From: Masami Hiramatsu <mhiramat@kernel.org>
To: Jiri Olsa <jolsa@kernel.org>
Cc: Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
netdev@vger.kernel.org, bpf@vger.kernel.org,
lkml <linux-kernel@vger.kernel.org>,
Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
Yonghong Song <yhs@fb.com>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@chromium.org>,
Steven Rostedt <rostedt@goodmis.org>
Subject: Re: [PATCH 02/10] bpf: Add multi kprobe link
Date: Wed, 23 Feb 2022 14:58:40 +0900 [thread overview]
Message-ID: <20220223145840.64f708ed2357c89039f55f07@kernel.org> (raw)
In-Reply-To: <20220222170600.611515-3-jolsa@kernel.org>
Hi Jiri,
On Tue, 22 Feb 2022 18:05:52 +0100
Jiri Olsa <jolsa@kernel.org> wrote:
[snip]
> +
> +static void
> +kprobe_multi_link_handler(struct fprobe *fp, unsigned long entry_ip,
> + struct pt_regs *regs)
> +{
> + unsigned long saved_ip = instruction_pointer(regs);
> + struct bpf_kprobe_multi_link *link;
> +
> + /*
> + * Because fprobe's regs->ip is set to the next instruction of
> + * dynamic-ftrace instruction, correct entry ip must be set, so
> + * that the bpf program can access entry address via regs as same
> + * as kprobes.
> + */
> + instruction_pointer_set(regs, entry_ip);
This is true for the entry_handler, but false for the exit_handler,
because entry_ip points the probed function address, not the
return address. Thus, when this is done in the exit_handler,
the bpf prog seems to be called from the entry of the function,
not return.
If it is what you expected, please explictly comment it to
avoid confusion. Or, make another handler function for exit
probing.
> +
> + link = container_of(fp, struct bpf_kprobe_multi_link, fp);
> + kprobe_multi_link_prog_run(link, regs);
> +
> + instruction_pointer_set(regs, saved_ip);
> +}
> +
> +static int
> +kprobe_multi_resolve_syms(const void *usyms, u32 cnt,
> + unsigned long *addrs)
> +{
> + unsigned long addr, size;
> + const char **syms;
> + int err = -ENOMEM;
> + unsigned int i;
> + char *func;
> +
> + size = cnt * sizeof(*syms);
> + syms = kvzalloc(size, GFP_KERNEL);
> + if (!syms)
> + return -ENOMEM;
> +
> + func = kmalloc(KSYM_NAME_LEN, GFP_KERNEL);
> + if (!func)
> + goto error;
> +
> + if (copy_from_user(syms, usyms, size)) {
> + err = -EFAULT;
> + goto error;
> + }
> +
> + for (i = 0; i < cnt; i++) {
> + err = strncpy_from_user(func, syms[i], KSYM_NAME_LEN);
> + if (err == KSYM_NAME_LEN)
> + err = -E2BIG;
> + if (err < 0)
> + goto error;
> +
> + err = -EINVAL;
> + if (func[0] == '\0')
> + goto error;
> + addr = kallsyms_lookup_name(func);
> + if (!addr)
> + goto error;
> + if (!kallsyms_lookup_size_offset(addr, &size, NULL))
> + size = MCOUNT_INSN_SIZE;
Note that this is good for x86, but may not be good for other arch
which use some preparation instructions before mcount call.
Maybe you can just reject it if kallsyms_lookup_size_offset() fails.
Thank you,
--
Masami Hiramatsu <mhiramat@kernel.org>
next prev parent reply other threads:[~2022-02-23 5:58 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-22 17:05 [PATCHv2 bpf-next 0/8] bpf: Add kprobe multi link Jiri Olsa
2022-02-22 17:05 ` [PATCH 01/10] lib/sort: Add priv pointer to swap function Jiri Olsa
2022-02-23 3:22 ` Masami Hiramatsu
2022-02-22 17:05 ` [PATCH 02/10] bpf: Add multi kprobe link Jiri Olsa
2022-02-23 5:58 ` Masami Hiramatsu [this message]
2022-02-23 17:44 ` Jiri Olsa
2022-02-24 4:02 ` Masami Hiramatsu
2022-03-04 23:11 ` Andrii Nakryiko
2022-03-06 17:28 ` Jiri Olsa
2022-03-08 1:23 ` Andrii Nakryiko
2022-03-08 14:21 ` Jiri Olsa
2022-02-22 17:05 ` [PATCH 03/10] bpf: Add bpf_get_func_ip kprobe helper for " Jiri Olsa
2022-03-04 23:11 ` Andrii Nakryiko
2022-02-22 17:05 ` [PATCH 04/10] bpf: Add support to inline bpf_get_func_ip helper on x86 Jiri Olsa
2022-02-22 17:05 ` [PATCH 05/10] bpf: Add cookie support to programs attached with kprobe multi link Jiri Olsa
2022-03-04 23:11 ` Andrii Nakryiko
2022-03-06 17:29 ` Jiri Olsa
2022-03-08 1:23 ` Andrii Nakryiko
2022-03-08 14:27 ` Jiri Olsa
2022-02-22 17:05 ` [PATCH 06/10] libbpf: Add libbpf_kallsyms_parse function Jiri Olsa
2022-03-04 23:11 ` Andrii Nakryiko
2022-02-22 17:05 ` [PATCH 07/10] libbpf: Add bpf_link_create support for multi kprobes Jiri Olsa
2022-03-04 23:11 ` Andrii Nakryiko
2022-03-06 17:29 ` Jiri Olsa
2022-02-22 17:05 ` [PATCH 08/10] libbpf: Add bpf_program__attach_kprobe_opts " Jiri Olsa
2022-03-04 23:11 ` Andrii Nakryiko
2022-03-06 17:29 ` Jiri Olsa
2022-03-08 1:28 ` Andrii Nakryiko
2022-03-08 14:23 ` Jiri Olsa
2022-02-22 17:05 ` [PATCH 09/10] selftest/bpf: Add kprobe_multi attach test Jiri Olsa
2022-03-04 23:11 ` Andrii Nakryiko
2022-03-06 17:29 ` Jiri Olsa
2022-02-22 17:06 ` [PATCH 10/10] selftest/bpf: Add kprobe_multi test for bpf_cookie values Jiri Olsa
2022-03-04 23:11 ` Andrii Nakryiko
2022-03-06 17:29 ` Jiri Olsa
2022-03-04 23:10 ` [PATCHv2 bpf-next 0/8] bpf: Add kprobe multi link Andrii Nakryiko
2022-03-06 1:09 ` Steven Rostedt
2022-03-06 1:32 ` Masami Hiramatsu
2022-03-08 1:45 ` Andrii Nakryiko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220223145840.64f708ed2357c89039f55f07@kernel.org \
--to=mhiramat@kernel.org \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kafai@fb.com \
--cc=kpsingh@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=rostedt@goodmis.org \
--cc=songliubraving@fb.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).