[ktap] Re: [PATCH] FFI support for ktap
- From: Qingping Hou <dave2008713@xxxxxxxxx>
- To: ktap@xxxxxxxxxxxxx
- Date: Mon, 04 Nov 2013 12:47:01 -0500
On Mon 04 Nov 2013 08:06:18 AM EST, Jovi Zhangwei wrote:
>>> I planed to use a command option like "guru mode"(similar with Systemtap)
>>> in ktap, but I also doubt whether the command option really is enough to
>>> make
>>> ktap safe, user still can crash the kernel easily on ktap installed
>>> system, like
>>> the example you posted, just call the schedule in atomic context.
>>>
ktapc will be able to detect whehter user is using FFI API later because
we will be parsing C function defitnion and generating ktap vm chunk
accordingly. So IMHO guru mode is enough to prevent user running FFI
enabled ktap script in compilation time. That said, they can still feed
in unsafe chunk directly to ktap VM, which I doubt anyone will do unless
they want to crash the kernel intentionally ;p
So if we want to have a complete safe ktap runtime, CONFIG_KTAP_FFI and
sysctl is the way to go. FFI should be easy to disable at runtme since
all FFI features are accessed by indexing into global C table, we can
just set that table to nil.
Other related posts:
