Received: by 2002:a05:6358:7058:b0:131:369:b2a3 with SMTP id 24csp7178898rwp; Tue, 18 Jul 2023 11:09:51 -0700 (PDT) X-Google-Smtp-Source: APBJJlG3gPscPXpygtkAES9Dyvgeh1X0jIDCDgBZMEd/J8oWjRk/4iNEJtNQw0a/FOkYaU3dVjy7 X-Received: by 2002:a05:6402:51cc:b0:51d:9a92:24f0 with SMTP id r12-20020a05640251cc00b0051d9a9224f0mr468584edd.4.1689703791268; Tue, 18 Jul 2023 11:09:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689703791; cv=none; d=google.com; s=arc-20160816; b=q2zFtHTI7596j24Vlb1Zg7VSlr29GJBNYWDydy0DPG03a+xDTVevRS8Tzf7CvA7O21 qWzELp2GI78CeJJiWG+V+0CjKuCoEUNpx7e4zdXNCrRqwIY/7+0ZYOAnDzyR16JLJrAQ AgLTtEXz5vXUzoRC/h67SN2hE3cCX1V2Iqk8K44dwKx2KNlWUOk8bieuNGXXASagGf4/ JdawVyv+EufwX56woJoScVFZwTkcWA4aEi8X3XyysfD92gx/hKiX0YHQU/zafLJ88KnA xLqnqVErR85OL2iACMI/kETlpDno/i+6kge3ZXT64OOcTYZcMibfUUbOMvQRozi+RHPq Cx6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:organization:message-id:date:subject:cc:to :from; bh=jNl7+02TkEQIf/TF0FJCdh0dabh8xT7hXM+EQLxoNX8=; fh=676QFsbi0NS/3CNeISsU8wAzlSoMbCskm1SeTU6Wsxo=; b=iVUMfzJqqPf7dLfr/humUcz1355zpNWjbgPPY/95tprhZBodiKdAN623BiDqYcrNrt gCLbortmj6fh2ZY5qFkSaR4uIJLhk0EjCccOzSwyGW0zKwy0Dy1Nr2QTpclhzBgyEbUb qqZSdOD3a4uW7+4lzEgm3+4MOpHd5qLt7/nR5Qsphoey1hlDcm9jvEmEM2oBVCZ0FpkT i0BR5xfAOiBxBCjuHki2yseLRYCRY7RpyMwoqgH0fUU8Xt9Ui3wBiS+ehwehFEG24GEV P1z7+0xYjPWJJ1PISXQtIxm7zZ7ZlBd1S25bmGR/qwJxqzh4OxzKr7slGs8/GQ4qHJTb qGxw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b13-20020aa7d48d000000b0051de5968bd8si1641926edr.443.2023.07.18.11.09.27; Tue, 18 Jul 2023 11:09:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230484AbjGRRZV convert rfc822-to-8bit (ORCPT + 99 others); Tue, 18 Jul 2023 13:25:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52576 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230005AbjGRRZV (ORCPT ); Tue, 18 Jul 2023 13:25:21 -0400 X-Greylist: delayed 1117 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Tue, 18 Jul 2023 10:25:18 PDT Received: from 3.mo550.mail-out.ovh.net (3.mo550.mail-out.ovh.net [46.105.60.232]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 68C1711C for ; Tue, 18 Jul 2023 10:25:18 -0700 (PDT) Received: from director3.ghost.mail-out.ovh.net (unknown [10.108.1.13]) by mo550.mail-out.ovh.net (Postfix) with ESMTP id 2B775252BC for ; Tue, 18 Jul 2023 17:06:40 +0000 (UTC) Received: from ghost-submission-6684bf9d7b-kgjmm (unknown [10.110.115.151]) by director3.ghost.mail-out.ovh.net (Postfix) with ESMTPS id B05EE1FE4F; Tue, 18 Jul 2023 17:06:37 +0000 (UTC) Received: from courmont.net ([37.59.142.109]) by ghost-submission-6684bf9d7b-kgjmm with ESMTPSA id co++IZ3GtmTPUgEAdIjfRg (envelope-from ); Tue, 18 Jul 2023 17:06:37 +0000 Authentication-Results: garm.ovh; auth=pass (GARM-109S003826dc6eb-88b5-4684-a2f6-36c303c88a24, 3111FEB0E50A85C15A7B3C8E702AC4BF574C28F6) smtp.auth=postmaster@courmont.net X-OVh-ClientIp: 87.92.194.88 From: =?ISO-8859-1?Q?R=E9mi?= Denis-Courmont To: Atish Patra , linux-riscv@lists.infradead.org Cc: linux-kernel@vger.kernel.org, Aurelien Jarno , Mathieu Malaterre , Jan Newger Subject: Re: [PATCH v4 00/10] riscv: Allow userspace to directly access perf counters Date: Tue, 18 Jul 2023 20:06:36 +0300 Message-ID: <4761144.fSbbhVQpq0@basile.remlab.net> Organization: Remlab In-Reply-To: References: <20230703124647.215952-1-alexghiti@rivosinc.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8BIT Content-Type: text/plain; charset="UTF-8" X-Ovh-Tracer-Id: 14312439619513293242 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedviedrgeeggddutdegucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurhephffvvefufffkohgjfhgggfgtsehtqhertddttdejnecuhfhrohhmpeftrohmihcuffgvnhhishdqvehouhhrmhhonhhtuceorhgvmhhisehrvghmlhgrsgdrnhgvtheqnecuggftrfgrthhtvghrnhephedujedulefftedvvefgueehjeekhfeukeegtdeijefgheevgeehkeekhedtleeknecuffhomhgrihhnpehffhhmphgvghdrohhrghdprhgvmhhlrggsrdhnvghtnecukfhppeduvdejrddtrddtrddupdekjedrledvrdduleegrdekkedpfeejrdehledrudegvddruddtleenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeduvdejrddtrddtrddupdhmrghilhhfrhhomhepoehrvghmihesrhgvmhhlrggsrdhnvghtqedpnhgspghrtghpthhtohepuddprhgtphhtthhopehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrghdpoffvtefjohhsthepmhhoheehtddpmhhouggvpehsmhhtphhouhht X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, Le tiistaina 18. heinäkuuta 2023, 2.22.54 EEST Atish Patra a écrit : > > AFAIK, if the default settings breaks user space, the patchset is > > considered to break user space. That being the case, either this case is > > deemed special enough that breaking user space is OK, or it is not. > This case is a special case as the usage was incorrect in the first > place. I agree that it's not only insecure but also incorrect. However it mostly works. In fact I don't disagree with the change as such, but I think that the commit messages are misleading and confusing. For a start, in one place it says that it is not breaking user space and in another it says basically the opposite. (Unfortunately, not everybody agrees with the change. I can't seem to get FFmpeg's checkasm tool fixed: http://ffmpeg.org/pipermail/ffmpeg-devel/2023-July/312245.html ) Also this is not the first time somebody argues that an API should be removed because it's broken. That's not special. > Any application that genuinely requires rdcycle can always get > it now via the perf interface. Sure. But the question is whether it breaks user space and if so, whether that's acceptable. Existing apps that call RDCYCLE will now fail, presumbly receive SIGILL(?). > If the insecure and incorrect behavior is allowed, we suspect the user > space behavior will never be fixed as it is hard to put a future flag > date in these cases. For better or worse, I can only agree there. But then adding an option to preserve the broken behaviour is begging for people to (ab)use it, and indeed never fix the problem, and never be able to remove the option. > > If it is not OK, then the only way out that I can think of, consists of > > trapping and emulating the counters, returning the same sanitised values > > that Linux perf would return. Then you can add a kernel config option to > > disable that trap-and-emulation code in the future. > What do you mean by "sanitised" value ? I mean whatever avoids creating a security issue. Presumably report the number of cycles spent in the calling thread and in user mode since the first time that the process called RDCYCLE? Maybe it's not reasonable for complexity or performance reasons, but then IMO, it deserves a little bit better explaining in the commit message. -- 雷米‧德尼-库尔蒙 http://www.remlab.net/