This is the mail archive of the
systemtap@sources.redhat.com
mailing list for the systemtap project.
Re: script safety - no outside calls
Chen, Brad wrote:
I assume that a module loaded with insmod() can any kernel
subroutine it cares to. In the case of modules loaded for stap,
we might choose not to support calls into arbitrary OS routines,
similar to DTrace. By not support calls into kernel code you
create a clean separation (at least conceptually) between kernel
code and systemtap code, and avoid invocation of instrumented
kernel code by scripts.
For these reasons I'm assuming that systemtap scripts can only
call into a designated systemtap runtime. Any strong feelings
to the contrary?
Brad
I don't agree that we should limit accessing kernel functions. If we do
that,
some of the common features kernel provides that we also need example
dumpstack(), timestamp() etc we will end up duplicating the code, which
i am sure no one likes.
What we might want to provide is an easy interface for most commonly
accessed
functions by virtue of providing systemtap library functions, they
internally call kernel
functions directly. The main reason of providing these library functions
is to make
scripts portable from one version of the kernel to other. That means the
burden falls
on us to keep these libraries up to date along with kernel changes.
I am hoping we will only have few set of functions in this library and
underlying
kernel functions wont change often. If some one wants to refer to kernel
functions
directly in the scripts we should let them do so.
Dtrace uses an interpreter similar to Dprobes hence they can not access
kernel functions directly. I am not sure this is a safety issue, it is
more of
the limitations of an interpreter.