From: Yonghong Song <yonghong.song@linux.dev>
To: Yauheni Kaliuta <ykaliuta@redhat.com>, bpf@vger.kernel.org
Cc: andrii@kernel.org, ast@kernel.org
Subject: Re: [PATCH bpf-next] tracing: perf_call_bpf: use struct trace_entry in struct syscall_tp_t
Date: Thu, 27 Jul 2023 10:37:10 -0700 [thread overview]
Message-ID: <33b93245-6740-e2e7-3a2a-6a9375d7ddc4@linux.dev> (raw)
In-Reply-To: <20230727150647.397626-1-ykaliuta@redhat.com>
On 7/27/23 8:06 AM, Yauheni Kaliuta wrote:
> bpf tracepoint program uses struct trace_event_raw_sys_enter as
> argument where trace_entry is the first field. Use the same instead
> of unsigned long long since if it's amended (for example by RT
> patch) it accesses data with wrong offset.
Is this 'amended by RT patch' a real thing?
>
> Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
> ---
> kernel/trace/trace_syscalls.c | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/trace/trace_syscalls.c b/kernel/trace/trace_syscalls.c
> index 942ddbdace4a..07f4fa395e99 100644
> --- a/kernel/trace/trace_syscalls.c
> +++ b/kernel/trace/trace_syscalls.c
> @@ -555,12 +555,15 @@ static int perf_call_bpf_enter(struct trace_event_call *call, struct pt_regs *re
> struct syscall_trace_enter *rec)
> {
> struct syscall_tp_t {
> - unsigned long long regs;
> + struct trace_entry ent;
> unsigned long syscall_nr;
> unsigned long args[SYSCALL_DEFINE_MAXARGS];
> } param;
I suspect we may have issues for 32bit kernel.
In 32bit kernel, with the change, the alignment for
param could be 4. That means, the 'ctx' pointer
may have an alignment 4 for bpf program, if user
tries to do ctx->regs, which will be a mis-aligned
access and it may not work for all architectures.
> int i;
>
> + BUILD_BUG_ON(sizeof(param.ent) < sizeof(void *));
> +
> + /* __bpf_prog_run() requires *regs as the first parameter */
> *(struct pt_regs **)¶m = regs;
> param.syscall_nr = rec->nr;
> for (i = 0; i < sys_data->nb_args; i++)
> @@ -657,11 +660,14 @@ static int perf_call_bpf_exit(struct trace_event_call *call, struct pt_regs *reg
> struct syscall_trace_exit *rec)
> {
> struct syscall_tp_t {
> - unsigned long long regs;
> + struct trace_entry ent;
> unsigned long syscall_nr;
> unsigned long ret;
> } param;
>
> + BUILD_BUG_ON(sizeof(param.ent) < sizeof(void *));
You already have BUILD_BUG_ON in perf_call_enter. There is no need
to have another one here.
> +
> + /* __bpf_prog_run() requires *regs as the first parameter */
> *(struct pt_regs **)¶m = regs;
> param.syscall_nr = rec->nr;
> param.ret = rec->ret;
next prev parent reply other threads:[~2023-07-27 17:37 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-27 15:06 [PATCH bpf-next] tracing: perf_call_bpf: use struct trace_entry in struct syscall_tp_t Yauheni Kaliuta
2023-07-27 17:37 ` Yonghong Song [this message]
2023-07-28 10:02 ` Yauheni Kaliuta
2023-07-28 14:27 ` [PATCH bpf-next v2] " Yauheni Kaliuta
2023-07-28 16:44 ` Yonghong Song
2023-07-31 8:07 ` Yauheni Kaliuta
2023-07-31 18:20 ` Yonghong Song
2023-08-01 7:49 ` Yauheni Kaliuta
2023-08-01 7:52 ` [PATCH bpf-next v3] " Yauheni Kaliuta
2023-08-01 14:31 ` Yonghong Song
2023-08-01 18:00 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=33b93245-6740-e2e7-3a2a-6a9375d7ddc4@linux.dev \
--to=yonghong.song@linux.dev \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=ykaliuta@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox