG_RETHOOK=y
4690a4780,4781
> CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
> CONFIG_HAVE_FUNCTION_GRAPH_RETVAL=y
4702a4794,4800
> CONFIG_BUILDTIME_MCOUNT_SORT=y
> CONFIG_TRACE_CLOCK=y
> CONFIG_RING_BUFFER=y
> CONFIG_EVENT_TRACING=y
> CONFIG_CONTEXT_SWITCH_TRACER=y
> CONFIG_TRACING=y
> CONFIG_GENERIC_TRACER=y
4704c4802,4846
---
> CONFIG_FTRACE=y
> CONFIG_FUNCTION_TRACER=y
> CONFIG_DYNAMIC_FTRACE=y
> CONFIG_DYNAMIC_FTRACE_WITH_REGS=y
> CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y
> CONFIG_DYNAMIC_FTRACE_WITH_ARGS=y
> CONFIG_FPROBE=y
> CONFIG_FTRACE_SYSCALLS=y
> CONFIG_BRANCH_PROFILE_NONE=y
> CONFIG_FPROBE_EVENTS=y
> CONFIG_PROBE_EVENTS_BTF_ARGS=y
> CONFIG_UPROBE_EVENTS=y
> CONFIG_BPF_EVENTS=y
> CONFIG_DYNAMIC_EVENTS=y
> CONFIG_PROBE_EVENTS=y
> CONFIG_FTRACE_MCOUNT_RECORD=y
> CONFIG_FTRACE_MCOUNT_USE_CC=y
4724a4867
Code:
ls -l /sys/kernel/debug/
total 0
drwxr-xr-x   2 root root 0 nov.   6 00:55 acpi
drwxr-xr-x   6 root root 0 nov.   6 00:55 bdi
drwxr-xr-x   4 root root 0 nov.   6 00:55 block
-r--------   1 root root 0 nov.   6 00:55 check_wx_pages
--w-------   1 root root 0 nov.   6 00:55 clear_warn_once
drwxr-xr-x   2 root root 0 nov.   6 00:55 clk
drwxr-xr-x   2 root root 0 nov.   6 00:55 device_component
-r--r--r--   1 root root 0 nov.   6 00:55 devices_deferred
drwxr-xr-x   2 root root 0 nov.   6 00:55 dma_buf
drwxr-xr-x   2 root root 0 nov.   6 00:55 dmaengine
drwxr-xr-x   3 root root 0 nov.   6 00:55 dri
drwxr-xr-x   2 root root 0 nov.   6 00:55 extfrag
-rw-r--r--   1 root root 0 nov.   6 00:55 fault_around_bytes
drwxr-xr-x   5 root root 0 nov.   6 00:55 hid
drwxr-xr-x   7 root root 0 nov.   6 00:55 i2c
drwxr-xr-x   2 root root 0 nov.   6 00:56 ieee80211
drwxr-xr-x   2 root root 0 nov.   6 00:55 kfence
drwxr-xr-x   2 root root 0 nov.   6 00:55 mce
drwxr-xr-x   2 root root 0 nov.   6 00:55 regmap
drwxr-xr-x   2 root root 0 nov.   6 00:55 sched
drwxr-xr-x 367 root root 0 nov.   6 00:55 slab
-r--r--r--   1 root root 0 nov.   6 00:55 sleep_time
--w-------   1 root root 0 nov.   6 00:55 split_huge_pages
drwxr-xr-x   2 root root 0 nov.   6 00:55 stackdepot
-r--r--r--   1 root root 0 nov.   6 00:55 suspend_stats
drwxr-xr-x   2 root root 0 nov.   6 00:55 swiotlb
drwxr-xr-x   2 root root 0 nov.   6 00:55 ttm
drwxr-xr-x   3 root root 0 nov.   6 00:55 usb
-r--r--r--   1 root root 0 nov.   6 00:55 wakeup_sources
drwxr-xr-x   3 root root 0 nov.   6 00:55 x86
No tracing directory though...

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Wed Nov 06, 2024 12:26 am    Post subject: Reply with quote

Searching how to get /sys/kernel/debug/tracing/... I went through this as far as 6.11.x kernel is concerned:
Code:
  │ CONFIG_DYNAMIC_FTRACE:
  │
  │ This option will modify all the calls to function tracing
  │ dynamically (will patch them out of the binary image and
  │ replace them with a No-Op instruction) on boot up. During
  │ compile time, a table is made of all the locations that ftrace
  │ can function trace, and this table is linked into the kernel
  │ image. When this is enabled, functions can be individually
  │ enabled, and the functions not enabled will not affect
  │ performance of the system.
  │
  │ See the files in /sys/kernel/tracing:
  │   available_filter_functions
  │   set_ftrace_filter
  │   set_ftrace_notrace
  │
  │ This way a CONFIG_FUNCTION_TRACER kernel is slightly larger, but
  │ otherwise has native performance as long as no tracing is active.
  │
  │ Symbol: DYNAMIC_FTRACE [=y]
  │ Type  : bool
  │ Defined at kernel/trace/Kconfig:245
  │   Prompt: enable/disable function tracing dynamically
  │   Depends on: FTRACE [=y] && FUNCTION_TRACER [=y] && \
  │ HAVE_DYNAMIC_FTRACE [=y]
  │   Location:
  │     -> Kernel hacking
  │       -> Tracers (FTRACE [=y])
  │         -> Kernel Function Tracer (FUNCTION_TRACER [=y])
  │           -> enable/disable function tracing dynamically (DYNAMIC_FTRACE [=y])
  │ Selected by [n]:
  │   - FORCE_DYNAMIC_FTRACE [=n] && X86_32 [=n] && FUNCTION_TRACER [=y]
Please note the documented path, i.e. /sys/kernel/tracing
different to /sys/kernel/debug/tracing[/available_filter_functions}.

Wouldn't be surprised to be on another wrong path though...

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Wed Nov 06, 2024 1:34 am    Post subject: Reply with quote

Code:
/sys/kernel/debug/tracing/available_filter_functions
not available in kernels beyond 6.1.x.
Not tested yet.
It that reveals to be enough for dtrace to work as expected, wiki should be updated accordingly imho:roll:
Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "


Last edited by CaptainBlood on Wed Nov 06, 2024 1:48 am; edited 1 time in total
Back to top
View user's profile Send private message
pingtoo
Veteran
Veteran


Joined: 10 Sep 2021
Posts: 1339
Location: Richmond Hill, Canada

PostPosted: Wed Nov 06, 2024 1:36 am    Post subject: Reply with quote

I wish I can contribute more in this thread, but I need to finish my current task, I don't want to interrupt the work by reboot machines.

could it be you need kernel command line option "debug" in order for them to work?

Edit: found some reference for tracing in linux. Keep it here for reference later.
  • https://github.com/sheharyaar/linux-kernel-notes/blob/main/debugging-tracing/tracing.md
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Wed Nov 06, 2024 8:41 am    Post subject: Reply with quote

@pingtoo,
Nevermind.

Despite 6.11.x here, I can't get
Code:
/sys/kernel/tracing/available_filter_functions
into play.

I'll be redoing the work on 6.1.x, but expect that issue to remain.

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Wed Nov 06, 2024 8:47 am    Post subject: Reply with quote

My .config seed is very app-admin/kernel-hardening-checker compatible:
Code:
kernel-hardening-checker -c .config
[+] Kconfig file to check: .config
[+] Detected kernel version: (6, 11, 6)
[+] Detected microarchitecture: X86_64
[+] Detected compiler: GCC 140201
=========================================================================================================================
              option_name               | type  |desired_val | decision |      reason      | check_result
=========================================================================================================================
CONFIG_BUG                              |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_SLUB_DEBUG                       |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_THREAD_INFO_IN_TASK              |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_IOMMU_SUPPORT                    |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_STACKPROTECTOR                   |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_STACKPROTECTOR_STRONG            |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_STRICT_KERNEL_RWX                |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_STRICT_MODULE_RWX                |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_REFCOUNT_FULL                    |kconfig|     y      |defconfig | self_protection  | OK: version >= (5, 4, 208)
CONFIG_INIT_STACK_ALL_ZERO              |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_CPU_MITIGATIONS                  |kconfig|     y      |defconfig | self_protection  | FAIL: "is not set"
CONFIG_RANDOMIZE_BASE                   |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_VMAP_STACK                       |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_DEBUG_WX                         |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_WERROR                           |kconfig|     y      |defconfig | self_protection  | FAIL: "is not set"
CONFIG_X86_MCE                          |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_SYN_COOKIES                      |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_MICROCODE                        |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_MICROCODE_INTEL                  |kconfig|     y      |defconfig | self_protection  | OK: CONFIG_MICROCODE is "y"
CONFIG_MICROCODE_AMD                    |kconfig|     y      |defconfig | self_protection  | OK: CONFIG_MICROCODE is "y"
CONFIG_X86_SMAP                         |kconfig|     y      |defconfig | self_protection  | OK: version >= (5, 19, 0)
CONFIG_X86_UMIP                         |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_X86_MCE_INTEL                    |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_X86_MCE_AMD                      |kconfig|     y      |defconfig | self_protection  | FAIL: "is not set"
CONFIG_MITIGATION_RETPOLINE             |kconfig|     y      |defconfig | self_protection  | FAIL: is not found
CONFIG_MITIGATION_RFDS                  |kconfig|     y      |defconfig | self_protection  | FAIL: is not found
CONFIG_MITIGATION_SPECTRE_BHI           |kconfig|     y      |defconfig | self_protection  | FAIL: is not found
CONFIG_RANDOMIZE_MEMORY                 |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_X86_KERNEL_IBT                   |kconfig|     y      |defconfig | self_protection  | FAIL: "is not set"
CONFIG_MITIGATION_PAGE_TABLE_ISOLATION  |kconfig|     y      |defconfig | self_protection  | FAIL: is not found
CONFIG_MITIGATION_SRSO                  |kconfig|     y      |defconfig | self_protection  | FAIL: is not found
CONFIG_INTEL_IOMMU                      |kconfig|     y      |defconfig | self_protection  | OK
CONFIG_AMD_IOMMU                        |kconfig|     y      |defconfig | self_protection  | FAIL: "is not set"
CONFIG_LIST_HARDENED                    |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_RANDOM_KMALLOC_CACHES            |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_SLAB_MERGE_DEFAULT               |kconfig| is not set |   kspp   | self_protection  | OK
CONFIG_BUG_ON_DATA_CORRUPTION           |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_SLAB_FREELIST_HARDENED           |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_SLAB_FREELIST_RANDOM             |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_SHUFFLE_PAGE_ALLOCATOR           |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_FORTIFY_SOURCE                   |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_DEBUG_LIST                       |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_DEBUG_VIRTUAL                    |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_DEBUG_SG                         |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_INIT_ON_ALLOC_DEFAULT_ON         |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_STATIC_USERMODEHELPER            |kconfig|     y      |   kspp   | self_protection  | FAIL: "is not set"
CONFIG_SCHED_CORE                       |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_SECURITY_LOCKDOWN_LSM            |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_SECURITY_LOCKDOWN_LSM_EARLY      |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY|kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_DEBUG_CREDENTIALS                |kconfig|     y      |   kspp   | self_protection  | OK: version >= (6, 6, 8)
CONFIG_DEBUG_NOTIFIERS                  |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_SCHED_STACK_END_CHECK            |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_KFENCE                           |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_KFENCE_SAMPLE_INTERVAL           |kconfig|    100     |   kspp   | self_protection  | OK
CONFIG_RANDSTRUCT_FULL                  |kconfig|     y      |   kspp   | self_protection  | FAIL: is not found
CONFIG_HARDENED_USERCOPY                |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_HARDENED_USERCOPY_FALLBACK       |kconfig| is not set |   kspp   | self_protection  | OK: is not found
CONFIG_HARDENED_USERCOPY_PAGESPAN       |kconfig| is not set |   kspp   | self_protection  | OK: is not found
CONFIG_GCC_PLUGIN_LATENT_ENTROPY        |kconfig|     y      |   kspp   | self_protection  | FAIL: is not found
CONFIG_MODULE_SIG                       |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_MODULE_SIG_ALL                   |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_MODULE_SIG_SHA512                |kconfig|     y      |   kspp   | self_protection  | OK: CONFIG_MODULE_SIG_SHA3_512 is "y"
CONFIG_MODULE_SIG_FORCE                 |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_INIT_ON_FREE_DEFAULT_ON          |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_EFI_DISABLE_PCI_DMA              |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_RESET_ATTACK_MITIGATION          |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_UBSAN_BOUNDS                     |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_UBSAN_LOCAL_BOUNDS               |kconfig|     y      |   kspp   | self_protection  | OK: CONFIG_UBSAN_BOUNDS is "y"
CONFIG_UBSAN_TRAP                       |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_UBSAN_SANITIZE_ALL               |kconfig|     y      |   kspp   | self_protection  | OK: CONFIG_UBSAN_BOUNDS is "y"
CONFIG_GCC_PLUGIN_STACKLEAK             |kconfig|     y      |   kspp   | self_protection  | FAIL: is not found
CONFIG_STACKLEAK_METRICS                |kconfig| is not set |   kspp   | self_protection  | FAIL: CONFIG_GCC_PLUGIN_STACKLEAK is not "y"
CONFIG_STACKLEAK_RUNTIME_DISABLE        |kconfig| is not set |   kspp   | self_protection  | FAIL: CONFIG_GCC_PLUGIN_STACKLEAK is not "y"
CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT  |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_PAGE_TABLE_CHECK                 |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_PAGE_TABLE_CHECK_ENFORCED        |kconfig|     y      |   kspp   | self_protection  | FAIL: "is not set"
CONFIG_CFI_CLANG                        |kconfig|     y      |   kspp   | self_protection  | FAIL: CONFIG_CC_IS_CLANG is not "y"
CONFIG_CFI_PERMISSIVE                   |kconfig| is not set |   kspp   | self_protection  | FAIL: CONFIG_CC_IS_CLANG is not "y"
CONFIG_HW_RANDOM_TPM                    |kconfig|     y      |   kspp   | self_protection  | FAIL: is not found
CONFIG_DEFAULT_MMAP_MIN_ADDR            |kconfig|   65536    |   kspp   | self_protection  | OK
CONFIG_IOMMU_DEFAULT_DMA_STRICT         |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_IOMMU_DEFAULT_PASSTHROUGH        |kconfig| is not set |   kspp   | self_protection  | OK
CONFIG_INTEL_IOMMU_DEFAULT_ON           |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_MITIGATION_SLS                   |kconfig|     y      |   kspp   | self_protection  | FAIL: is not found
CONFIG_INTEL_IOMMU_SVM                  |kconfig|     y      |   kspp   | self_protection  | OK
CONFIG_AMD_IOMMU_V2                     |kconfig|     y      |   kspp   | self_protection  | OK: version >= (6, 7, 0)
CONFIG_CFI_AUTO_DEFAULT                 |kconfig| is not set |a13xp0p0v | self_protection  | FAIL: CONFIG_CFI_AUTO_DEFAULT is not present
CONFIG_SECURITY                         |kconfig|     y      |defconfig | security_policy  | OK
CONFIG_SECURITY_YAMA                    |kconfig|     y      |   kspp   | security_policy  | OK
CONFIG_SECURITY_LANDLOCK                |kconfig|     y      |   kspp   | security_policy  | OK
CONFIG_SECURITY_SELINUX_DISABLE         |kconfig| is not set |   kspp   | security_policy  | OK: is not found
CONFIG_SECURITY_SELINUX_BOOTPARAM       |kconfig| is not set |   kspp   | security_policy  | OK: is not found
CONFIG_SECURITY_SELINUX_DEVELOP         |kconfig| is not set |   kspp   | security_policy  | OK: is not found
CONFIG_SECURITY_WRITABLE_HOOKS          |kconfig| is not set |   kspp   | security_policy  | OK: is not found
CONFIG_SECURITY_SELINUX_DEBUG           |kconfig| is not set |   kspp   | security_policy  | OK: is not found
CONFIG_SECURITY_SELINUX                 |kconfig|     y      |a13xp0p0v | security_policy  | FAIL: "is not set"
CONFIG_SECCOMP                          |kconfig|     y      |defconfig |cut_attack_surface| OK
CONFIG_SECCOMP_FILTER                   |kconfig|     y      |defconfig |cut_attack_surface| OK
CONFIG_BPF_UNPRIV_DEFAULT_OFF           |kconfig|     y      |defconfig |cut_attack_surface| OK
CONFIG_STRICT_DEVMEM                    |kconfig|     y      |defconfig |cut_attack_surface| OK: CONFIG_DEVMEM is "is not set"
CONFIG_X86_INTEL_TSX_MODE_OFF           |kconfig|     y      |defconfig |cut_attack_surface| FAIL: "is not set"
CONFIG_SECURITY_DMESG_RESTRICT          |kconfig|     y      |   kspp   |cut_attack_surface| OK
CONFIG_ACPI_CUSTOM_METHOD               |kconfig| is not set |   kspp   |cut_attack_surface| OK: is not found
CONFIG_COMPAT_BRK                       |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_DEVKMEM                          |kconfig| is not set |   kspp   |cut_attack_surface| OK: is not found
CONFIG_BINFMT_MISC                      |kconfig| is not set |   kspp   |cut_attack_surface| FAIL: "m"
CONFIG_INET_DIAG                        |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_KEXEC                            |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_PROC_KCORE                       |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_LEGACY_PTYS                      |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_HIBERNATION                      |kconfig| is not set |   kspp   |cut_attack_surface| FAIL: "y"
CONFIG_COMPAT                           |kconfig| is not set |   kspp   |cut_attack_surface| FAIL: "y"
CONFIG_IA32_EMULATION                   |kconfig| is not set |   kspp   |cut_attack_surface| FAIL: "y"
CONFIG_X86_X32                          |kconfig| is not set |   kspp   |cut_attack_surface| OK: is not found
CONFIG_X86_X32_ABI                      |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_MODIFY_LDT_SYSCALL               |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_OABI_COMPAT                      |kconfig| is not set |   kspp   |cut_attack_surface| OK: is not found
CONFIG_X86_MSR                          |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_LEGACY_TIOCSTI                   |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_MODULE_FORCE_LOAD                |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_MODULES                          |kconfig| is not set |   kspp   |cut_attack_surface| FAIL: "y"
CONFIG_DEVMEM                           |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_IO_STRICT_DEVMEM                 |kconfig|     y      |   kspp   |cut_attack_surface| OK: CONFIG_DEVMEM is "is not set"
CONFIG_LDISC_AUTOLOAD                   |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_X86_VSYSCALL_EMULATION           |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_COMPAT_VDSO                      |kconfig| is not set |   kspp   |cut_attack_surface| OK
CONFIG_DRM_LEGACY                       |kconfig| is not set |maintainer|cut_attack_surface| OK: is not found
CONFIG_FB                               |kconfig| is not set |maintainer|cut_attack_surface| FAIL: "y"
CONFIG_VT                               |kconfig| is not set |maintainer|cut_attack_surface| FAIL: "y"
CONFIG_BLK_DEV_FD                       |kconfig| is not set |maintainer|cut_attack_surface| OK
CONFIG_BLK_DEV_FD_RAWCMD                |kconfig| is not set |maintainer|cut_attack_surface| OK: is not found
CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT       |kconfig| is not set |maintainer|cut_attack_surface| OK: is not found
CONFIG_N_GSM                            |kconfig| is not set |maintainer|cut_attack_surface| OK
CONFIG_ZSMALLOC_STAT                    |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_DEBUG_KMEMLEAK                   |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_BINFMT_AOUT                      |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_KPROBE_EVENTS                    |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_UPROBE_EVENTS                    |kconfig| is not set |  grsec   |cut_attack_surface| FAIL: "y"
CONFIG_GENERIC_TRACER                   |kconfig| is not set |  grsec   |cut_attack_surface| FAIL: "y"
CONFIG_FUNCTION_TRACER                  |kconfig| is not set |  grsec   |cut_attack_surface| FAIL: "y"
CONFIG_STACK_TRACER                     |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_HIST_TRIGGERS                    |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_BLK_DEV_IO_TRACE                 |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_PROC_VMCORE                      |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_PROC_PAGE_MONITOR                |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_USELIB                           |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_CHECKPOINT_RESTORE               |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_USERFAULTFD                      |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_HWPOISON_INJECT                  |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_MEM_SOFT_DIRTY                   |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_DEVPORT                          |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_DEBUG_FS                         |kconfig| is not set |  grsec   |cut_attack_surface| FAIL: "y"
CONFIG_NOTIFIER_ERROR_INJECTION         |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_FAIL_FUTEX                       |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_PUNIT_ATOM_DEBUG                 |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_ACPI_CONFIGFS                    |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_EDAC_DEBUG                       |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_DRM_I915_DEBUG                   |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_DVB_C8SECTPFE                    |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_MTD_SLRAM                        |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_MTD_PHRAM                        |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_IO_URING                         |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_KCMP                             |kconfig| is not set |  grsec   |cut_attack_surface| FAIL: "y"
