diff mbox series

[RFC] linux: Remove user-space probe support

Message ID 7c95e1cf-a4b7-23e1-379c-97aafd8d7783@ipfire.org
State Accepted
Commit 25a3d87645609b3deffdc45a153eb2e2696032f9
Headers
Series [RFC] linux: Remove user-space probe support |

Commit Message

Peter Müller Oct. 2, 2022, 2:47 p.m. UTC 
  From the kernels' documentation:

> Uprobes is the user-space counterpart to kprobes: they
> enable instrumentation applications (such as 'perf probe')
> to establish unintrusive probes in user-space binaries and
> libraries, by executing handler functions when the probes
> are hit by user-space applications.
>
> ( These probes come in the form of single-byte breakpoints,
> managed by the kernel and kept transparent to the probed
> application. )

To the best of the authors' understanding, no application on IPFire
needs this functionality, and given its abuse potential, we should
probably not enable it.

As expected, strace functionality is not impaired by this.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
 config/kernel/kernel.config.aarch64-ipfire | 5 +----
 config/kernel/kernel.config.armv6l-ipfire  | 5 +----
 config/kernel/kernel.config.x86_64-ipfire  | 5 +----
 3 files changed, 3 insertions(+), 12 deletions(-)

Comments

Michael Tremer Oct. 3, 2022, 9:48 a.m. UTC | #1 
Hello,

I would say, that we do not use this feature - or at least I don’t.

Did you check whether some other options depend on this?

-Michael

> On 2 Oct 2022, at 15:47, Peter Müller <peter.mueller@ipfire.org> wrote:
> 
> From the kernels' documentation:
> 
>> Uprobes is the user-space counterpart to kprobes: they
>> enable instrumentation applications (such as 'perf probe')
>> to establish unintrusive probes in user-space binaries and
>> libraries, by executing handler functions when the probes
>> are hit by user-space applications.
>> 
>> ( These probes come in the form of single-byte breakpoints,
>> managed by the kernel and kept transparent to the probed
>> application. )
> 
> To the best of the authors' understanding, no application on IPFire
> needs this functionality, and given its abuse potential, we should
> probably not enable it.
> 
> As expected, strace functionality is not impaired by this.
> 
> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
> ---
> config/kernel/kernel.config.aarch64-ipfire | 5 +----
> config/kernel/kernel.config.armv6l-ipfire  | 5 +----
> config/kernel/kernel.config.x86_64-ipfire  | 5 +----
> 3 files changed, 3 insertions(+), 12 deletions(-)
> 
> diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire
> index 836e2b15f..76dbafc5f 100644
> --- a/config/kernel/kernel.config.aarch64-ipfire
> +++ b/config/kernel/kernel.config.aarch64-ipfire
> @@ -645,7 +645,6 @@ CONFIG_CRYPTO_AES_ARM64_BS=m
> # CONFIG_KPROBES is not set
> CONFIG_JUMP_LABEL=y
> CONFIG_STATIC_KEYS_SELFTEST=y
> -CONFIG_UPROBES=y
> CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
> CONFIG_HAVE_KPROBES=y
> CONFIG_HAVE_KRETPROBES=y
> @@ -8154,9 +8153,7 @@ CONFIG_TRACER_SNAPSHOT=y
> CONFIG_BRANCH_PROFILE_NONE=y
> # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
> # CONFIG_BLK_DEV_IO_TRACE is not set
> -CONFIG_UPROBE_EVENTS=y
> -CONFIG_DYNAMIC_EVENTS=y
> -CONFIG_PROBE_EVENTS=y
> +# CONFIG_UPROBE_EVENTS is not set
> CONFIG_FTRACE_MCOUNT_RECORD=y
> CONFIG_FTRACE_MCOUNT_USE_PATCHABLE_FUNCTION_ENTRY=y
> # CONFIG_SYNTH_EVENTS is not set
> diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire
> index ae611fc6f..28f4ef3aa 100644
> --- a/config/kernel/kernel.config.armv6l-ipfire
> +++ b/config/kernel/kernel.config.armv6l-ipfire
> @@ -738,7 +738,6 @@ CONFIG_AS_VFP_VMRS_FPINST=y
> # CONFIG_KPROBES is not set
> CONFIG_JUMP_LABEL=y
> CONFIG_STATIC_KEYS_SELFTEST=y
> -CONFIG_UPROBES=y
> CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
> CONFIG_ARCH_USE_BUILTIN_BSWAP=y
> CONFIG_HAVE_KPROBES=y
> @@ -8129,9 +8128,7 @@ CONFIG_BRANCH_PROFILE_NONE=y
> # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
> # CONFIG_PROFILE_ALL_BRANCHES is not set
> # CONFIG_BLK_DEV_IO_TRACE is not set
> -CONFIG_UPROBE_EVENTS=y
> -CONFIG_DYNAMIC_EVENTS=y
> -CONFIG_PROBE_EVENTS=y
> +# CONFIG_UPROBE_EVENTS is not set
> CONFIG_FTRACE_MCOUNT_RECORD=y
> CONFIG_FTRACE_MCOUNT_USE_RECORDMCOUNT=y
> # CONFIG_SYNTH_EVENTS is not set
> diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
> index d005f98d4..bb4655a99 100644
> --- a/config/kernel/kernel.config.x86_64-ipfire
> +++ b/config/kernel/kernel.config.x86_64-ipfire
> @@ -671,7 +671,6 @@ CONFIG_GENERIC_ENTRY=y
> CONFIG_JUMP_LABEL=y
> CONFIG_STATIC_KEYS_SELFTEST=y
> # CONFIG_STATIC_CALL_SELFTEST is not set
> -CONFIG_UPROBES=y
> CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
> CONFIG_ARCH_USE_BUILTIN_BSWAP=y
> CONFIG_USER_RETURN_NOTIFIER=y
> @@ -7594,9 +7593,7 @@ CONFIG_TRACER_SNAPSHOT=y
> CONFIG_BRANCH_PROFILE_NONE=y
> # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
> # CONFIG_BLK_DEV_IO_TRACE is not set
> -CONFIG_UPROBE_EVENTS=y
> -CONFIG_DYNAMIC_EVENTS=y
> -CONFIG_PROBE_EVENTS=y
> +# CONFIG_UPROBE_EVENTS is not set
> CONFIG_FTRACE_MCOUNT_RECORD=y
> CONFIG_FTRACE_MCOUNT_USE_CC=y
> # CONFIG_SYNTH_EVENTS is not set
> -- 
> 2.35.3
diff mbox series

