Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp4681570imu;
        Sat, 19 Jan 2019 15:50:42 -0800 (PST)
X-Google-Smtp-Source: ALg8bN5Ax+8awULjT/JhvX+yNoENW3Q30MIZR3YSiNl7TnTfOTkjxXV6A/LKdxSxrAJLQ0K4erpx
X-Received: by 2002:a63:151f:: with SMTP id v31mr22597656pgl.34.1547941842686;
        Sat, 19 Jan 2019 15:50:42 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1547941842; cv=none;
        d=google.com; s=arc-20160816;
        b=Qwt9kZf3IvoYC0Z7CVdJPeA8CZjEllAe1+XmiIEBZgDAFoNI0qWLZXlPoXzyrnDj42
         X8wOjcrJp5JdXDRiBgvvO7UPGGuYawRmMDOjjyzHt7AmTJyJDWFDxRMMATgtpVUoMW5V
         YTUVVU6us2DwDLirYt+6zobId0Ajd/2FIbNHDohfliKZY3zaygHSwuqJZjhRB1eoy1VO
         8cUeUjT/p/NW8yeLgdsGlyKiO5FN+6SD5oWAFuqH0vlu3R+yes8Gj4ebh6aLqzDQmhj6
         q3Gog6SjK69Wcrfpr7zzDzA9vUinh9Wd/+miFt/M2xDOQePVX5qAxXdDFeutB1RDEKyp
         hvMA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:from:cc:to:subject
         :content-transfer-encoding:mime-version:references:in-reply-to
         :user-agent:date;
        bh=JWow9HxKmpye7tJnRVzlAw+tT1PknWxWQefuZnaPbY8=;
        b=SqR7WHDzU099gRvqh6Md4/IRuYn2kKTkEWl5O+F9lLwEqL7i0Dh1dqyfzqFwdc58NR
         Hqp+eZv6CaUH2BblCYZvCsXvyr8sYMrqlhy2UrVr9hXinrh0yvnxIQ7/jiXJItaV0Jz8
         /nIfBCwEEtFa/NiBH1ptkeMB6tq8iH1MwSXf5QQraEzJC4foToeZy0hi0QtTLYU9Sy2Z
         +XeoXpMFBO55PZHVy8l5HMBHuaZjqmzp2+L1fueOTC3uBtmO9a2a3wqNJxZ5qALd5KCT
         ohGdUVtYcWey+T8x/ayB99RtpOuXDMld6vS6ComrCuUZgGvQE9NW7idAD37yRu6ZMeSn
         jD7g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d3si8315590pla.122.2019.01.19.15.49.56;
        Sat, 19 Jan 2019 15:50:42 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729906AbfASXqP convert rfc822-to-8bit (ORCPT
        <rfc822;sduhuangshuai@gmail.com> + 99 others);
        Sat, 19 Jan 2019 18:46:15 -0500
Received: from terminus.zytor.com ([198.137.202.136]:58327 "EHLO
        mail.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729803AbfASXqO (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 19 Jan 2019 18:46:14 -0500
Received: from [IPv6:2607:fb90:2843:591a:6d1d:ce2f:69d2:7e68] ([172.56.41.105])
        (authenticated bits=0)
        by mail.zytor.com (8.15.2/8.15.2) with ESMTPSA id x0JNiuYi1819236
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO);
        Sat, 19 Jan 2019 15:44:57 -0800
Date:   Sat, 19 Jan 2019 15:44:48 -0800
User-Agent: K-9 Mail for Android
In-Reply-To: <20190119232503.GA149403@google.com>
References: <20190118225543.86996-1-joel@joelfernandes.org> <20190119082532.GA9004@kroah.com> <20190119162754.GC231277@google.com> <CAKOZuet+7a4jdox6rebMN=kJtDn5RUYzvNjFh+Pzn2UkuP0Y8Q@mail.gmail.com> <20190119232503.GA149403@google.com>
MIME-Version: 1.0
Content-Type: text/plain;
 charset=utf-8
Content-Transfer-Encoding: 8BIT
Subject: Re: [RFC] Provide in-kernel headers for making it easy to extend the kernel
To:     Joel Fernandes <joel@joelfernandes.org>,
        Daniel Colascione <dancol@google.com>
CC:     Greg KH <gregkh@linuxfoundation.org>,
        linux-kernel <linux-kernel@vger.kernel.org>,
        Andrew Morton <akpm@linux-foundation.org>, ast@kernel.org,
        atishp04@gmail.com, Borislav Petkov <bp@alien8.de>,
        Ingo Molnar <mingo@redhat.com>, Jan Kara <jack@suse.cz>,
        Jonathan Corbet <corbet@lwn.net>, karim.yaghmour@opersys.com,
        Kees Cook <keescook@chromium.org>, kernel-team@android.com,
        "open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
        Manoj Rao <linux@manojrajarao.com>,
        Masahiro Yamada <yamada.masahiro@socionext.com>,
        Paul McKenney <paulmck@linux.vnet.ibm.com>,
        "Peter Zijlstra (Intel)" <peterz@infradead.org>,
        Randy Dunlap <rdunlap@infradead.org>, rostedt@goodmis.org,
        Thomas Gleixner <tglx@linutronix.de>,
        "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@kernel.org>,
        yhs@fb.com
From:   hpa@zytor.com
Message-ID: <78AACAF1-8EBF-4DF3-BE94-5B14E78BA791@zytor.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On January 19, 2019 3:25:03 PM PST, Joel Fernandes <joel@joelfernandes.org> wrote:
>On Sat, Jan 19, 2019 at 12:43:35PM -0500, Daniel Colascione wrote:
>> On Sat, Jan 19, 2019 at 11:27 AM Joel Fernandes
><joel@joelfernandes.org> wrote:
>> >
>> > On Sat, Jan 19, 2019 at 09:25:32AM +0100, Greg KH wrote:
>> > > On Fri, Jan 18, 2019 at 05:55:43PM -0500, Joel Fernandes wrote:
>> > > > --- /dev/null
>> > > > +++ b/kernel/kheaders.c
>> 
>> Thanks a ton for this work. It'll make it much easier to do cool
>> things with BPF.
>
>You're welcome, thanks.
>
>> One question: I can imagine wanting to probe
>> structures that are defined, not in headers, but in random
>> implementation files. Would it be possible to optionally include
>*all*
>> kernel source files?
>
>That would be prohibitively too large to justify keeping it in memory,
>even
>compressed. Arguably, such structures should be moved into include/ if
>modules or whatever is extending the kernel like eBPF needs them.
>
>> If not, what about a hash, so we could at least
>> do precise correlation between a candidate local tree and what's
>> actually on device?
>
>That would make a tool too difficult to write wouldn't it, since they
>you have to
>correlate every possible hash and keep updating eBPF tools with new
>hashes -
>probably not scalable. I think what you want is to use the kernel
>version to
>assume what such internal structures look like although that's still
>not
>robust.
>
>> BTW, I'm not sure that the magic constants you've defined are long
>> enough.  I'd feel more comfortable with two UUIDs (16 bytes each).
>
>Ok, I'll expand it.
>
>> I'd also strongly consider LZMA compression: xz -9 on the kernel
>> headers (with comments) brings the size down to 5MB, compared to the
>> 7MB I get for gzip -9. Considering that this feature is optional, I
>> think it's okay to introduce a dependency on widespread modern
>> compression tools. (For comparison, bzip2 -9 gets us 6MB.)
>
>Ok, I'll look into LZMA. Thanks for checking the compression sizes.
>
>- Joel

Don't use lzma, use xz if you are going to do something.

However, it seems unlikely to me that someone not willing to spend the space in the filesystem will spend unswappable kernel memory.

It would seem that a far saner way to do this is to use inittmpfs or perhaps an auxiliary "ktmpfs" so it can at least be swapped out if you have swap.
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.