chromeos-base/perfetto/files/init/traced_probes.conf - third_party/overlays/chromiumos-overlay - Git at Google

 # Copyright 2020 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description   "Starts perfetto system tracing service and probes"
 author        "chromium-os-dev@chromium.org"

 start on started traced
 stop on stopping traced
 expect fork
 respawn
 respawn limit 10 10
 oom score -100
 # Use 10 times regular as usage, which is ~240 MiB for memory usage limit.
 # Note that internally perfetto has it's own watchdog and will self-kill if its
 # memory budget exceeds SUM(tracing buffers) + 32MB slack.
 limit as 250000000 unlimited

 env PERFETTO_SOCK_DIR=/run/perfetto
 env PERFETTO_PRODUCER_SOCK_NAME=/run/perfetto/traced-producer.sock

 pre-start script
   # Make per_cpu trace file writable for group debugfs-access.
   chgrp debugfs-access /sys/kernel/debug/tracing/per_cpu/cpu*/trace
   chmod g+w /sys/kernel/debug/tracing/per_cpu/cpu*/trace
   # Allow group debugfs-access to eanble tracing events through writing to the
   # "enable" files.
   find /sys/kernel/debug/tracing/events -name enable \
     -exec chgrp debugfs-access {} + -exec chmod g+w {} +
 end script

 script
   # Common mount flags for tmpfs.
   mnt_flags="MS_NOSUID|MS_NODEV|MS_NOEXEC"
   # Mount tmpfs at /sys/kernel/debug: traced_probes doesn't access debugfs.
   # TODO(chinglinyu): use /sys/kernel/tracing and remove this tmpfs mount after
   # kernels < v4.1 are no longer supported.
   tracefs_mnt_args="-k tmpfs,/sys/kernel/debug,tmpfs,${mnt_flags}"
   # Bind mount /sys/kernel/debug/tracing.
   tracefs_mnt_args="${tracefs_mnt_args} -b /sys/kernel/debug/tracing,,1"
   # minijail0 args.
   # -u traced-probes -g traced-probes: run as user: traced-probes,
   #   group: traced-probes.
   # -G: Inherit supplementary groups from new uid.
   # -c 0: Grant no caps.
   # -i: fork immediately and don't block the startup.
   # -l: enter a new IPC namespace.
   # -e: enter a new network namespace.
   # --uts: enter a new UTS namespace.
   # traced_probes runs without -p because it needs to see the PID of the traced
   # processes.
   # -n: set no new_privs.
   # -b /sys: bind mount sysfs.
   # ${tracefs_mnt_args}: mount tracefs.
   exec /sbin/minijail0 -u traced-probes -g traced-probes \
     -G -c 0 -i -l -e --uts -n \
     --profile=minimalistic-mountns -t \
     -k "tmpfs,/run,tmpfs,${mnt_flags}" \
     -b "${PERFETTO_SOCK_DIR}",,1 \
     -b /sys \
     ${tracefs_mnt_args} \
     -S /usr/share/policy/traced_probes.policy \
     -- /usr/bin/traced_probes
 end script
	# Copyright 2020 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Starts perfetto system tracing service and probes"
	author "chromium-os-dev@chromium.org"

	start on started traced
	stop on stopping traced
	expect fork
	respawn
	respawn limit 10 10
	oom score -100
	# Use 10 times regular as usage, which is ~240 MiB for memory usage limit.
	# Note that internally perfetto has it's own watchdog and will self-kill if its
	# memory budget exceeds SUM(tracing buffers) + 32MB slack.
	limit as 250000000 unlimited

	env PERFETTO_SOCK_DIR=/run/perfetto
	env PERFETTO_PRODUCER_SOCK_NAME=/run/perfetto/traced-producer.sock

	pre-start script
	# Make per_cpu trace file writable for group debugfs-access.
	chgrp debugfs-access /sys/kernel/debug/tracing/per_cpu/cpu*/trace
	chmod g+w /sys/kernel/debug/tracing/per_cpu/cpu*/trace
	# Allow group debugfs-access to eanble tracing events through writing to the
	# "enable" files.
	find /sys/kernel/debug/tracing/events -name enable \
	-exec chgrp debugfs-access {} + -exec chmod g+w {} +
	end script

	script
	# Common mount flags for tmpfs.
	mnt_flags="MS_NOSUID\|MS_NODEV\|MS_NOEXEC"
	# Mount tmpfs at /sys/kernel/debug: traced_probes doesn't access debugfs.
	# TODO(chinglinyu): use /sys/kernel/tracing and remove this tmpfs mount after
	# kernels < v4.1 are no longer supported.
	tracefs_mnt_args="-k tmpfs,/sys/kernel/debug,tmpfs,${mnt_flags}"
	# Bind mount /sys/kernel/debug/tracing.
	tracefs_mnt_args="${tracefs_mnt_args} -b /sys/kernel/debug/tracing,,1"
	# minijail0 args.
	# -u traced-probes -g traced-probes: run as user: traced-probes,
	# group: traced-probes.
	# -G: Inherit supplementary groups from new uid.
	# -c 0: Grant no caps.
	# -i: fork immediately and don't block the startup.
	# -l: enter a new IPC namespace.
	# -e: enter a new network namespace.
	# --uts: enter a new UTS namespace.
	# traced_probes runs without -p because it needs to see the PID of the traced
	# processes.
	# -n: set no new_privs.
	# -b /sys: bind mount sysfs.
	# ${tracefs_mnt_args}: mount tracefs.
	exec /sbin/minijail0 -u traced-probes -g traced-probes \
	-G -c 0 -i -l -e --uts -n \
	--profile=minimalistic-mountns -t \
	-k "tmpfs,/run,tmpfs,${mnt_flags}" \
	-b "${PERFETTO_SOCK_DIR}",,1 \
	-b /sys \
	${tracefs_mnt_args} \
	-S /usr/share/policy/traced_probes.policy \
	-- /usr/bin/traced_probes
	end script