From: Leon Hwang <hffilwlqm@gmail.com>
To: Yonghong Song <yonghong.song@linux.dev>,
Zheao Li <me@manjusaka.me>, Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
John Fastabend <john.fastabend@gmail.com>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <martin.lau@linux.dev>,
Eduard Zingerman <eddyz87@gmail.com>, Song Liu <song@kernel.org>,
KP Singh <kpsingh@kernel.org>,
Stanislav Fomichev <sdf@fomichev.me>, Hao Luo <haoluo@google.com>,
Jiri Olsa <jolsa@kernel.org>
Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH bpf-next v2] bpf: Add bpf_check_attach_target_with_klog method to output failure logs to kernel
Date: Thu, 25 Jul 2024 15:32:59 +0800 [thread overview]
Message-ID: <2c6b1737-0a96-44ed-afe9-655444121984@gmail.com> (raw)
In-Reply-To: <6511ce2a-1c7d-497c-aeb6-d4f0b17271ed@linux.dev>
On 25/7/24 14:09, Yonghong Song wrote:
>
> On 7/24/24 11:05 PM, Leon Hwang wrote:
>>
>> On 25/7/24 13:54, Yonghong Song wrote:
>>> On 7/24/24 10:15 PM, Zheao Li wrote:
>>>> This is a v2 patch, previous Link:
>>>> https://lore.kernel.org/bpf/20240724152521.20546-1-me@manjusaka.me/T/#u
>>>>
>>>> Compare with v1:
>>>>
>>>> 1. Format the code style and signed-off field
>>>> 2. Use a shorter name bpf_check_attach_target_with_klog instead of
>>>> original name bpf_check_attach_target_with_kernel_log
>>>>
>>>> When attaching a freplace hook, failures can occur,
>>>> but currently, no output is provided to help developers diagnose the
>>>> root cause.
>>>>
>>>> This commit adds a new method, bpf_check_attach_target_with_klog,
>>>> which outputs the verifier log to the kernel.
>>>> Developers can then use dmesg to obtain more detailed information
>>>> about the failure.
>>>>
>>>> For an example of eBPF code,
>>>> Link:
>>>> https://github.com/Asphaltt/learn-by-example/blob/main/ebpf/freplace/main.go
>>>>
>>>> Co-developed-by: Leon Hwang <hffilwlqm@gmail.com>
>>>> Signed-off-by: Leon Hwang <hffilwlqm@gmail.com>
>>>> Signed-off-by: Zheao Li <me@manjusaka.me>
>>>> ---
>>>> include/linux/bpf_verifier.h | 5 +++++
>>>> kernel/bpf/syscall.c | 5 +++--
>>>> kernel/bpf/trampoline.c | 6 +++---
>>>> kernel/bpf/verifier.c | 19 +++++++++++++++++++
>>>> 4 files changed, 30 insertions(+), 5 deletions(-)
>>>>
>>>> diff --git a/include/linux/bpf_verifier.h
>>>> b/include/linux/bpf_verifier.h
>>>> index 5cea15c81b8a..8eddba62c194 100644
>>>> --- a/include/linux/bpf_verifier.h
>>>> +++ b/include/linux/bpf_verifier.h
>>>> @@ -848,6 +848,11 @@ static inline void bpf_trampoline_unpack_key(u64
>>>> key, u32 *obj_id, u32 *btf_id)
>>>> *btf_id = key & 0x7FFFFFFF;
>>>> }
>>>> +int bpf_check_attach_target_with_klog(const struct bpf_prog *prog,
>>>> + const struct bpf_prog *tgt_prog,
>>>> + u32 btf_id,
>>>> + struct bpf_attach_target_info *tgt_info);
>>> format issue in the above. Same code alignment is needed for arguments
>>> in different lines.
>>>
>>>> +
>>>> int bpf_check_attach_target(struct bpf_verifier_log *log,
>>>> const struct bpf_prog *prog,
>>>> const struct bpf_prog *tgt_prog,
>>>> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
>>>> index 869265852d51..bf826fcc8cf4 100644
>>>> --- a/kernel/bpf/syscall.c
>>>> +++ b/kernel/bpf/syscall.c
>>>> @@ -3464,8 +3464,9 @@ static int bpf_tracing_prog_attach(struct
>>>> bpf_prog *prog,
>>>> */
>>>> struct bpf_attach_target_info tgt_info = {};
>>>> - err = bpf_check_attach_target(NULL, prog, tgt_prog, btf_id,
>>>> - &tgt_info);
>>>> + err = bpf_check_attach_target_with_klog(prog, NULL,
>>>> + prog->aux->attach_btf_id,
>>>> + &tgt_info);
>>> code alignment issue here as well.
>>> Also, the argument should be 'prog, tgt_prog, btf_id, &tgt_info', right?
>>>
>>>> if (err)
>>>> goto out_unlock;
>>>> diff --git a/kernel/bpf/trampoline.c b/kernel/bpf/trampoline.c
>>>> index f8302a5ca400..8862adaa7302 100644
>>>> --- a/kernel/bpf/trampoline.c
>>>> +++ b/kernel/bpf/trampoline.c
>>>> @@ -699,9 +699,9 @@ int bpf_trampoline_link_cgroup_shim(struct
>>>> bpf_prog *prog,
>>>> u64 key;
>>>> int err;
>>>> - err = bpf_check_attach_target(NULL, prog, NULL,
>>>> - prog->aux->attach_btf_id,
>>>> - &tgt_info);
>>>> + err = bpf_check_attach_target_with_klog(prog, NULL,
>>>> + prog->aux->attach_btf_id,
>>>> + &tgt_info);
>>> code alignment issue here
>>>
>>>> if (err)
>>>> return err;
>>>> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
>>>> index 1f5302fb0957..4873b72f5a9a 100644
>>>> --- a/kernel/bpf/verifier.c
>>>> +++ b/kernel/bpf/verifier.c
>>>> @@ -21643,6 +21643,25 @@ static int
>>>> check_non_sleepable_error_inject(u32 btf_id)
>>>> return btf_id_set_contains(&btf_non_sleepable_error_inject,
>>>> btf_id);
>>>> }
>>>> +int bpf_check_attach_target_with_klog(const struct bpf_prog *prog,
>>>> + const struct bpf_prog *tgt_prog,
>>>> + u32 btf_id,
>>>> + struct bpf_attach_target_info *tgt_info);
>>> code alignment issue here.
>>>
>>>> +{
>>>> + struct bpf_verifier_log *log;
>>>> + int err;
>>>> +
>>>> + log = kzalloc(sizeof(*log), GFP_KERNEL | __GFP_NOWARN);
>>> __GFP_NOWARN is unnecessary here.
>>>
>>>> + if (!log) {
>>>> + err = -ENOMEM;
>>>> + return err;
>>>> + }
>>>> + log->level = BPF_LOG_KERNEL;
>>>> + err = bpf_check_attach_target(log, prog, tgt_prog, btf_id,
>>>> tgt_info);
>>>> + kfree(log);
>>>> + return err;
>>>> +}
>>>> +
>>>> int bpf_check_attach_target(struct bpf_verifier_log *log,
>>>> const struct bpf_prog *prog,
>>>> const struct bpf_prog *tgt_prog,
>>> More importantly, Andrii has implemented retsnoop, which intends to
>>> locate
>>> precise location in the kernel where err happens. The link is
>>> https://github.com/anakryiko/retsnoop
>>>
>>> Maybe you want to take a look and see whether it can resolve your issue.
>>> We should really avoid putting more stuff in dmesg whenever possible.
>>>
>> retsnoop is really cool.
>>
>> However, when something wrong in bpf_check_attach_target(), retsnoop
>> only gets its return value -EINVAL, without any bpf_log() in it. It's
>> hard to figure out the reason why bpf_check_attach_target() returns
>> -EINVAL.
>
> It should have line number like below in
> https://github.com/anakryiko/retsnoop
>
> |$ sudo ./retsnoop -e '*sys_bpf' -a ':kernel/bpf/*.c' Receiving data...
> 20:19:36.372607 -> 20:19:36.372682 TID/PID 8346/8346 (simfail/simfail):
> entry_SYSCALL_64_after_hwframe+0x63 (arch/x86/entry/entry_64.S:120:0)
> do_syscall_64+0x35 (arch/x86/entry/common.c:80:7) . do_syscall_x64
> (arch/x86/entry/common.c:50:12) 73us [-ENOMEM] __x64_sys_bpf+0x1a
> (kernel/bpf/syscall.c:5067:1) 70us [-ENOMEM] __sys_bpf+0x38b
> (kernel/bpf/syscall.c:4947:9) . map_create (kernel/bpf/syscall.c:1106:8)
> . find_and_alloc_map (kernel/bpf/syscall.c:132:5) ! 50us [-ENOMEM]
> array_map_alloc !* 2us [NULL] bpf_map_alloc_percpu Could you double
> check? It does need corresponding kernel source though. |
>
I have a try on an Ubuntu 24.04 VM, whose kernel is 6.8.0-39-generic.
$ sudo retsnoop -e '*sys_bpf' -a ':kernel/bpf/*.c' -T
Receiving data...
07:18:38.643643 -> 07:18:38.643728 TID/PID 6042/6039 (freplace/freplace):
FUNCTION CALL TRACE RESULT
DURATION
---------------------------------------------------
-------------------- --------
→ __x64_sys_bpf
→ __sys_bpf
↔ bpf_check_uarg_tail_zero [0]
2.376us
→ link_create
↔ __bpf_prog_get
[0xffffb55f40db3000] 2.796us
↔ bpf_prog_attach_check_attach_type [0]
2.260us
→ bpf_tracing_prog_attach
↔ __bpf_prog_get
[0xffffb55f40d71000] 9.455us
→ bpf_check_attach_target
→ btf_check_type_match
→ btf_check_func_type_match
↔ bpf_log [void]
2.578us
← btf_check_func_type_match [-EINVAL]
7.659us
← btf_check_type_match [-EINVAL]
15.950us
← bpf_check_attach_target [-EINVAL]
22.397us
↔ __bpf_prog_put [void]
2.323us
← bpf_tracing_prog_attach [-EINVAL]
45.509us
↔ __bpf_prog_put [void]
2.182us
← link_create [-EINVAL]
66.445us
← __sys_bpf [-EINVAL]
77.347us
← __x64_sys_bpf [-EINVAL]
81.979us
entry_SYSCALL_64_after_hwframe+0x78
(arch/x86/entry/entry_64.S:130:0)
do_syscall_64+0x7f
(arch/x86/entry/common.c:83:7)
. do_syscall_x64
(arch/x86/entry/common.c:52:12)
x64_sys_call+0x1936
(arch/x86/entry/syscall_64.c:33:1)
81us [-EINVAL] __x64_sys_bpf+0x1a
(kernel/bpf/syscall.c:5588:1)
77us [-EINVAL] __sys_bpf+0x4ae
(kernel/bpf/syscall.c:5556:9)
! 66us [-EINVAL] link_create
!* 45us [-EINVAL] bpf_tracing_prog_attach
!* 22us [-EINVAL] bpf_check_attach_target
!* 15us [-EINVAL] btf_check_type_match
!* 7us [-EINVAL] btf_check_func_type_match
P.S. Check
https://gist.github.com/Asphaltt/883fd7362968f7747e820d63a9519971 to
have a better view of this output.
When attach freplace prog to a static-noline subprog, there is a
bpf_log() in btf_check_func_type_match(). However, I don't know what
bpf_log() logs.
With this patch, we are able to figure out what bpf_log() logs.
Therefore, we are able to figure out the reason why it fails to attach
freplace prog.
Thanks,
Leon
next prev parent reply other threads:[~2024-07-25 7:33 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-25 5:15 [PATCH bpf-next v2] bpf: Add bpf_check_attach_target_with_klog method to output failure logs to kernel Zheao Li
2024-07-25 5:54 ` Yonghong Song
2024-07-25 6:05 ` Leon Hwang
2024-07-25 6:09 ` Yonghong Song
2024-07-25 6:32 ` Manjusaka
2024-07-25 16:51 ` Alexei Starovoitov
2024-07-25 7:32 ` Leon Hwang [this message]
2024-07-25 21:27 ` Andrii Nakryiko
2024-07-26 2:57 ` Leon Hwang
2024-07-27 0:12 ` Andrii Nakryiko
2024-07-27 4:04 ` Leon Hwang
2024-07-29 21:01 ` Andrii Nakryiko
2024-07-30 3:32 ` Leon Hwang
2024-07-30 17:28 ` Andrii Nakryiko
2024-07-31 3:31 ` Leon Hwang
2024-08-01 16:59 ` Andrii Nakryiko
2024-08-02 5:35 ` Leon Hwang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2c6b1737-0a96-44ed-afe9-655444121984@gmail.com \
--to=hffilwlqm@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=haoluo@google.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=me@manjusaka.me \
--cc=sdf@fomichev.me \
--cc=song@kernel.org \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox