From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2B136367F31 for ; Mon, 6 Jul 2026 10:42:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783334574; cv=none; b=KONSji68vX163THGAZ3z7mDFweRz0BCYkp0fYUUYkSZxmKSR+R/WY4yZ5aNh56KUC3NLPrJ0L5NC86UlOUlkTgI5YYsspgwBgqW0SwLEoo2uuQ1lJl0US40JbysH4PsZ+4X9t+DIjaqhVRf4epO2JFHSgp6hNYVRXbMm044ornE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783334574; c=relaxed/simple; bh=7jGrrKhau039KGF+D/EhnXv4Eeo8yneBAlwyXwKMYVU=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=Bsxxi0U8V/VYg9sI5SylrLtpzEPtmSlzfrHAaxopVEuEy2Oh1J2XibuZ8n4t2/0ZAgVNHBSrcRK+WOdN/3D8X6DMEgopz9DMWezApg23aEDxZD8DlOtEgfJeVOwUP6Mn0l74tNldLCjSZfEiQwrkEwVG3qfCqb6KYL8ZBl4vhOo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=ECXPq9MH; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=X0PRgz0r; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="ECXPq9MH"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="X0PRgz0r" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1783334572; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qCoz5Iovrxw6v/kl19PuthITHE4VsqmzpdZPCtUSOQE=; b=ECXPq9MH/gKe8o5Os+a39YHuilWUIkLLu7Vs59eLr/gjlgk5jJmKmx0mRP+HrJtjtgOtO+ qpd4oN+yj2dONMSCmWjqS8oCnxvsw9cH2H7MvYx6rMiZrwbGpDpbq08ORte1teYs/J82VO KOSdAaBn7vJCQDop+h22bx97nJ6/IuY= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-74-LzSQ3OEbMp6_LCTJxkmUYw-1; Mon, 06 Jul 2026 06:42:51 -0400 X-MC-Unique: LzSQ3OEbMp6_LCTJxkmUYw-1 X-Mimecast-MFC-AGG-ID: LzSQ3OEbMp6_LCTJxkmUYw_1783334570 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-47132f8a98aso1597730f8f.1 for ; Mon, 06 Jul 2026 03:42:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1783334570; x=1783939370; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:content-language:from :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=qCoz5Iovrxw6v/kl19PuthITHE4VsqmzpdZPCtUSOQE=; b=X0PRgz0rzaf1cTvKRN936QkwkXAnJjhS5VqSixX0kCdQ4TzC5TV7gXFcWOUDXn2ToC YOUM25h3s7wW1pQoLOQfmuhdFTOYG4jguf9tJ5ElmEukxW/6IIKn5QnFgX9SqtrG8/Bg +dWZaWGi5CZVEOdT6qHvJWiJ8YNXM72ZvEqbCcZmhaHLHzycX/j6kWCi7CA5ue+VFX1j mUsOy7kNNroHAlUYDhtj43TAtRsbj3Ke9kh4VcStTiOCCJ0ETisSDj+sBmcwjxEkHWsS wUkUZehhgN0isfEdbhU7oRFCqGqpHtJQYkjZDn0XZhijTccE7P9GbAnFxuQOhvkd+sN2 38RA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1783334570; x=1783939370; h=content-transfer-encoding:in-reply-to:content-language:from :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qCoz5Iovrxw6v/kl19PuthITHE4VsqmzpdZPCtUSOQE=; b=cVrbv3NyGmtmZJ0C6qRY6HRe5+ZkP0VzpEXqyeZ3xFmBxuyy76a2t9GuHMTK+xJkQo Kt3fQvpa/O1riU5SU6OhsYkiWW5d8uaNouT4o0jVv6TIXM4j7WVb1kBwhhwPgE6soRXC 7YFfqXMQMpl0QYot+oY02aQ7BW3lej+ai5e0J5+bGRfHhB90MDtXxyeGJpcvt5TYFoH6 4CVlg7LSNbGCRdwyo7jHn+q7n/e5hKcSw0ACFzaD6sn3uqLFazDrVGrNkKwmzHDT9240 7vUZ44PlsBzwV7BziE9F/DgOVJkLrHNUl2HKraBkcwWtADzB6cH24b+hhYhQJrhj+5iT NWoQ== X-Forwarded-Encrypted: i=1; AHgh+RpBcb7wAwZEegWyeKQxBxHKewV2XxXS/4+xWrxOmlWoxB9LXWPNEjLg5zaSKV/tXYo5lZ/9sx+AEMHXOFI=@vger.kernel.org X-Gm-Message-State: AOJu0YwuJ+BZzl5e+p1mZ3AFZk7hu7OQIz2LL0tY/QrxlbkYpeCTWlG5 Q77l2LvS8xA4XHByTiB+IbutxqSb6qsS+C7AKAoyaFoJ95s8JxFTTTUo0ss+UXluqt31aXPrxh/ 3WEtuWP5O5rNRLG3YiNfj7wfl10D765AmYRdAxrPP4QNCcaVuxQ1geqFq03+cuAlb X-Gm-Gg: AfdE7cmBMP4Tq+3ByerFgC+EOA/YhQy/uhhakzkZglBmgPhg6BdzCjdz+YU8kIlhhWZ OaaLAfNI6x3+p/7u8u/tUXRGvS7wazXH0Fujw2MvFFHiUftuzPx6jPDBZu0RnBUkcHLk/HYOuYk JHxlUi0HMtG725sB/ZEW/LP1hzET+T656BoK6nXhMIfVoSdfHp8j+B/PmYB7FbdE20mNawi+Rld fI0XrP2wmL2BEVcoOuWzgQ/50r7saDFiRPLYFiHy+9yVV+Uqx7UY2B2K6+vq5kfzeb8NYp6MRRn zMh7u8W4NOoTvSZFlKsAQtbqQ4bWomTxgwXtGmZWXJNiERdcDmgoT7W3ZHvwDyVfmm1Y7JspWG5 yplCohZr8QbCOSGj0gGdUjScSdcc9b5I0k2m57+l8HrxUjQ== X-Received: by 2002:a05:6000:29d4:b0:474:3b3b:5e5f with SMTP id ffacd0b85a97d-47aac4ecba2mr7434424f8f.16.1783334569785; Mon, 06 Jul 2026 03:42:49 -0700 (PDT) X-Received: by 2002:a05:6000:29d4:b0:474:3b3b:5e5f with SMTP id ffacd0b85a97d-47aac4ecba2mr7434389f8f.16.1783334569341; Mon, 06 Jul 2026 03:42:49 -0700 (PDT) Received: from [192.168.0.135] (185-219-167-205-static.vivo.cz. [185.219.167.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-47aa0960634sm25043705f8f.26.2026.07.06.03.42.47 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 06 Jul 2026 03:42:48 -0700 (PDT) Message-ID: Date: Mon, 6 Jul 2026 12:42:47 +0200 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v2 1/2] perf trace: Factor out BPF loop body To: Namhyung Kim Cc: linux-perf-users@vger.kernel.org, Peter Zijlstra , Ingo Molnar , Arnaldo Carvalho de Melo , Mark Rutland , Alexander Shishkin , Jiri Olsa , Ian Rogers , Adrian Hunter , James Clark , Howard Chu , linux-kernel@vger.kernel.org, bpf@vger.kernel.org, Michael Petlan , stable@vger.kernel.org References: <20fc67aa2550ca5aff52b3a9a207f2e07f8e0b1d.1783070132.git.vmalik@redhat.com> From: Viktor Malik Content-Language: en-US In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 7/4/26 01:49, Namhyung Kim wrote: > Hello, > > On Fri, Jul 03, 2026 at 12:32:14PM +0200, Viktor Malik wrote: >> The BPF program in augmented_raw_syscalls uses a for loop to iterate all >> syscall arguments. The loop body is quite complex and often poses >> problems for the BPF verifier. As a preparation step for addressing this >> issue, factor out the loop body into a separate function. >> >> Signed-off-by: Viktor Malik >> Cc: stable@vger.kernel.org >> --- >> .../bpf_skel/augmented_raw_syscalls.bpf.c | 127 ++++++++++-------- >> 1 file changed, 72 insertions(+), 55 deletions(-) >> >> diff --git a/tools/perf/util/bpf_skel/augmented_raw_syscalls.bpf.c b/tools/perf/util/bpf_skel/augmented_raw_syscalls.bpf.c >> index 2a6e61864ee0..cbdd5ce19a2f 100644 >> --- a/tools/perf/util/bpf_skel/augmented_raw_syscalls.bpf.c >> +++ b/tools/perf/util/bpf_skel/augmented_raw_syscalls.bpf.c >> @@ -429,15 +429,79 @@ static bool pid_filter__has(struct pids_filtered *pids, pid_t pid) >> return bpf_map_lookup_elem(pids, &pid) != NULL; >> } >> >> +/* >> + * Determine what type of argument and how many bytes to read from user space, using the >> + * value in the beauty_map. This is the relation of parameter type and its corresponding >> + * value in the beauty map, and how many bytes we read eventually: >> + * >> + * string: 1 -> size of string >> + * struct: size of struct -> size of struct >> + * buffer: -1 * (index of paired len) -> value of paired len (maximum: TRACE_AUG_MAX_BUF) >> + */ >> +static inline int augment_arg(struct syscall_enter_args *args, int i, >> + unsigned int *beauty_map, void *payload_offset) > > Can we make it 'struct augmented_arg *payload_offset' instead? Sure, good idea, that will allow to drop a few casts from the function body. Viktor > > Thanks, > Namhyung > > >> +{ >> + int index, value_size = sizeof(struct augmented_arg) - offsetof(struct augmented_arg, value); >> + s64 aug_size, size; >> + bool augmented; >> + void *arg; >> + >> + arg = (void *)args->args[i]; >> + augmented = false; >> + size = beauty_map[i]; >> + aug_size = size; /* size of the augmented data read from user space */ >> + >> + if (size == 0 || arg == NULL) >> + return 0; >> + >> + if (size == 1) { /* string */ >> + aug_size = bpf_probe_read_user_str(((struct augmented_arg *)payload_offset)->value, value_size, arg); >> + /* minimum of 0 to pass the verifier */ >> + if (aug_size < 0) >> + aug_size = 0; >> + >> + augmented = true; >> + } else if (size > 0 && size <= value_size) { /* struct */ >> + if (!bpf_probe_read_user(((struct augmented_arg *)payload_offset)->value, size, arg)) >> + augmented = true; >> + } else if ((int)size < 0 && size >= -6) { /* buffer */ >> + index = -(size + 1); >> + barrier_var(index); // Prevent clang (noticed with v18) from removing the &= 7 trick. >> + index &= 7; // Satisfy the bounds checking with the verifier in some kernels. >> + aug_size = args->args[index] > TRACE_AUG_MAX_BUF ? TRACE_AUG_MAX_BUF : args->args[index]; >> + >> + if (aug_size > 0) { >> + if (!bpf_probe_read_user(((struct augmented_arg *)payload_offset)->value, aug_size, arg)) >> + augmented = true; >> + } >> + } >> + >> + /* Augmented data size is limited to sizeof(augmented_arg->unnamed union with value field) */ >> + if (aug_size > value_size) >> + aug_size = value_size; >> + >> + /* write data to payload */ >> + if (augmented) { >> + int written = offsetof(struct augmented_arg, value) + aug_size; >> + >> + if (written < 0 || written > sizeof(struct augmented_arg)) >> + return -1; >> + >> + ((struct augmented_arg *)payload_offset)->size = aug_size; >> + return written; >> + } >> + >> + return 0; >> +} >> + >> static int augment_sys_enter(void *ctx, struct syscall_enter_args *args) >> { >> - bool augmented, do_output = false; >> - int zero = 0, index, value_size = sizeof(struct augmented_arg) - offsetof(struct augmented_arg, value); >> + bool do_output = false; >> + int zero = 0, written; >> u64 output = 0; /* has to be u64, otherwise it won't pass the verifier */ >> - s64 aug_size, size; >> unsigned int nr, *beauty_map; >> struct beauty_payload_enter *payload; >> - void *arg, *payload_offset; >> + void *payload_offset; >> >> /* fall back to do predefined tail call */ >> if (args == NULL) >> @@ -457,58 +521,11 @@ static int augment_sys_enter(void *ctx, struct syscall_enter_args *args) >> /* copy the sys_enter header, which has the syscall_nr */ >> __builtin_memcpy(&payload->args, args, sizeof(struct syscall_enter_args)); >> >> - /* >> - * Determine what type of argument and how many bytes to read from user space, using the >> - * value in the beauty_map. This is the relation of parameter type and its corresponding >> - * value in the beauty map, and how many bytes we read eventually: >> - * >> - * string: 1 -> size of string >> - * struct: size of struct -> size of struct >> - * buffer: -1 * (index of paired len) -> value of paired len (maximum: TRACE_AUG_MAX_BUF) >> - */ >> for (int i = 0; i < 6; i++) { >> - arg = (void *)args->args[i]; >> - augmented = false; >> - size = beauty_map[i]; >> - aug_size = size; /* size of the augmented data read from user space */ >> - >> - if (size == 0 || arg == NULL) >> - continue; >> - >> - if (size == 1) { /* string */ >> - aug_size = bpf_probe_read_user_str(((struct augmented_arg *)payload_offset)->value, value_size, arg); >> - /* minimum of 0 to pass the verifier */ >> - if (aug_size < 0) >> - aug_size = 0; >> - >> - augmented = true; >> - } else if (size > 0 && size <= value_size) { /* struct */ >> - if (!bpf_probe_read_user(((struct augmented_arg *)payload_offset)->value, size, arg)) >> - augmented = true; >> - } else if ((int)size < 0 && size >= -6) { /* buffer */ >> - index = -(size + 1); >> - barrier_var(index); // Prevent clang (noticed with v18) from removing the &= 7 trick. >> - index &= 7; // Satisfy the bounds checking with the verifier in some kernels. >> - aug_size = args->args[index] > TRACE_AUG_MAX_BUF ? TRACE_AUG_MAX_BUF : args->args[index]; >> - >> - if (aug_size > 0) { >> - if (!bpf_probe_read_user(((struct augmented_arg *)payload_offset)->value, aug_size, arg)) >> - augmented = true; >> - } >> - } >> - >> - /* Augmented data size is limited to sizeof(augmented_arg->unnamed union with value field) */ >> - if (aug_size > value_size) >> - aug_size = value_size; >> - >> - /* write data to payload */ >> - if (augmented) { >> - int written = offsetof(struct augmented_arg, value) + aug_size; >> - >> - if (written < 0 || written > sizeof(struct augmented_arg)) >> - return 1; >> - >> - ((struct augmented_arg *)payload_offset)->size = aug_size; >> + written = augment_arg(args, i, beauty_map, payload_offset); >> + if (written < 0) >> + return 1; >> + if (written > 0) { >> output += written; >> payload_offset += written; >> do_output = true; >> -- >> 2.54.0 >> >