From: Dominique Martinet <asmadeus@codewreck.org>
To: bpf@vger.kernel.org
Cc: Steven Rostedt <rostedt@goodmis.org>,
Ingo Molnar <mingo@redhat.com>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
Yonghong Song <yhs@fb.com>, Andrii Nakryiko <andrii@kernel.org>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@chromium.org>
Subject: [RFC PATCH] bpf: tracing: refuse kprobe override without dynamic ftrace
Date: Fri, 6 Nov 2020 17:03:31 +0100 [thread overview]
Message-ID: <20201106160331.GA6879@nautica> (raw)
[-- Attachment #1: Type: text/plain, Size: 1861 bytes --]
The override itself apparently silently fails if CONFIG_DYNAMIC_FTRACE
is unset - it's better to refuse the probe early
Signed-off-by: Dominique Martinet <asmadeus@codewreck.org>
---
I'm actually not sure WHAT fails exactly, but I've been playing with
bpftrace in small VMs and one of these make override() not working:
$ diff -U0 ../linux-test/.config .config | grep -E '[+-]C'
+CONFIG_KPROBES_ON_FTRACE=y
+CONFIG_DYNAMIC_FTRACE=y
+CONFIG_DYNAMIC_FTRACE_WITH_REGS=y
+CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y
+CONFIG_FTRACE_MCOUNT_RECORD=y
with this test command:
# bpftrace -e 'k:__x64_sys_getuid { printf("test\n"); override(10); }' --unsafe -c /bin/id
I'm a bit confused because now I'm testing the print now longer works
either and I'm pretty sure I had some configuration where the print
worked without the override hmm.. full non-working .config attached
if someone wants to have a look.
So anyway I'm probably checking the wrong thing at the wrong place, and
the lack of error message annoys me, but if we can save the next person
like me some time to investigate why override() doesn't work please
advise on what to check and I'll be glad to send a better patch -- I
don't think we should allow non-working probes to be attached.
kernel/trace/bpf_trace.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 4517c8b66518..18e3178c1568 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -1909,6 +1909,11 @@ int perf_event_attach_bpf_prog(struct perf_event *event,
struct bpf_prog_array *new_array;
int ret = -EEXIST;
+#ifndef CONFIG_DYNAMIC_FTRACE
+ if (prog->kprobe_override)
+ return -EINVAL;
+#endif
+
/*
* Kprobe override only works if they are on the function entry,
* and only if they are on the opt-in list.
--
2.28.0
[-- Attachment #2: .config.xz --]
[-- Type: application/octet-stream, Size: 14992 bytes --]
reply other threads:[~2020-11-06 16:03 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201106160331.GA6879@nautica \
--to=asmadeus@codewreck.org \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=kpsingh@chromium.org \
--cc=mingo@redhat.com \
--cc=rostedt@goodmis.org \
--cc=songliubraving@fb.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox