DOCSLIB.ORG

Piece of Cake

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Piece of Cake BEFN$?FN KSplice XeaXg\glebk#g_fkfZXj\%Zfd 8ggcp`e^lg[Xk\jkfXeXZk`m\b\ie\cn`k_Bjgc`Z\ G@<:<F=:8B< Uptime is often just as important as updates. But doesn’t a kernel patch which a developer has simply mis- counted a parameter such as an array require a reboot? Ksplice lets you have your cake and eat it too. boundary. Bugs of this type are very easy to resolve. For example, Listing 1 BY NILS MAGNUS shows a patch for the prctl() system call, which resolves the vulnerability listed as any administrators don’t relish Jeffrey Brian Arnold from the Massa- CVE-2006-2451. The problem, for which the thought of installing a new chusetts Institute of Technology estab- exploits exist, takes just one line of code Dkernel, so most distributions lished in a survey [1] that patches were to fix. come with package management and very simple in most cases. Eighty per- Arnold developed the Ksplice package installation tools that simplify the task. cent of them comprised fewer than 15 [2] with the idea of patching the active After you load and install the new kernel lines of code, and more than half were kernel directly, without the need for a re- and register it with the bootloader, the little more than one-liners. Problems are boot. The program just needs the source reboot should take just a couple of min- often caused by “off-by-one errors,” in code for the current kernel, the configu- utes. But a couple of minutes of down- time is too long for some applications. Listing 1: Patch for CVE-2006-2451 If you manage a system used for num- 01 diff --git a/kernel/sys.c b/kernel/sys.c ber crunching, such as in weather simu- 02 lations, or a system that has to manage 03 --- a/kernel/sys.c a large number of network connections, such as a phone server or online shop, 04 +++ b/kernel/sys.c you probably would prefer to avoid a re- 05 @@ -1991,7 +1991,7 @@ asmlinkage long sys_prctl(int option, unsigned boot. long arg2, unsigned long arg3, On the other hand, administrators are 06 case PR_SET_DUMPABLE: also responsible for the security of the 07 - if (arg2 < 0 || arg2 > 2) { systems they manage. Surveys have re- 08 + if (arg2 < 0 || arg2 > 1) { vealed that developers discover a Linux 09 error = -EINVAL; kernel bug every three weeks on aver- 10 break; age. The open development model means that patches appear often. 11 } 52 ISSUE 95 OCTOBER 2008 052-054_ksplice.indd 52 13.08.2008 16:14:40 Uhr KSplice BEFN$?FN JpdYfckXYc\ i\jfcm\jjkXikX[[i\jj Zfekifcj B\ie\cZfe]`^liXk`fe JfliZ\Zf[\f] FYa\ZkZf[\ Bjgc`Z\df[`]`\[ J\c\Zki\c\mXek XZk`m\b\ie\c gfjk :i\Xk\df[lc\j 9l`c[\em`ifed\ek :fdgXi`jfeXk ]leZk`fejXe[ `ek_\kXiXiZ_`m\ fYa\Zkc\m\c ZXcZlcXk\k_\`i GXkZ_n`k_ FYa\ZkZf[\ jkXikX[[i\jj\j j\Zli`kplg[Xk\ gi\ G_Xj\( G_Xj\) G_Xj\* G_Xj\+ =`^li\(1Kfgi\gXi\Z_Xe^\jkfk_\ilee`e^b\ie\c#Bjgc`Z\Yl`c[jknfb\ie\cki\\jG_Xj\( #XjZ\ikX`ej[`]]\i\eZ\jXkfYa\ZkZf[\c\m\cG_Xj\ ) #fgk`d`q\jk_\dG_Xj\* #Xe[Yle[c\jk_\dkfZi\Xk\Xe\ndf[lc\G_Xj\+ % ration data, and the symbol table. The thread is currently running one of the If the program were to use a different best thing is that you do not even need functions that needs to be replaced. To compiler to create the pre kernel, it could to prepare the running system to use avoid this, the program calls stop_ma- lead to incorrect assumptions about the Ksplice. The program can modify any chine_run() to stop the thread execution running system. Ksplice relies on sub- kernel as of version 2.6.8. because the function creates a high-pri- stantial logic to analyze the symbol ta- Linux distributions offer the kernel ority process for each CPU. The Ksplice bles, which many distributions store in source code, or, if you built your own module now checks to see whether the the /boot/Symbol.map file. On top of kernel, you will find it in /usr/src. Distri- change candidate contains threads. If it this, it builds the two kernels with a butions typically store the two files con- does, the module waits for a while and number of compiler options that assign fig and System.map in /boot. On top of then retries. This approach will not work a separate ELF text segment to each this, Ksplice obviously needs a patch file for some functions, such as the sched- function to make it easier to identify or one or multiple files with changes. uler, because the scheduler will always modified, relative jumps. The program builds two new kernels: pre be doing something. In that case, Ksplice Because it handles code like a black designates a version of the current sys- gives up; in all other cases, it installs the box, Ksplice can’t detect changes in data tem, and post designates the kernel after jump addresses. From now on, the Linux structures. For example, if a patch adds a the updates. kernel executes the patched version of new attribute to a data structure or the functions. changes its layout, unpredictable issues Jgfkk_\;`]]\i\eZ\ will occur. Trampoline jumps will typi- After building both kernels, Ksplice @ee\iMXcl\j cally pick up function pointers, but there looks for differences in the object code Ksplice has to find the right functions is no guarantee Ksplice will handle more (see Figure 1). If Ksplice were to analyze and vector addresses in relocatable code. complex pointer arithmetic or “creative” the source code directly, it would need The program is capable of detecting typecasting gracefully in each case. to emulate all of the compiler’s deci- changes in relative jump addresses sions, which is far too complicated for where the function itself is not affected F]]C`d`kj the task in hand. For this reason, Ksplice by a modification, thanks to the new In the documentation, the author em- uses the GNU BFD library [3] to search length of the patched function. The ker- phasizes that he mainly designed the for functions in the object code that have nel typically enters functions imple- tool for minor security patches and that changed in the new kernel. Ksplice then mented in C at the start only. In contrast, it is the system administrator’s own adds the new code to modules and in- the program has to search for the vector responsibility to read, understand, and serts trampoline jumps at the start of the in the case of assembler code. evaluate the patch before applying it. original functions that ]leZk`fe then point to the new ver- bjgc`Z\$Zi\Xk\ Gi`dXipdf[lc\ ?\cg\idf[lc\j sions. When the adminis- kiXdgfc`e\aldg Zi\Xk\j Jkfgb\ie\c :XcZlcXk\kiXdgfc`e\j k_i\X[j trator finally enables the nX`kXe[ i\kip fc[Zf[\ changes, Ksplice loads Gi`dXip ?\cg\i :f[\ df[lc\j df[lc\j p\j two kernel modules on jk`ccXZk`m\6 the running system that ef ]leZk`fe df[`]`\[ kXiXiZ_`m\ then perform the modifi- ]leZk`fej @ejkXcce\nZf[\Xe[kiXdgfc`e\j `ejkXccj cations (see Figure 2). e\nZf[\ cfX[\[Yp One critical issue is tim- C`elob\ie\c cfX[j cfX[j ing as to when Ksplice is bjgc`Z\$Xggcp allowed to install the trampoline jumps. Trou- =`^li\)1Kf\eXYc\k_\e\n]leZk`fej#Bjgc`Z\Xkk\dgkjkfni`k\kiXdgfc`e\aldgjXkk_\jkXikf]k_\fc[]leZ$ ble occurs if a kernel k`fej%Kf[fjf#k_\gif^iXd]`ijkjkfgjk_\gifZ\jj\jXe[dXb\jjli\k_Xkk_\Zf[\[f\jefklj\k_i\X[j% OCTOBER 2008 ISSUE 95 53 052-054_ksplice.indd 53 13.08.2008 16:14:42 Uhr BEFN$?FN KSplice ging the active kernel. If you just want to add a couple of printk() calls at various points to view data structures that are otherwise difficult to access, Ksplice gives you a simple approach to injecting them into a running system. However, this approach does not lend itself to more complex applications, for which dynamically loadable modules, Kprobes, or Systemtap are more useful. GXk\ek\[8ggifXZ_6 Developers have pointed out that Micro- soft posted a patent application with the =`^li\*1Kfgi\gXi\Bjgc`Z\#k_\X[d`e`jkiXkfikpg\jbjgc`Z\$Zi\Xk\`ek_\b\ie\cjfliZ\ US Patent Office (USPO) in December [`i\ZkfipXe[jg\Z`]`\jk_\gXkZ_kpg\%Bjgc`Z\k_\eYl`c[jk_\fc[Xe[e\nb\ie\cjXe[ 2002 titled “Patching of In-Use Functions Yle[c\jk_\Z_Xe^\j`ekfXelg[Xk\df[lc\% on a Running Computer System.” USPO had refused the application, and Micro- In other words, you need a great deal of ture is that the administrator can specify soft had appealed and posted a whole kernel expertise to apply the tool; other- a change in diff format with the --patch bunch of additional applications, includ- wise, the effect might be far more de- option or specify a file with the --diffext ing one for Efficient Patching (USPO ref- structive than a bit of reboot downtime. option in which the changes have al- erence 20050257208). Because Ksplice cannot make seman- ready been completed. On top of this, In response to this, half a dozen devel- tic changes to a running kernel, the ad- the program needs a ksplice subdirectory opers piped up in various forums point- ministrator’s pipe dream of measuring in the kernel tree, where the administra- ing out that this technology was public uptime in years is just that because most tor stores both the kernel configuration knowledge on various platforms from changes between one kernel release and and the symbol table (see Figure 3).
Load more

Recommended publications
  • Oracle® Linux Administrator's Solutions Guide for Release 6
    Oracle® Linux Administrator's Solutions Guide for Release 6 E37355-64 August 2017 Oracle Legal Notices Copyright © 2012, 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S.
    [Show full text]
  • Adaptive Android Kernel Live Patching
    Adaptive Android Kernel Live Patching Yue Chen Yulong Zhang Zhi Wang Liangzhao Xia Florida State University Baidu X-Lab Florida State University Baidu X-Lab Chenfu Bao Tao Wei Baidu X-Lab Baidu X-Lab Abstract apps contain sensitive personal data, such as bank ac- counts, mobile payments, private messages, and social Android kernel vulnerabilities pose a serious threat to network data. Even TrustZone, widely used as the se- user security and privacy. They allow attackers to take cure keystore and digital rights management in Android, full control over victim devices, install malicious and un- is under serious threat since the compromised kernel en- wanted apps, and maintain persistent control. Unfortu- ables the attacker to inject malicious payloads into Trust- nately, most Android devices are never timely updated Zone [42, 43]. Therefore, Android kernel vulnerabilities to protect their users from kernel exploits. Recent An- pose a serious threat to user privacy and security. droid malware even has built-in kernel exploits to take Tremendous efforts have been put into finding (and ex- advantage of this large window of vulnerability. An ef- ploiting) Android kernel vulnerabilities by both white- fective solution to this problem must be adaptable to lots hat and black-hat researchers, as evidenced by the sig- of (out-of-date) devices, quickly deployable, and secure nificant increase of kernel vulnerabilities disclosed in from misuse. However, the fragmented Android ecosys- Android Security Bulletin [3] in recent years. In ad- tem makes this a complex and challenging task. dition, many kernel vulnerabilities/exploits are publicly To address that, we systematically studied 1;139 An- available but never reported to Google or the vendors, droid kernels and all the recent critical Android ker- let alone patched (e.g., exploits in Android rooting nel vulnerabilities.
    [Show full text]
  • Protecting Your Linux Systems with Oracle Ksplice
    Staying Ahead of Cyberthreats: Protecting Your Linux Systems with Oracle Ksplice The Advantages Of Zero-Downtime Patching April 23, 2020 Copyright © 2020, Oracle and/or its affiliates Public TABLE OF CONTENTS Introduction 2 Why Patching Matters 2 About Oracle Ksplice 3 Other Benefits 3 Conclusion 4 Learn More 4 1 WHITE PAPER | Staying Ahead of Cyberthreats: Protecting Your Linux Systems Copyright © 2020, Oracle and/or its affiliates |Public INTRODUCTION IT systems require regular patching for security, performance, and compliance reasons. For Linux operating system (OS) kernel updates, which include “Availability requirements important new security enhancements and bug fixes, releases happen about 1 are on the rise for once per month. These updates help keep systems current with the latest organizations undergoing innovations. However, manually patching systems has many inherent digital transformations. challenges and difficulties which tends to delay their timely application. For this Downtimes are costly, reason, zero-downtime patching solutions for Linux, like Oracle Ksplice, are with unplanned becoming essential tools. In this paper, Oracle Ksplice’s capabilities and many infrastructure downtimes advantages are explained. costing $100,000 per hour on an average. With Why Patching Matters the possibility of every organization being a Inadequate patch management can leave loopholes in the IT infrastructure leading to target for cyberattacks various security and performance issues. Ideally, patches should be applied shortly after and attackers moving very release to ensure the latest system protections. Patching typically requires downtime quickly to exploit system which, depending on operations, can require weeks or months of advanced planning. vulnerabilities, IDC Most Linux patching also traditionally happens at the disk level for file systems, which has recommends several disadvantages.
    [Show full text]
  • Proceedings of the Linux Symposium
    Proceedings of the Linux Symposium Volume One June 27th–30th, 2007 Ottawa, Ontario Canada Contents The Price of Safety: Evaluating IOMMU Performance 9 Ben-Yehuda, Xenidis, Mostrows, Rister, Bruemmer, Van Doorn Linux on Cell Broadband Engine status update 21 Arnd Bergmann Linux Kernel Debugging on Google-sized clusters 29 M. Bligh, M. Desnoyers, & R. Schultz Ltrace Internals 41 Rodrigo Rubira Branco Evaluating effects of cache memory compression on embedded systems 53 Anderson Briglia, Allan Bezerra, Leonid Moiseichuk, & Nitin Gupta ACPI in Linux – Myths vs. Reality 65 Len Brown Cool Hand Linux – Handheld Thermal Extensions 75 Len Brown Asynchronous System Calls 81 Zach Brown Frysk 1, Kernel 0? 87 Andrew Cagney Keeping Kernel Performance from Regressions 93 T. Chen, L. Ananiev, and A. Tikhonov Breaking the Chains—Using LinuxBIOS to Liberate Embedded x86 Processors 103 J. Crouse, M. Jones, & R. Minnich GANESHA, a multi-usage with large cache NFSv4 server 113 P. Deniel, T. Leibovici, & J.-C. Lafoucrière Why Virtualization Fragmentation Sucks 125 Justin M. Forbes A New Network File System is Born: Comparison of SMB2, CIFS, and NFS 131 Steven French Supporting the Allocation of Large Contiguous Regions of Memory 141 Mel Gorman Kernel Scalability—Expanding the Horizon Beyond Fine Grain Locks 153 Corey Gough, Suresh Siddha, & Ken Chen Kdump: Smarter, Easier, Trustier 167 Vivek Goyal Using KVM to run Xen guests without Xen 179 R.A. Harper, A.N. Aliguori & M.D. Day Djprobe—Kernel probing with the smallest overhead 189 M. Hiramatsu and S. Oshima Desktop integration of Bluetooth 201 Marcel Holtmann How virtualization makes power management different 205 Yu Ke Ptrace, Utrace, Uprobes: Lightweight, Dynamic Tracing of User Apps 215 J.
    [Show full text]
  • Teaching Operating Systems Concepts with Systemtap
    Session 8B: Enhancing CS Instruction ITiCSE '17, July 3-5, 2017, Bologna, Italy Teaching Operating Systems Concepts with SystemTap Darragh O’Brien School of Computing Dublin City University Glasnevin Dublin 9, Ireland [email protected] ABSTRACT and their value is undoubted. However, there is room in introduc- e study of operating systems is a fundamental component of tory operating systems courses for supplementary approaches and all undergraduate computer science degree programmes. Making tools that support the demonstration of operating system concepts operating system concepts concrete typically entails large program- in the context of a live, real-world operating system. ming projects. Such projects traditionally involve enhancing an is paper describes how SystemTap [3, 4] can be applied to existing module in a real-world operating system or extending a both demonstrate and explore low-level behaviour across a range pedagogical operating system. e laer programming projects rep- of system modules in the context of a real-world operating sys- resent the gold standard in the teaching of operating systems and tem. SystemTap scripts allow the straightforward interception of their value is undoubted. However, there is room in introductory kernel-level events thereby providing instructor and students alike operating systems courses for supplementary approaches and tools with concrete examples of operating system concepts that might that support the demonstration of operating system concepts in the otherwise remain theoretical. e simplicity of such scripts makes context of a live, real-world operating system. is paper describes them suitable for inclusion in lectures and live demonstrations in an approach where the Linux monitoring tool SystemTap is used introductory operating systems courses.
    [Show full text]
  • Red Hat Enterprise Linux 7 Systemtap Beginners Guide
    Red Hat Enterprise Linux 7 SystemTap Beginners Guide Introduction to SystemTap William Cohen Don Domingo Jacquelynn East Red Hat Enterprise Linux 7 SystemTap Beginners Guide Introduction to SystemTap William Cohen Red Hat Performance Tools [email protected] Don Domingo Red Hat Engineering Content Services [email protected] Jacquelynn East Red Hat Engineering Content Services [email protected] Legal Notice Copyright © 2014 Red Hat, Inc. and others. This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries. Node.js ® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
    [Show full text]
  • Kshot: Live Kernel Patching with SMM and SGX
    KShot: Live Kernel Patching with SMM and SGX Lei Zhou∗y, Fengwei Zhang∗, Jinghui Liaoz, Zhengyu Ning∗, Jidong Xiaox Kevin Leach{, Westley Weimer{ and Guojun Wangk ∗Department of Computer Science and Engineering, Southern University of Science and Technology, Shenzhen, China, zhoul2019,zhangfw,ningzy2019 @sustech.edu.cn f g ySchool of Computer Science and Engineering, Central South University, Changsha, China zDepartment of Computer Science, Wayne State University, Detroit, USA, [email protected] xDepartment of Computer Science, Boise State University, Boise, USA, [email protected] Department of Computer Science and Engineering, University of Michigan, Ann Arbor, USA, kjleach,weimerw @umich.edu { f g kSchool of Computer Science and Cyber Engineering, Guangzhou University, Guangzhou, China, [email protected] Abstract—Live kernel patching is an increasingly common kernel vulnerabilities also merit patching. Organizations often trend in operating system distributions, enabling dynamic up- use rolling upgrades [3], [6], in which patches are designed dates to include new features or to fix vulnerabilities without to affect small subsystems that minimize unplanned whole- having to reboot the system. Patching the kernel at runtime lowers downtime and reduces the loss of useful state from running system downtime, to update and patch whole server systems. applications. However, existing kernel live patching techniques However, rolling upgrades do not altogether obviate the need (1) rely on specific support from the target operating system, to restart software or reboot systems; instead, dynamic hot and (2) admit patch failures resulting from kernel faults. We patching (live patching) approaches [7]–[9] aim to apply present KSHOT, a kernel live patching mechanism based on patches to running software without having to restart it.
    [Show full text]
  • SUSE Linux Enterprise Server 12 SP4 System Analysis and Tuning Guide System Analysis and Tuning Guide SUSE Linux Enterprise Server 12 SP4
    SUSE Linux Enterprise Server 12 SP4 System Analysis and Tuning Guide System Analysis and Tuning Guide SUSE Linux Enterprise Server 12 SP4 An administrator's guide for problem detection, resolution and optimization. Find how to inspect and optimize your system by means of monitoring tools and how to eciently manage resources. Also contains an overview of common problems and solutions and of additional help and documentation resources. Publication Date: September 24, 2021 SUSE LLC 1800 South Novell Place Provo, UT 84606 USA https://documentation.suse.com Copyright © 2006– 2021 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its aliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its aliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof. Contents About This Guide xii 1 Available Documentation xiii
    [Show full text]
  • Porting Linux Embedded Linux Conference (Europe)
    Porting Linux Embedded Linux Conference (Europe) Porting Linux About Jon Masters ● Been playing with Linux for 14 years (and the kernel for 13 of those), since the age of 13. ● Built embedded NMR scientific instruments, worked with Montavista UK, now at Red Hat. ● Author of the LKML Summary Podcast and the kernel column in Linux User & Developer. ● Co-author of Building Embedded Linux Systems (second edition) – O'Reilly (2008) ● My car still has an empeg :) Porting Linux Overview ● Why port Linux anyway? ● Background pre-requisities ● Early board work ● Bootloader bringup ● Initial kernel bringup ● Debugging ● Working with Upstream ● Trends Porting Linux Why port Linux anyway? ● Linux is very portable ● Supports 23 architectures in the upstream “mainline” kernel tree of Linus Torvalds. ● Kernel is mostly written in C, with some assembly (most architectures only need a dozen such files) ● Split between high-level generic functions and low- level functions to abstract architectural differences. Porting Linux Why port Linux anyway? ● Linux is competitive ● The number of Linux kernel developers contributing to the official kernel has tripled since 2005. ● Feature growth continues with an average of 10K new lines of source code added every day. ● In the hour you spend here 5.45 patches will on average be added to the upstream Linux kernel. ● Source: Linux Foundation analysis Porting Linux Why port Linux anyway? ● Linux is cost effective. ● A large amount of code to build upon. ● Large (growing) community of developers. ● I think we all know the rest. Porting Linux Background pre-requisities ● Hardware ● Development board or simulator – Optional debugger, some kind of UART – Boards range in value from $200-$crazy – Implement the same architecture and platform as the final design but maybe with a number of hacks.
    [Show full text]
  • How to Surprise by Being a Linux Performance Know-It-All
    How to surprise by being a Linux-performance “know-it-all” Christian Ehrhardt IBM 6th August 2014 15754 & 15755 Insert Custom Session QR if Desired. Linux on System z Performance Evaluation Trademarks IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at www.ibm.com/legal/copytrade.shtml. 2 July 15, 2014 Linux-Performance-know it all series © 2014 IBM Corporation Linux on System z Performance Evaluation Agenda . Your swiss army knife for the complex cases – Netstat – network statistics and overview – Pidstat – per process statistics – Socket Statistics – extended socket statistics – Slabtop – kernel memory pool consumption – top / ps – process overview – Lsof – check file flags of open files – Icastats / lszcrypt – check usage of crypto hw support – Blktrace – low level disk I/O analysis – Lsluns / multipath – check multipath setup – Hyptop – cross guest cpu consumption monitor – Lsqeth – check hw checksumming and buffer count – Iptraf - network traffic monitor – Ethtool – check offloading functions – Dstat – very configurable live system overview – Collectl – full system monitoring – Irqstats – check irq amount and cpu distribution – Ftrace – kernel function tracing – Smem – per process/per mapping memory overview – Lttng – complex latency tracing infrastructure – Jinsight – Java method call stack
    [Show full text]
  • Oracle Linux System Administration I
    Oracle Linux System Administration I Dieser Kurs im Web Die Schulung hilft Ihnen, eine Reihe von Fähigkeiten zu entwickeln, einschließlich der Installation, der Verwendung des Unbreakable Enterprise Kernel, der Alle tagesaktuellen Informationen Konfiguration von Linux-Diensten, der Vorbereitung des Systems für die Oracle- und Möglichkeiten zur Bestellung finden Sie unter dem folgenden Link: Datenbank, der Überwachung und der Fehlerbehebung. www.experteach.de/go/026S Nach diesem Kurs verfügen Sie über das Wissen und die Fähigkeiten, typische Vormerkung Probleme von Administratoren zu lösen, und verstehen das Kernel- Sie können auf unserer Website einen Platz Entwicklungsmodell und die Linux-Distributionen. Machen Sie sich damit vertraut, kostenlos und unverbindlich für 7 Tage reservieren. wie Oracle Linux Ihnen die neuesten Linux-Innovationen bietet, die extreme Dies geht auch telefonisch unter 06074 4868-0. Leistung, erweiterte Skalierbarkeit und Zuverlässigkeit für Garantierte Kurstermine Unternehmensanwendungen und -systeme ermöglichen. Für Ihre Planungssicherheit bieten wir stets eine große Auswahl garantierter Kurstermine an. Kursinhalt • Course Introduction Ihr Kurs maßgeschneidert • Introduction to Oracle Linux Diesen Kurs können wir für Ihr Projekt exakt an • Installing Oracle Linux 7 Ihre Anforderungen anpassen. • Oracle Linux 7 Boot Process • System Configuration • Package Management • Ksplice • Automate Tasks • Kernel Module Configuration • User and Group Administration • Partitions, File Systems, and Swap • Implementing the XFS File System • Implementing the Btrfs File System • Storage Administration • Network Configuration • File Sharing • OpenSSH Service • Security Administration • Oracle on Oracle • System Monitoring E-Book Sie erhalten die englischsprachigen Original-Unterlagen in Form eines Oracle University eKits. Zielgruppe • System Administrator • Linux Administrator • Entwickler Voraussetzungen • Arten von Benutzerkonten & Arbeiten mit Dateien und Verzeichnissen unter Unix • Textbearbeitung mit vi & Unix-Prozesskontrolle Training Preise zzgl.
    [Show full text]
  • TK014: Linux Performance Tuning and Analysis
    TK014: Linux Performance Tuning and Analysis Duration 5.0 Days Course Content 1. Tunning principals and the USE method 1.1. What is Performance Tuning? 1.2. Performance Tuning Methodology 1.3. Model System 1.4. Establish a Baseline 1.5. Establish Performance Targets 1.6. Identify Bottleneck 1.7. Tune 1.8. Measure, Monitor, Evaluate, Repeat 1.9. Final Thoughts 1.10. The USE Method 1.11. Gathering USE Metrics 2. Linux internals review 2.1. The Linux Operating System Components 2.2. Open Standards 2.3. Memory Layout 2.4. Important Kernel Threads 2.5. Device Files in Linux Copyright © TEKonsult 2017 2.6. Managing Linux Device Files 2.7. udev 2.8. Random Numbers and /dev/random 2.9. Block Devices and the Device Mapper 2.10. List Block Devices 2.11. SCSI Devices 2.12. File Systems with Linux 2.13. Hardware Discovery Tools 2.14. Cache and Write Barriers 2.15. Advanced LVM: Components & Object Tags 2.16. Advanced LVM: Automated Storage Tiering 2.17. Advanced LVM: Thin Provisioning 2.18. Advanced LVM: Striping & Mirroring 2.19. Advanced LVM: RAID Volumes 2.20. Kernel Modules 3. LINUX USERSPACE ARCHITECTURE 3.1. systemd System and Service Manager 3.2. Using systemd 3.3. Security Model Overview 4. LOG FILE ADMINISTRATION 4.1. System Logging 4.2. systemd Journal 4.3. systemd Journal’s journactl 4.4. Secure Logging with Journal’s Log Sealing 4.5. gnome-system-log Copyright © TEKonsult 2017 4.6. Rsyslog 4.7. /etc/rsyslog.conf 4.8. Log Management 4.9. Log Anomaly Detector 4.10.
    [Show full text]