CONFIG_RSEQ                             |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_LATENCYTOP                       |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_KCOV                             |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_PROVIDE_OHCI1394_DMA_INIT        |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_SUNRPC_DEBUG                     |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_X86_16BIT                        |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_BLK_DEV_UBLK                     |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_SMB_SERVER                       |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_XFS_ONLINE_SCRUB_STATS           |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_CACHESTAT_SYSCALL                |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_PREEMPTIRQ_TRACEPOINTS           |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_ENABLE_DEFAULT_TRACERS           |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_PROVE_LOCKING                    |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_TEST_DEBUG_VIRTUAL               |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_MPTCP                            |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_TLS                              |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_TIPC                             |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_IP_SCTP                          |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_KGDB                             |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_PTDUMP_DEBUGFS                   |kconfig| is not set |  grsec   |cut_attack_surface| OK
CONFIG_X86_PTDUMP                       |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_DEBUG_CLOSURES                   |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_BCACHE_CLOSURES_DEBUG            |kconfig| is not set |  grsec   |cut_attack_surface| OK: is not found
CONFIG_STAGING                          |kconfig| is not set |  clipos  |cut_attack_surface| FAIL: "y"
CONFIG_KSM                              |kconfig| is not set |  clipos  |cut_attack_surface| OK
CONFIG_KALLSYMS                         |kconfig| is not set |  clipos  |cut_attack_surface| FAIL: "y"
CONFIG_KEXEC_FILE                       |kconfig| is not set |  clipos  |cut_attack_surface| OK
CONFIG_CRASH_DUMP                       |kconfig| is not set |  clipos  |cut_attack_surface| OK: is not found
CONFIG_USER_NS                          |kconfig| is not set |  clipos  |cut_attack_surface| FAIL: "y"
CONFIG_X86_CPUID                        |kconfig| is not set |  clipos  |cut_attack_surface| OK
CONFIG_X86_IOPL_IOPERM                  |kconfig| is not set |  clipos  |cut_attack_surface| OK
CONFIG_ACPI_TABLE_UPGRADE               |kconfig| is not set |  clipos  |cut_attack_surface| OK
CONFIG_EFI_CUSTOM_SSDT_OVERLAYS         |kconfig| is not set |  clipos  |cut_attack_surface| OK
CONFIG_AIO                              |kconfig| is not set |  clipos  |cut_attack_surface| OK
CONFIG_MAGIC_SYSRQ                      |kconfig| is not set |  clipos  |cut_attack_surface| OK
CONFIG_MAGIC_SYSRQ_SERIAL               |kconfig| is not set |grapheneos|cut_attack_surface| OK: is not found
CONFIG_EFI_TEST                         |kconfig| is not set | lockdown |cut_attack_surface| OK
CONFIG_MMIOTRACE_TEST                   |kconfig| is not set | lockdown |cut_attack_surface| OK: is not found
CONFIG_KPROBES                          |kconfig| is not set | lockdown |cut_attack_surface| OK
CONFIG_BPF_SYSCALL                      |kconfig| is not set | lockdown |cut_attack_surface| FAIL: "y"
CONFIG_MMIOTRACE                        |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK
CONFIG_LIVEPATCH                        |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK: is not found
CONFIG_IP_DCCP                          |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK
CONFIG_FTRACE                           |kconfig| is not set |a13xp0p0v |cut_attack_surface| FAIL: "y"
CONFIG_VIDEO_VIVID                      |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK: is not found
CONFIG_INPUT_EVBUG                      |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK
CONFIG_CORESIGHT                        |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK: is not found
CONFIG_XFS_SUPPORT_V4                   |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK: is not found
CONFIG_BLK_DEV_WRITE_MOUNTED            |kconfig| is not set |a13xp0p0v |cut_attack_surface| FAIL: "y"
CONFIG_FAULT_INJECTION                  |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK
CONFIG_ARM_PTDUMP_DEBUGFS               |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK: is not found
CONFIG_ARM_PTDUMP                       |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK: is not found
CONFIG_SECCOMP_CACHE_DEBUG              |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK
CONFIG_LKDTM                            |kconfig| is not set |a13xp0p0v |cut_attack_surface| OK: is not found
CONFIG_TRIM_UNUSED_KSYMS                |kconfig|     y      |a13xp0p0v |cut_attack_surface| OK
CONFIG_COREDUMP                         |kconfig| is not set |  clipos  | harden_userspace | FAIL: "y"
CONFIG_ARCH_MMAP_RND_BITS               |kconfig|     32     |a13xp0p0v | harden_userspace | OK
CONFIG_X86_USER_SHADOW_STACK            |kconfig|     y      |   kspp   | harden_userspace | FAIL: "is not set"
There may be a couple of show stoppers for /sys/kernel/tracing/available_filter_functions to appear.

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
nullnix
n00b
n00b


Joined: 04 Nov 2024
Posts: 4
Location: Ely, UK

PostPosted: Wed Nov 06, 2024 11:27 am    Post subject: Reply with quote

CaptainBlood wrote:

│ See the files in /sys/kernel/tracing:
│ available_filter_functions
│ set_ftrace_filter
│ set_ftrace_notrace


Ugh, looks like the recommended mount point for this changed in 2023... I suppose we need to try both, since of course we still support kernels predating the switchover point.

For now, if you build in debugfs (CONFIG_DEBUG_FS), Gentoo should automount it on /sys/kernel/debug and then /sys/kernel/debug/tracing will automatically spring into existence underneath it with suitable contents.
Back to top
View user's profile Send private message
pietinger
Moderator
Moderator


Joined: 17 Oct 2006
Posts: 5242
Location: Bavaria

PostPosted: Wed Nov 06, 2024 1:49 pm    Post subject: Reply with quote

nullnix,

I am following this thread with great interest and would just like to say that I am very happy that you are active right here. :D (Did you register as a user especially for this?)
_________________
https://wiki.gentoo.org/wiki/User:Pietinger
Back to top
View user's profile Send private message
nullnix
n00b
n00b


Joined: 04 Nov 2024
Posts: 4
Location: Ely, UK

PostPosted: Wed Nov 06, 2024 2:55 pm    Post subject: Reply with quote

pietinger wrote:
nullnix,

I am following this thread with great interest and would just like to say that I am very happy that you are active right here. :D (Did you register as a user especially for this?)


Yes :)

btw, I have a series under local test which lets you mount tracefs anywhere (/sys/kernel/debug/tracing, /sys/kernel/tracing, /flying/wombat, it doesn't matter, it uses /proc/mounts to find it). If it passes review, this particular problem may be behind us...
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Wed Nov 06, 2024 3:29 pm    Post subject: Reply with quote

Yeah /sys/kernel/debug is there (automatically mounted?).
Yeah /sys/kernel/tracing is there (automatically mounted?), but empty.

6.1.x untested yet.

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
pietinger
Moderator
Moderator


Joined: 17 Oct 2006
Posts: 5242
Location: Bavaria

PostPosted: Wed Nov 06, 2024 4:54 pm    Post subject: Reply with quote

nullnix wrote:
Yes :)

Great! :D

Please let me give you a warm welcome! :D
_________________
https://wiki.gentoo.org/wiki/User:Pietinger
Back to top
View user's profile Send private message
CaptainBlood
Advocate
Advocate


Joined: 24 Jan 2010
Posts: 3977

PostPosted: Fri Nov 08, 2024 11:32 am    Post subject: Reply with quote

Following the wiki with
Code:
sys-kernel/gentoo-kernel-6.1.114
with
Code:
/etc/kernel/config.d/50dtrace.config
works fine here.
Much likely remains to be expertised here for fine tuned kernel readiness.

Thks 4 ur attention, interest & support.
_________________
USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Chat All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum