From: Jiri Olsa <olsajiri@gmail.com>
To: Will Deacon <will@kernel.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Peter Zijlstra <peterz@infradead.org>,
bpf@vger.kernel.org, linux-trace-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, x86@kernel.org,
Yonghong Song <yhs@fb.com>, Song Liu <songliubraving@fb.com>,
Andrii Nakryiko <andrii@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Mahe Tardy <mahe.tardy@gmail.com>
Subject: Re: [BUG/RFC 1/2] arm64/ftrace,bpf: Fix partial regs after bpf_prog_run
Date: Sun, 4 Jan 2026 12:56:17 +0100 [thread overview]
Message-ID: <aVpVYUaBOWk22RtO@krava> (raw)
In-Reply-To: <aVfbqYsWdGXu4lh8@willie-the-truck>
On Fri, Jan 02, 2026 at 02:52:25PM +0000, Will Deacon wrote:
> On Wed, Nov 05, 2025 at 01:59:23PM +0100, Jiri Olsa wrote:
> > hi,
> > Mahe reported issue with bpf_override_return helper not working
> > when executed from kprobe.multi bpf program on arm.
> >
> > The problem seems to be that on arm we use alternate storage for
> > pt_regs object that is passed to bpf_prog_run and if any register
> > is changed (which is the case of bpf_override_return) it's not
> > propagated back to actual pt_regs object.
> >
> > The change below seems to fix the issue, but I have no idea if
> > that's proper fix for arm, thoughts?
> >
> > I'm attaching selftest to actually test bpf_override_return helper
> > functionality, because currently we only test that we are able to
> > attach a program with it, but not the override itself.
> >
> > thanks,
> > jirka
> >
> >
> > ---
> > arch/arm64/include/asm/ftrace.h | 11 +++++++++++
> > include/linux/ftrace.h | 3 +++
> > kernel/trace/bpf_trace.c | 1 +
> > 3 files changed, 15 insertions(+)
> >
> > diff --git a/arch/arm64/include/asm/ftrace.h b/arch/arm64/include/asm/ftrace.h
> > index ba7cf7fec5e9..ad6cf587885c 100644
> > --- a/arch/arm64/include/asm/ftrace.h
> > +++ b/arch/arm64/include/asm/ftrace.h
> > @@ -157,6 +157,17 @@ ftrace_partial_regs(const struct ftrace_regs *fregs, struct pt_regs *regs)
> > return regs;
> > }
> >
> > +static __always_inline void
> > +ftrace_partial_regs_fix(const struct ftrace_regs *fregs, struct pt_regs *regs)
> > +{
> > + struct __arch_ftrace_regs *afregs = arch_ftrace_regs(fregs);
> > +
> > + if (afregs->pc != regs->pc) {
> > + afregs->pc = regs->pc;
> > + afregs->regs[0] = regs->regs[0];
> > + }
> > +}
>
> This looks a bit grotty to me and presumably other architectures would
> need similar treatement. Wouldn't it be cleaner to reuse the existing
> API instead? For example, by calling ftrace_regs_set_instruction_pointer()
> and ftrace_regs_set_return_value() to update the relevant registers from
> the core code?
I knew I forgot some change.. thanks for replying
ftrace_partial_regs is overloaded in arm64 and because of that we need
to propagate the change to pt_regs, so I think the ftrace_partial_regs_fix
code is arm64 specific, so can't see that in core code
also wrt ftrace_partial_regs_fix name, I was thinking it might be better
to have begin/end functions, like:
ftrace_partial_regs_begin
ftrace_partial_regs_end
thanks,
jirka
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -2560,10 +2560,11 @@ kprobe_multi_link_prog_run(struct bpf_kprobe_multi_link *link,
}
rcu_read_lock();
- regs = ftrace_partial_regs(fregs, bpf_kprobe_multi_pt_regs_ptr());
+ regs = ftrace_partial_regs_begin(fregs, bpf_kprobe_multi_pt_regs_ptr());
old_run_ctx = bpf_set_run_ctx(&run_ctx.session_ctx.run_ctx);
err = bpf_prog_run(link->link.prog, regs);
bpf_reset_run_ctx(old_run_ctx);
+ ftrace_partial_regs_end(fregs, bpf_kprobe_multi_pt_regs_ptr());
rcu_read_unlock();
out:
next prev parent reply other threads:[~2026-01-04 11:56 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-05 12:59 [BUG/RFC 1/2] arm64/ftrace,bpf: Fix partial regs after bpf_prog_run Jiri Olsa
2025-11-05 12:59 ` [PATCH 2/2] selftests/bpf: Add test for bpf_override_return helper Jiri Olsa
2025-11-05 22:04 ` Song Liu
2025-11-13 7:51 ` [BUG/RFC 1/2] arm64/ftrace,bpf: Fix partial regs after bpf_prog_run Jiri Olsa
2026-01-02 14:52 ` Will Deacon
2026-01-04 11:56 ` Jiri Olsa [this message]
2026-01-04 13:34 ` Masami Hiramatsu
2026-01-05 21:22 ` Steven Rostedt
2026-01-07 8:23 ` Jiri Olsa
2026-01-07 15:53 ` Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aVpVYUaBOWk22RtO@krava \
--to=olsajiri@gmail.com \
--cc=andrii@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mahe.tardy@gmail.com \
--cc=mark.rutland@arm.com \
--cc=mhiramat@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=songliubraving@fb.com \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.