Features/Systemtap2

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
(Contingency Plan)
(Release Notes)
Line 58: Line 58:
 
== Release Notes ==
 
== Release Notes ==
  
TBD.
+
"Systemtap 2.0 includes a new prototype backend, which uses DynInst to instrument a user's own binaries at runtime.  This backend does not use kernel modules, and does not require root privileges, but is restricted with respect to the kinds of probes and other constructs that a script may use."
  
 
== Comments and Discussion ==
 
== Comments and Discussion ==

Revision as of 18:53, 24 July 2012

Contents

Feature Name: Systemtap 2.0

Summary

A major new version of systemtap.

Owner

Current status

  • Targeted release: Fedora 18
  • Last updated: 2012-07-24
  • Percentage of completion: 90%

Detailed Description

For this next major release of systemtap, the team is hoping to deliver an optional new backend that allows unprivileged users to instrument their programs, without any kernel module building or root privileges.

Benefit to Fedora

Reduction of security attack surface, by less reliance on setuid / kernel facilities. Increased process introspection capability. Higher performance process introspection. Usability by completely unprivileged users.

Scope

Direct impact is limited to this package. However, the <sys/sdt.h> markers embedded in several Fedora libraries and binaries become accessible to more users than before.

How To Test

The packaged testsuite should cover the general capabilities of the tool, to avoid regressions.

User Experience

User experience from prior versions should not change. Completely unprivileged users should become able to instrument their own programs without any kernel- or root-dependent machinations.

Dependencies

The DynInst library is now packaged for Fedora rawhide.

Contingency Plan

If the pure-userspace work is not completed in time, the then-newest upstream systemtap can be issued for Fedora 18 (version 1.8, already in fedora-updates), and a later dyninst-capable version would be issued as a future update.

Documentation

TBD.

Release Notes

"Systemtap 2.0 includes a new prototype backend, which uses DynInst to instrument a user's own binaries at runtime. This backend does not use kernel modules, and does not require root privileges, but is restricted with respect to the kinds of probes and other constructs that a script may use."

Comments and Discussion