Patch

diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire
index 836e2b15f..76dbafc5f 100644
--- a/config/kernel/kernel.config.aarch64-ipfire
+++ b/config/kernel/kernel.config.aarch64-ipfire
@@ -645,7 +645,6 @@  CONFIG_CRYPTO_AES_ARM64_BS=m
 # CONFIG_KPROBES is not set
 CONFIG_JUMP_LABEL=y
 CONFIG_STATIC_KEYS_SELFTEST=y
-CONFIG_UPROBES=y
 CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
 CONFIG_HAVE_KPROBES=y
 CONFIG_HAVE_KRETPROBES=y
@@ -8154,9 +8153,7 @@  CONFIG_TRACER_SNAPSHOT=y
 CONFIG_BRANCH_PROFILE_NONE=y
 # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
 # CONFIG_BLK_DEV_IO_TRACE is not set
-CONFIG_UPROBE_EVENTS=y
-CONFIG_DYNAMIC_EVENTS=y
-CONFIG_PROBE_EVENTS=y
+# CONFIG_UPROBE_EVENTS is not set
 CONFIG_FTRACE_MCOUNT_RECORD=y
 CONFIG_FTRACE_MCOUNT_USE_PATCHABLE_FUNCTION_ENTRY=y
 # CONFIG_SYNTH_EVENTS is not set
diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire
index ae611fc6f..28f4ef3aa 100644
--- a/config/kernel/kernel.config.armv6l-ipfire
+++ b/config/kernel/kernel.config.armv6l-ipfire
@@ -738,7 +738,6 @@  CONFIG_AS_VFP_VMRS_FPINST=y
 # CONFIG_KPROBES is not set
 CONFIG_JUMP_LABEL=y
 CONFIG_STATIC_KEYS_SELFTEST=y
-CONFIG_UPROBES=y
 CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
 CONFIG_ARCH_USE_BUILTIN_BSWAP=y
 CONFIG_HAVE_KPROBES=y
@@ -8129,9 +8128,7 @@  CONFIG_BRANCH_PROFILE_NONE=y
 # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
 # CONFIG_PROFILE_ALL_BRANCHES is not set
 # CONFIG_BLK_DEV_IO_TRACE is not set
-CONFIG_UPROBE_EVENTS=y
-CONFIG_DYNAMIC_EVENTS=y
-CONFIG_PROBE_EVENTS=y
+# CONFIG_UPROBE_EVENTS is not set
 CONFIG_FTRACE_MCOUNT_RECORD=y
 CONFIG_FTRACE_MCOUNT_USE_RECORDMCOUNT=y
 # CONFIG_SYNTH_EVENTS is not set
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
index d005f98d4..bb4655a99 100644
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -671,7 +671,6 @@  CONFIG_GENERIC_ENTRY=y
 CONFIG_JUMP_LABEL=y
 CONFIG_STATIC_KEYS_SELFTEST=y
 # CONFIG_STATIC_CALL_SELFTEST is not set
-CONFIG_UPROBES=y
 CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
 CONFIG_ARCH_USE_BUILTIN_BSWAP=y
 CONFIG_USER_RETURN_NOTIFIER=y
@@ -7594,9 +7593,7 @@  CONFIG_TRACER_SNAPSHOT=y
 CONFIG_BRANCH_PROFILE_NONE=y
 # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set
 # CONFIG_BLK_DEV_IO_TRACE is not set
-CONFIG_UPROBE_EVENTS=y
-CONFIG_DYNAMIC_EVENTS=y
-CONFIG_PROBE_EVENTS=y
+# CONFIG_UPROBE_EVENTS is not set
 CONFIG_FTRACE_MCOUNT_RECORD=y
 CONFIG_FTRACE_MCOUNT_USE_CC=y
 # CONFIG_SYNTH_EVENTS is not set