Re: [PATCH 4/4] tracing/eprobes: Have event probes be consistent with kprobes and uprobes

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

From: Masami Hiramatsu (Google) <mhiramat@kernel.org>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: linux-kernel@vger.kernel.org, Ingo Molnar <mingo@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	Tzvetomir Stoyanov <tz.stoyanov@gmail.com>,
	Tom Zanussi <zanussi@kernel.org>,
	stable@vger.kernel.org
Subject: Re: [PATCH 4/4] tracing/eprobes: Have event probes be consistent with kprobes and uprobes
Date: Sat, 20 Aug 2022 22:04:42 +0900	[thread overview]
Message-ID: <20220820220442.776e1ddaf8836e82edb34d01@kernel.org> (raw)
In-Reply-To: <20220820014833.395997394@goodmis.org>

On Fri, 19 Aug 2022 21:40:39 -0400
Steven Rostedt <rostedt@goodmis.org> wrote:

> From: "Steven Rostedt (Google)" <rostedt@goodmis.org>
> 
> Currently, if a symbol "@" is attempted to be used with an event probe
> (eprobes), it will cause a NULL pointer dereference crash.
> 
> Both kprobes and uprobes can reference data other than the main registers.
> Such as immediate address, symbols and the current task name. Have eprobes
> do the same thing.
> 
> For "comm", if "comm" is used and the event being attached to does not
> have the "comm" field, then make it the "$comm" that kprobes has. This is
> consistent to the way histograms and filters work.

Hmm, I think I would better allow user to use $COMM to get comm string
for kprobe/uprobe event users too. (There are many special variables...)
Anyway, this looks good to me.

Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>

Thank you!

> 
> Cc: stable@vger.kernel.org
> Fixes: 7491e2c44278 ("tracing: Add a probe that attaches to trace events")
> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
> ---
>  kernel/trace/trace_eprobe.c | 67 +++++++++++++++++++++++++++++++++----
>  1 file changed, 61 insertions(+), 6 deletions(-)
> 
> diff --git a/kernel/trace/trace_eprobe.c b/kernel/trace/trace_eprobe.c
> index a1d3423ab74f..63218a541217 100644
> --- a/kernel/trace/trace_eprobe.c
> +++ b/kernel/trace/trace_eprobe.c
> @@ -227,6 +227,7 @@ static int trace_eprobe_tp_arg_update(struct trace_eprobe *ep, int i)
>  	struct probe_arg *parg = &ep->tp.args[i];
>  	struct ftrace_event_field *field;
>  	struct list_head *head;
> +	int ret = -ENOENT;
>  
>  	head = trace_get_fields(ep->event);
>  	list_for_each_entry(field, head, link) {
> @@ -236,9 +237,17 @@ static int trace_eprobe_tp_arg_update(struct trace_eprobe *ep, int i)
>  			return 0;
>  		}
>  	}
> +
> +	/* Argument no found on event. But allow for comm and COMM to be used */
> +	if (strcmp(parg->code->data, "COMM") == 0 ||
> +	    strcmp(parg->code->data, "comm") == 0) {
> +		parg->code->op = FETCH_OP_COMM;
> +		ret = 0;
> +	}
> +
>  	kfree(parg->code->data);
>  	parg->code->data = NULL;
> -	return -ENOENT;
> +	return ret;
>  }
>  
>  static int eprobe_event_define_fields(struct trace_event_call *event_call)
> @@ -363,16 +372,38 @@ static unsigned long get_event_field(struct fetch_insn *code, void *rec)
>  
>  static int get_eprobe_size(struct trace_probe *tp, void *rec)
>  {
> +	struct fetch_insn *code;
>  	struct probe_arg *arg;
>  	int i, len, ret = 0;
>  
>  	for (i = 0; i < tp->nr_args; i++) {
>  		arg = tp->args + i;
> -		if (unlikely(arg->dynamic)) {
> +		if (arg->dynamic) {
>  			unsigned long val;
>  
> -			val = get_event_field(arg->code, rec);
> -			len = process_fetch_insn_bottom(arg->code + 1, val, NULL, NULL);
> +			code = arg->code;
> + retry:
> +			switch (code->op) {
> +			case FETCH_OP_TP_ARG:
> +				val = get_event_field(code, rec);
> +				break;
> +			case FETCH_OP_IMM:
> +				val = code->immediate;
> +				break;
> +			case FETCH_OP_COMM:
> +				val = (unsigned long)current->comm;
> +				break;
> +			case FETCH_OP_DATA:
> +				val = (unsigned long)code->data;
> +				break;
> +			case FETCH_NOP_SYMBOL:	/* Ignore a place holder */
> +				code++;
> +				goto retry;
> +			default:
> +				continue;
> +			}
> +			code++;
> +			len = process_fetch_insn_bottom(code, val, NULL, NULL);
>  			if (len > 0)
>  				ret += len;
>  		}
> @@ -390,8 +421,28 @@ process_fetch_insn(struct fetch_insn *code, void *rec, void *dest,
>  {
>  	unsigned long val;
>  
> -	val = get_event_field(code, rec);
> -	return process_fetch_insn_bottom(code + 1, val, dest, base);
> + retry:
> +	switch (code->op) {
> +	case FETCH_OP_TP_ARG:
> +		val = get_event_field(code, rec);
> +		break;
> +	case FETCH_OP_IMM:
> +		val = code->immediate;
> +		break;
> +	case FETCH_OP_COMM:
> +		val = (unsigned long)current->comm;
> +		break;
> +	case FETCH_OP_DATA:
> +		val = (unsigned long)code->data;
> +		break;
> +	case FETCH_NOP_SYMBOL:	/* Ignore a place holder */
> +		code++;
> +		goto retry;
> +	default:
> +		return -EILSEQ;
> +	}
> +	code++;
> +	return process_fetch_insn_bottom(code, val, dest, base);
>  }
>  NOKPROBE_SYMBOL(process_fetch_insn)
>  
> @@ -866,6 +917,10 @@ static int trace_eprobe_tp_update_arg(struct trace_eprobe *ep, const char *argv[
>  			trace_probe_log_err(0, BAD_ATTACH_ARG);
>  	}
>  
> +	/* Handle symbols "@" */
> +	if (!ret)
> +		ret = traceprobe_update_arg(&ep->tp.args[i]);
> +
>  	return ret;
>  }
>  
> -- 
> 2.35.1


-- 
Masami Hiramatsu (Google) <mhiramat@kernel.org>

next prev parent reply	other threads:[~2022-08-20 13:05 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20220820014035.531145719@goodmis.org>
2022-08-20  1:40 ` [PATCH 1/4] tracing/eprobes: Do not allow eprobes to use $stack, or % for regs Steven Rostedt
2022-08-20  8:33   ` Masami Hiramatsu
2022-08-20  1:40 ` [PATCH 2/4] tracing/eprobes: Do not hardcode $comm as a string Steven Rostedt
2022-08-20  1:57   ` Steven Rostedt
2022-08-20 11:18   ` Masami Hiramatsu
2022-08-20 12:48     ` Steven Rostedt
2022-08-20 13:00       ` Steven Rostedt
2022-08-20 13:09         ` Masami Hiramatsu
2022-08-20 13:19           ` Steven Rostedt
2022-08-20  1:40 ` [PATCH 3/4] tracing/eprobes: Fix reading of string fields Steven Rostedt
2022-08-20 12:27   ` Masami Hiramatsu
2022-08-20  1:40 ` [PATCH 4/4] tracing/eprobes: Have event probes be consistent with kprobes and uprobes Steven Rostedt
2022-08-20 13:04   ` Masami Hiramatsu [this message]
2022-08-20 13:11     ` Steven Rostedt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220820220442.776e1ddaf8836e82edb34d01@kernel.org \
    --to=mhiramat@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=rostedt@goodmis.org \
    --cc=stable@vger.kernel.org \
    --cc=tz.stoyanov@gmail.com \
    --cc=zanussi@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox