From: Yafang Shao <laoar.shao@gmail.com>
To: Andrii Nakryiko <andrii.nakryiko@gmail.com>
Cc: ast@kernel.org, daniel@iogearbox.net, john.fastabend@gmail.com,
andrii@kernel.org, martin.lau@linux.dev, song@kernel.org,
yhs@fb.com, kpsingh@kernel.org, sdf@google.com,
haoluo@google.com, jolsa@kernel.org, quentin@isovalent.com,
rostedt@goodmis.org, mhiramat@kernel.org, bpf@vger.kernel.org,
linux-trace-kernel@vger.kernel.org
Subject: Re: [PATCH v5 bpf-next 09/11] bpf: Support ->fill_link_info for perf_event
Date: Sun, 25 Jun 2023 22:35:29 +0800 [thread overview]
Message-ID: <CALOAHbD3y9P6kXBNdU-zVsVtUDv138D+dJi2=Vn0ryxVYAMJ_g@mail.gmail.com> (raw)
In-Reply-To: <CAEf4Bzadyzhncvqv85W=tF+EZLjnUww_ZRCAr6mf-aL5p9P1SA@mail.gmail.com>
On Sat, Jun 24, 2023 at 5:55 AM Andrii Nakryiko
<andrii.nakryiko@gmail.com> wrote:
>
> On Fri, Jun 23, 2023 at 7:16 AM Yafang Shao <laoar.shao@gmail.com> wrote:
> >
> > By introducing support for ->fill_link_info to the perf_event link, users
> > gain the ability to inspect it using `bpftool link show`. While the current
> > approach involves accessing this information via `bpftool perf show`,
> > consolidating link information for all link types in one place offers
> > greater convenience. Additionally, this patch extends support to the
> > generic perf event, which is not currently accommodated by
> > `bpftool perf show`. While only the perf type and config are exposed to
> > userspace, other attributes such as sample_period and sample_freq are
> > ignored. It's important to note that if kptr_restrict is not permitted, the
> > probed address will not be exposed, maintaining security measures.
> >
> > A new enum bpf_perf_event_type is introduced to help the user understand
> > which struct is relevant.
> >
> > Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
> > ---
> > include/uapi/linux/bpf.h | 35 +++++++++++++
> > kernel/bpf/syscall.c | 115 +++++++++++++++++++++++++++++++++++++++++
> > tools/include/uapi/linux/bpf.h | 35 +++++++++++++
> > 3 files changed, 185 insertions(+)
> >
> > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> > index 23691ea..1c579d5 100644
> > --- a/include/uapi/linux/bpf.h
> > +++ b/include/uapi/linux/bpf.h
> > @@ -1056,6 +1056,14 @@ enum bpf_link_type {
> > MAX_BPF_LINK_TYPE,
> > };
> >
> > +enum bpf_perf_event_type {
> > + BPF_PERF_EVENT_UNSPEC = 0,
> > + BPF_PERF_EVENT_UPROBE = 1,
> > + BPF_PERF_EVENT_KPROBE = 2,
> > + BPF_PERF_EVENT_TRACEPOINT = 3,
> > + BPF_PERF_EVENT_EVENT = 4,
> > +};
> > +
> > /* cgroup-bpf attach flags used in BPF_PROG_ATTACH command
> > *
> > * NONE(default): No further bpf programs allowed in the subtree.
> > @@ -6443,6 +6451,33 @@ struct bpf_link_info {
> > __u32 count;
> > __u32 flags;
> > } kprobe_multi;
> > + struct {
> > + __u32 type; /* enum bpf_perf_event_type */
> > + __u32 :32;
> > + union {
> > + struct {
> > + __aligned_u64 file_name; /* in/out */
> > + __u32 name_len;
> > + __u32 offset;/* offset from file_name */
> > + __u32 flags;
> > + } uprobe; /* BPF_PERF_EVENT_UPROBE */
> > + struct {
> > + __aligned_u64 func_name; /* in/out */
> > + __u32 name_len;
> > + __u32 offset;/* offset from func_name */
> > + __u64 addr;
> > + __u32 flags;
> > + } kprobe; /* BPF_PERF_EVENT_KPROBE */
> > + struct {
> > + __aligned_u64 tp_name; /* in/out */
> > + __u32 name_len;
> > + } tracepoint; /* BPF_PERF_EVENT_TRACEPOINT */
> > + struct {
> > + __u64 config;
> > + __u32 type;
> > + } event; /* BPF_PERF_EVENT_EVENT */
> > + };
> > + } perf_event;
> > };
> > } __attribute__((aligned(8)));
> >
> > diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> > index c863d39..02dad3c 100644
> > --- a/kernel/bpf/syscall.c
> > +++ b/kernel/bpf/syscall.c
> > @@ -3394,9 +3394,124 @@ static int bpf_perf_link_fill_common(const struct perf_event *event,
> > return 0;
> > }
> >
> > +#ifdef CONFIG_KPROBE_EVENTS
> > +static int bpf_perf_link_fill_kprobe(const struct perf_event *event,
> > + struct bpf_link_info *info)
> > +{
> > + char __user *uname;
> > + u64 addr, offset;
> > + u32 ulen, type;
> > + int err;
> > +
> > + uname = u64_to_user_ptr(info->perf_event.kprobe.func_name);
> > + ulen = info->perf_event.kprobe.name_len;
> > + info->perf_event.type = BPF_PERF_EVENT_KPROBE;
> > + err = bpf_perf_link_fill_common(event, uname, ulen, &offset, &addr,
> > + &type);
> > + if (err)
> > + return err;
> > +
> > + info->perf_event.kprobe.offset = offset;
> > + if (type == BPF_FD_TYPE_KRETPROBE)
> > + info->perf_event.kprobe.flags = 1;
>
> hm... ok, sorry, I didn't realize that these flags are not part of
> UAPI. I don't think just randomly defining 1 to mean retprobe is a
> good approach. Let's drop flags if there are actually no flags.
>
> How about in addition to BPF_PERF_EVENT_UPROBE add
> BPF_PERF_EVENT_URETPROBE, and for BPF_PERF_EVENT_KPROBE add also
> BPF_PERF_EVENT_KRETPROBE. They will share respective perf_event.uprobe
> and perf_event.kprobe sections in bpf_link_info.
>
> It seems consistent with what we did for bpf_task_fd_type enum.
Good idea. Will do it.
--
Regards
Yafang
next prev parent reply other threads:[~2023-06-25 14:36 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-23 14:15 [PATCH v5 bpf-next 00/11] bpf: Support ->fill_link_info for kprobe_multi and perf_event links Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 01/11] bpf: Support ->fill_link_info for kprobe_multi Yafang Shao
2023-06-23 21:45 ` Andrii Nakryiko
2023-06-25 14:34 ` Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 02/11] bpftool: Dump the kernel symbol's module name Yafang Shao
2023-06-23 16:48 ` Quentin Monnet
2023-06-23 14:15 ` [PATCH v5 bpf-next 03/11] bpftool: Show kprobe_multi link info Yafang Shao
2023-06-23 16:48 ` Quentin Monnet
2023-06-25 14:29 ` Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 04/11] bpf: Protect probed address based on kptr_restrict setting Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 05/11] bpf: Clear the probe_addr for uprobe Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 06/11] bpf: Expose symbol's respective address Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 07/11] bpf: Add a common helper bpf_copy_to_user() Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 08/11] bpf: Add bpf_perf_link_fill_common() Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 09/11] bpf: Support ->fill_link_info for perf_event Yafang Shao
2023-06-23 21:55 ` Andrii Nakryiko
2023-06-25 14:35 ` Yafang Shao [this message]
2023-06-23 14:15 ` [PATCH v5 bpf-next 10/11] bpftool: Add perf event names Yafang Shao
2023-06-23 16:49 ` Quentin Monnet
2023-06-25 14:30 ` Yafang Shao
2023-06-23 14:15 ` [PATCH v5 bpf-next 11/11] bpftool: Show perf link info Yafang Shao
2023-06-23 16:49 ` Quentin Monnet
2023-06-25 14:31 ` Yafang Shao
2023-06-23 17:13 ` Alexei Starovoitov
2023-06-25 14:32 ` Yafang Shao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALOAHbD3y9P6kXBNdU-zVsVtUDv138D+dJi2=Vn0ryxVYAMJ_g@mail.gmail.com' \
--to=laoar.shao@gmail.com \
--cc=andrii.nakryiko@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=haoluo@google.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=mhiramat@kernel.org \
--cc=quentin@isovalent.com \
--cc=rostedt@goodmis.org \
--cc=sdf@google.com \
--cc=song@kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).