Comments (7)
Related issue: iovisor/bcc#3668
from system76-scheduler.
The long term goal is to replace execsnoop with a custom implementation optimized for system76-power. Which would preferably also be written in Rust. There are some bpf/bcc crates available on Crates.io, but I'm not currently familiar with how it all glues together yet, or what the recommended crates are today. If you're interested, you could help me with that.
from system76-scheduler.
The long term goal is to replace execsnoop with a custom implementation optimized for system76-power. Which would preferably also be written in Rust. There are some bpf/bcc crates available on Crates.io, but I'm not currently familiar with how it all glues together yet, or what the recommended crates are today. If you're interested, you could help me with that.
This sounds really nice! I could try working on a rust bpf PoC when I have some time.
By the way, (if necessary I would create a new issue), I noticed that after receiving exec info from execsnoop it waits 2 seconds for latest cgroup info. But I think that it could be done better by let a new bpf program hooking cgroup_procs_write()
to get all PID writes to cgroup.procs
. This may help some scenarios when CPU-consuming processes is creating very frequently.
from system76-scheduler.
That would be helpful, because the two second delay is because the scheduler's already parsing the new process's data before its cgroup and other data are assigned to it.
from system76-scheduler.
Aya seems to be the most popular rust-idiomatic library for writing eBPF kernel and user space programs. Today I have taken some time written a working PoC with Aya.
There are some problems with Aya though:
- Aya doesn't have a very good documentation about kprobing syscalls. For example, I have searched for a very long time to find how to get argument (reg) values from
ProbeContext
. - The PoC is working on the template Aya given, which seems to be designed for applications, not libraries.
- For 32-bit apps in x86-64, Aya's builtin
PtRegs
could not be used as it is using a different calling convention from x86-64. I'm using some non-portable dirty methods to get correct arguments from it. - It is said that Aya supports CO-RE (Compile-once, run-anywhere), but I have only tested my PoC on Arch Linux, and I'm not sure what will happen on older kernels.
- Aya template uses git repo as dependency directly in its
Cargo.toml
(likeaya-bpf = { git = "https://github.com/aya-rs/aya" }
) without any commit/branch/tag pinning.
from system76-scheduler.
It may be worth asking Aya's developers for help with the less documented or tricky areas. Perhaps they'd be willing to accept contributions for improvements to their documentation and APIs?
For now, I'd accept a solution that can at least match parity with execsnoop-bpfcc. Though we can choose a better medium for communicating the inputs. Perhaps a zero-copy serializer like https://github.com/rkyv/rkyv, or something human-readable that's efficient to serialize and deserialize like https://kdl.dev/.
I tried running your proof of concept, and got this error:
failed to initialize eBPF logger: log event array AYA_LOGS doesn't exist
from system76-scheduler.
For now, I'd accept a solution that can at least match parity with execsnoop-bpfcc. Though we can choose a better medium for communicating the inputs. Perhaps a zero-copy serializer like https://github.com/rkyv/rkyv, or something human-readable that's efficient to serialize and deserialize like https://kdl.dev/.
Still using bcc + Python and just adjusts the output of script sounds also OK and it doesn't involve a lot of refactoring.
I tried running your proof of concept, and got this error:
failed to initialize eBPF logger: log event array AYA_LOGS doesn't exist
This is expected as there're no aya logger (info!()
, etc.) within eBPF programs. However, I have tested it today within a Debian 12 VM and unfortunately finds out that the "portability" aya claims does not seem to work. The execsnoop-poc-ebpf/src/vmlinux.rs
is generated under Linux 6.4.x and it fails when accessing task->real_parent->tgid
in Linux 6.1.x. Regenerating it in Linux 6.1.x and it works.
from system76-scheduler.
Related Issues (20)
- 100% CPU usage HOT 4
- Pipewire - audio underrunning heavily at low buffer sizes when using external interface HOT 1
- Process nice values get reset when switching windows?
- policy mksSandbox (VMware Workstation Sandboxed Graphics Processes)
- Some USB storage devices will be blocked from registering with USB storage by BPF HOT 3
- Difficulty with assignments for Carla and Input Remapper
- scheduler conflicts HOT 2
- Does system76-scheduler replace Feral Interactive's gamemode?
- execsnoop example fails to build
- Internal restart of service with same PID resets nice value and never gets updated again HOT 1
- Audio underrun issues related to pipewire priority HOT 4
- Support running without tweakable scheduler if cfs profiles are disabled HOT 2
- Child foreground niceness sometimes not applied
- Memory usage HOT 3
- High CPU usage + high laptop temps HOT 2
- On occasion, very high CPU usage HOT 2
- system76-scheduler daemon using 100% CPU HOT 1
- Make cfs-profiles configuration clearer HOT 1
- [Audio crackling] Possible priority wrongdoing for Pipewire and/or EasyEffects HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from system76-scheduler.