[PATCH] tracing: perf_call_bpf: use struct trace_entry in struct syscall_tp

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] tracing: perf_call_bpf: use struct trace_entry in struct syscall_tp_t
@ 2023-07-27 15:05 Yauheni Kaliuta
  2023-07-27 15:08 ` Yauheni Kaliuta
  0 siblings, 1 reply; 2+ messages in thread
From: Yauheni Kaliuta @ 2023-07-27 15:05 UTC (permalink / raw)
  To: bpf; +Cc: andrii, ast, Yauheni Kaliuta

bpf tracepoint program uses struct trace_event_raw_sys_enter as
argument where trace_entry is the first field. Use the same instead
of unsigned long long since if it's amended (for example by RT
patch) it accesses data with wrong offset.

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
---
 kernel/trace/trace_syscalls.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/kernel/trace/trace_syscalls.c b/kernel/trace/trace_syscalls.c
index 942ddbdace4a..07f4fa395e99 100644
--- a/kernel/trace/trace_syscalls.c
+++ b/kernel/trace/trace_syscalls.c
@@ -555,12 +555,15 @@ static int perf_call_bpf_enter(struct trace_event_call *call, struct pt_regs *re
 			       struct syscall_trace_enter *rec)
 {
 	struct syscall_tp_t {
-		unsigned long long regs;
+		struct trace_entry ent;
 		unsigned long syscall_nr;
 		unsigned long args[SYSCALL_DEFINE_MAXARGS];
 	} param;
 	int i;
 
+	BUILD_BUG_ON(sizeof(param.ent) < sizeof(void *));
+
+	/* __bpf_prog_run() requires *regs as the first parameter */
 	*(struct pt_regs **)&param = regs;
 	param.syscall_nr = rec->nr;
 	for (i = 0; i < sys_data->nb_args; i++)
@@ -657,11 +660,14 @@ static int perf_call_bpf_exit(struct trace_event_call *call, struct pt_regs *reg
 			      struct syscall_trace_exit *rec)
 {
 	struct syscall_tp_t {
-		unsigned long long regs;
+		struct trace_entry ent;
 		unsigned long syscall_nr;
 		unsigned long ret;
 	} param;
 
+	BUILD_BUG_ON(sizeof(param.ent) < sizeof(void *));
+
+	/* __bpf_prog_run() requires *regs as the first parameter */
 	*(struct pt_regs **)&param = regs;
 	param.syscall_nr = rec->nr;
 	param.ret = rec->ret;
-- 
2.41.0


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] tracing: perf_call_bpf: use struct trace_entry in struct syscall_tp_t
  2023-07-27 15:05 [PATCH] tracing: perf_call_bpf: use struct trace_entry in struct syscall_tp_t Yauheni Kaliuta
@ 2023-07-27 15:08 ` Yauheni Kaliuta
  0 siblings, 0 replies; 2+ messages in thread
From: Yauheni Kaliuta @ 2023-07-27 15:08 UTC (permalink / raw)
  To: bpf; +Cc: andrii, ast


Resending with proper subject.

>>>>> On Thu, 27 Jul 2023 18:05:34 +0300, Yauheni Kaliuta  wrote:

 > bpf tracepoint program uses struct trace_event_raw_sys_enter as
 > argument where trace_entry is the first field. Use the same instead
 > of unsigned long long since if it's amended (for example by RT
 > patch) it accesses data with wrong offset.

 > Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
 > ---
 >  kernel/trace/trace_syscalls.c | 10 ++++++++--
 >  1 file changed, 8 insertions(+), 2 deletions(-)

 > diff --git a/kernel/trace/trace_syscalls.c b/kernel/trace/trace_syscalls.c
 > index 942ddbdace4a..07f4fa395e99 100644
 > --- a/kernel/trace/trace_syscalls.c
 > +++ b/kernel/trace/trace_syscalls.c
 > @@ -555,12 +555,15 @@ static int perf_call_bpf_enter(struct trace_event_call *call, struct pt_regs *re
 >  			       struct syscall_trace_enter *rec)
 >  {
 >  	struct syscall_tp_t {
 > -		unsigned long long regs;
 > +		struct trace_entry ent;
 >  		unsigned long syscall_nr;
 >  		unsigned long args[SYSCALL_DEFINE_MAXARGS];
 >  	} param;
 >  	int i;
 
 > +	BUILD_BUG_ON(sizeof(param.ent) < sizeof(void *));
 > +
 > +	/* __bpf_prog_run() requires *regs as the first parameter */
 >  	*(struct pt_regs **)&param = regs;
 >  	param.syscall_nr = rec->nr;
 >  	for (i = 0; i < sys_data->nb_args; i++)
 > @@ -657,11 +660,14 @@ static int perf_call_bpf_exit(struct trace_event_call *call, struct pt_regs *reg
 >  			      struct syscall_trace_exit *rec)
 >  {
 >  	struct syscall_tp_t {
 > -		unsigned long long regs;
 > +		struct trace_entry ent;
 >  		unsigned long syscall_nr;
 >  		unsigned long ret;
 >  	} param;
 
 > +	BUILD_BUG_ON(sizeof(param.ent) < sizeof(void *));
 > +
 > +	/* __bpf_prog_run() requires *regs as the first parameter */
 >  	*(struct pt_regs **)&param = regs;
 >  	param.syscall_nr = rec->nr;
 >  	param.ret = rec->ret;
 > -- 

 > 2.41.0


-- 
WBR,
Yauheni Kaliuta


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-07-27 15:08 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-27 15:05 [PATCH] tracing: perf_call_bpf: use struct trace_entry in struct syscall_tp_t Yauheni Kaliuta
2023-07-27 15:08 ` Yauheni Kaliuta

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.