From mboxrd@z Thu Jan  1 00:00:00 1970
From: Daniel Borkmann <daniel@iogearbox.net>
Subject: Re: [PATCH bpf 2/3] bpf: show real jited address in
 bpf_prog_info->jited_ksyms
Date: Fri, 2 Nov 2018 11:19:40 +0100
Message-ID: <a35ece7a-d958-dbe3-4f03-6fe7eab42e06@iogearbox.net>
References: <20181101070058.2760251-1-songliubraving@fb.com>
 <20181101070058.2760251-3-songliubraving@fb.com>
 <e779db0e-7933-c11b-5068-d919897d15ec@iogearbox.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Cc: kernel-team@fb.com, ast@kernel.org, sandipan@linux.vnet.ibm.com
To: Song Liu <songliubraving@fb.com>, netdev@vger.kernel.org
Return-path: <netdev-owner@vger.kernel.org>
Received: from www62.your-server.de ([213.133.104.62]:35704 "EHLO
        www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725935AbeKBT0W (ORCPT
        <rfc822;netdev@vger.kernel.org>); Fri, 2 Nov 2018 15:26:22 -0400
In-Reply-To: <e779db0e-7933-c11b-5068-d919897d15ec@iogearbox.net>
Content-Language: en-US
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On 11/02/2018 11:09 AM, Daniel Borkmann wrote:
> On 11/01/2018 08:00 AM, Song Liu wrote:
>> Currently, jited_ksyms in bpf_prog_info shows page addresses of jited
>> bpf program. This is not ideal for detailed profiling (find hot
>> instructions from stack traces). This patch replaces the page address
>> with real prog start address.
>>
>> Signed-off-by: Song Liu <songliubraving@fb.com>
>> ---
>>  kernel/bpf/syscall.c | 1 -
>>  1 file changed, 1 deletion(-)
>>
>> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
>> index ccb93277aae2..34a9eef5992c 100644
>> --- a/kernel/bpf/syscall.c
>> +++ b/kernel/bpf/syscall.c
>> @@ -2172,7 +2172,6 @@ static int bpf_prog_get_info_by_fd(struct bpf_prog *prog,
>>  			user_ksyms = u64_to_user_ptr(info.jited_ksyms);
>>  			for (i = 0; i < ulen; i++) {
>>  				ksym_addr = (ulong) prog->aux->func[i]->bpf_func;
>> -				ksym_addr &= PAGE_MASK;
> 
> Note that the masking was done on purpose here and in patch 1/3 in order to
> not expose randomized start address to kallsyms at least. I suppose it's
> okay to change it here and for kallsyms given bpf_prog_get_info_by_fd() dump
> is for root only, and in each of the two cases we additionally apply
> kallsyms_show_value() logic, so for unpriv this is zeroed out plus only root
> loaded programs are added under kallsyms (capable(CAP_SYS_ADMIN)) anyway.

(Btw, something like above should have been in changelog to provide some more
historical context of why we used to do it like that and explaining why it is
okay to change it this way.)

>>  				if (put_user((u64) ksym_addr, &user_ksyms[i]))
>>  					return -EFAULT;
>>  			}
>>
>