* CONFIG_X86_X32_ABI silently breaks some fentry hooks
@ 2024-10-09 18:58 Martin Kelly
2024-12-06 23:08 ` Martin Kelly
0 siblings, 1 reply; 2+ messages in thread
From: Martin Kelly @ 2024-10-09 18:58 UTC (permalink / raw)
To: bpf@vger.kernel.org
Cc: daniel@iogearbox.net, ast@kernel.org, andrii@kernel.org,
john.fastabend@gmail.com
[-- Attachment #1: Type: text/plain, Size: 1680 bytes --]
Hi all, I want to report a very strange issues I found. Specifically,
on latest master, I found that setting CONFIG_X86_X32_ABI=y causes some
fentry BPF hooks to be silently ignored. Most hooks still work fine,
but some do not, and the same function works fine as a kprobe. The
issue appears to be 100% reproducible for a given function hook.
I checked and verified that the hook is not hit according to the BPF
stats (kernel.bpf_stats_enabled=1), and I also didn't see the program
getting run when it should in gdb. As far as I can tell from gdb, the
trampoline code is still getting patched in, but the BPF program is not
later getting invoked.
The steps I used to reproduce are as follows:
- Checkout latest master. I tested with 75b607fab38d ("Merge tag
'sched_ext-for-6.12-rc2-fixes'").
- make localmodconfig or similar, enabling relevant BPF options for
trampolines and BTF. I can send the full config I used if that's
helpful, but I think most config options don't affect this.
- Set CONFIG_X86_X32_ABI=y
- Compile and boot the kernel and run the following bpftrace command:
bpftrace -e 'kfunc:acct_process { printf("acct_process called\n"); }'
- In another terminal, run some processes, which should normally cause
some output from this command. You should get no output.
Note that a similar command (bpftrace -e 'kfunc:acct_collect {
printf("acct_collect called\n"); }'), hooking a similar function called
in the same code path, still produces output, as does a kprobe of
acct_process (sudo bpftrace -e 'kprobe:acct_process {
printf("acct_process called\n"); }'). Also, with CONFIG_X86_X32_ABI=n,
the acct_process hook works correctly.
[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 5104 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: CONFIG_X86_X32_ABI silently breaks some fentry hooks
2024-10-09 18:58 CONFIG_X86_X32_ABI silently breaks some fentry hooks Martin Kelly
@ 2024-12-06 23:08 ` Martin Kelly
0 siblings, 0 replies; 2+ messages in thread
From: Martin Kelly @ 2024-12-06 23:08 UTC (permalink / raw)
To: bpf@vger.kernel.org
Cc: daniel@iogearbox.net, ast@kernel.org, andrii@kernel.org,
john.fastabend@gmail.com
On Wed, 2024-10-09 at 11:58 -0700, Martin Kelly wrote:
> Hi all, I want to report a very strange issues I found. Specifically,
> on latest master, I found that setting CONFIG_X86_X32_ABI=y causes
> some
> fentry BPF hooks to be silently ignored. Most hooks still work fine,
> but some do not, and the same function works fine as a kprobe. The
> issue appears to be 100% reproducible for a given function hook.
>
This was root-caused to be the same issue as the one addressed in this
(unmerged) patch series:
https://lore.kernel.org/lkml/20240723063258.2240610-1-zhengyejian@huaweicloud.com/
Essentially this has to do with ftrace and weak functions.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-12-06 23:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-10-09 18:58 CONFIG_X86_X32_ABI silently breaks some fentry hooks Martin Kelly
2024-12-06 23:08 ` Martin Kelly
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox