From: Menglong Dong <menglong.dong@linux.dev>
To: Menglong Dong <menglong8.dong@gmail.com>,
Steven Rostedt <rostedt@goodmis.org>
Cc: ast@kernel.org, daniel@iogearbox.net, john.fastabend@gmail.com,
andrii@kernel.org, martin.lau@linux.dev, eddyz87@gmail.com,
song@kernel.org, yonghong.song@linux.dev, kpsingh@kernel.org,
sdf@fomichev.me, haoluo@google.com, jolsa@kernel.org,
mhiramat@kernel.org, mark.rutland@arm.com,
mathieu.desnoyers@efficios.com, bpf@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org
Subject: Re: [PATCH RFC bpf-next 0/7] bpf trampoline support "jmp" mode
Date: Fri, 14 Nov 2025 21:58:34 +0800 [thread overview]
Message-ID: <117548898.nniJfEyVGO@7950hx> (raw)
In-Reply-To: <20251114083835.553c9480@gandalf.local.home>
On 2025/11/14 21:38, Steven Rostedt wrote:
> On Fri, 14 Nov 2025 17:24:43 +0800
> Menglong Dong <menglong8.dong@gmail.com> wrote:
>
> > Therefore, we introduce the "jmp" mode for bpf trampoline, as advised by
> > Alexei in [1]. And the logic will become this:
> > call foo -> jmp trampoline -> call foo-body ->
> > return foo-body -> return foo
>
> This obviously only works when there's a single function used by that
> trampoline. It also doesn't allow tracing of the return side (it's
> basically just the function tracer for a single function).
Hi, Steven. I think you misunderstand something? For the fentry/fexit,
the whole process is:
call foo -> jmp trampoline -> call all the fentry bpf progs ->
call foo-body -> return foo-body -> call all the fexit bpf progs
-> return foo.
The "call foo-body" means "origin call", and it will store the
return value of the traced function to the stack, therefore the
fexit progs can get it.
So it can trace the return side with the "fexit". And it's almost the
same as the origin logic of the bpf trampoline:
call foo -> call trampoline -> call all the fentry bpf progs ->
call foo-body -> return foo-body -> call all the fexit bpf progs
-> skip the rip -> return foo.
What I did here is just replace the "call trampoline" to
"jmp trampoline".
>
> Is there any mechanism to make sure that the trampoline being called is
> only used by that one function? I haven't looked at the code yet, but
> should there be a test that makes sure a trampoline isn't registered for
> two or more different functions?
As for now, the bpf trampoline is per-function. Every trampoline
has a unique key, and we find the trampoline for the target function
by that key. So it can't be used by two or more different functions.
If the trampoline need to get the ip of the origin call from the stack,
such as BPF_TRAMP_F_SHARE_IPMODIFY case, we will fallback to the
"call" mode, as we can't get the rip from the stack in the "jmp" mode.
And I think this is what you mean "only work for a single function"?
Yeah, we fallback on such case.
Thanks!
Menglong Dong
>
> -- Steve
>
>
next prev parent reply other threads:[~2025-11-14 13:59 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-14 9:24 [PATCH RFC bpf-next 0/7] bpf trampoline support "jmp" mode Menglong Dong
2025-11-14 9:24 ` [PATCH RFC bpf-next 1/7] ftrace: introduce FTRACE_OPS_FL_JMP Menglong Dong
2025-11-14 10:20 ` bot+bpf-ci
2025-11-14 10:57 ` Menglong Dong
2025-11-14 9:24 ` [PATCH RFC bpf-next 2/7] x86/ftrace: implement DYNAMIC_FTRACE_WITH_JMP Menglong Dong
2025-11-14 16:39 ` Steven Rostedt
2025-11-15 2:12 ` Menglong Dong
2025-11-14 9:24 ` [PATCH RFC bpf-next 3/7] bpf: fix the usage of BPF_TRAMP_F_SKIP_FRAME Menglong Dong
2025-11-14 18:23 ` Alexei Starovoitov
2025-11-14 9:24 ` [PATCH RFC bpf-next 4/7] bpf,x86: adjust the "jmp" mode for bpf trampoline Menglong Dong
2025-11-14 18:22 ` Alexei Starovoitov
2025-11-15 2:14 ` Menglong Dong
2025-11-14 9:24 ` [PATCH RFC bpf-next 5/7] bpf: introduce bpf_arch_text_poke_type Menglong Dong
2025-11-14 10:20 ` bot+bpf-ci
2025-11-14 18:41 ` Alexei Starovoitov
2025-11-15 2:26 ` Menglong Dong
2025-11-14 9:24 ` [PATCH RFC bpf-next 6/7] bpf,x86: implement bpf_arch_text_poke_type for x86_64 Menglong Dong
2025-11-14 9:24 ` [PATCH RFC bpf-next 7/7] bpf: implement "jmp" mode for trampoline Menglong Dong
2025-11-14 18:50 ` Alexei Starovoitov
2025-11-15 2:39 ` Menglong Dong
2025-11-15 2:42 ` Alexei Starovoitov
2025-11-14 13:38 ` [PATCH RFC bpf-next 0/7] bpf trampoline support "jmp" mode Steven Rostedt
2025-11-14 13:58 ` Menglong Dong [this message]
2025-11-14 16:28 ` Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=117548898.nniJfEyVGO@7950hx \
--to=menglong.dong@linux.dev \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=haoluo@google.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=martin.lau@linux.dev \
--cc=mathieu.desnoyers@efficios.com \
--cc=menglong8.dong@gmail.com \
--cc=mhiramat@kernel.org \
--cc=rostedt@goodmis.org \
--cc=sdf@fomichev.me \
--cc=song@kernel.org \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox