From: Jiri Olsa <jolsa@kernel.org>
To: Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>
Cc: netdev@vger.kernel.org, bpf@vger.kernel.org,
Yonghong Song <yhs@fb.com>, Martin KaFai Lau <kafai@fb.com>,
David Miller <davem@redhat.com>,
John Fastabend <john.fastabend@gmail.com>,
Jesper Dangaard Brouer <hawk@kernel.org>,
Wenbo Zhang <ethercflow@gmail.com>,
KP Singh <kpsingh@chromium.org>, Andrii Nakryiko <andriin@fb.com>,
bgregg@netflix.com, Florent Revest <revest@chromium.org>,
Al Viro <viro@zeniv.linux.org.uk>
Subject: [RFCv2 0/9] bpf: Add d_path helper
Date: Wed, 6 May 2020 15:29:37 +0200 [thread overview]
Message-ID: <20200506132946.2164578-1-jolsa@kernel.org> (raw)
hi,
adding d_path helper to return full path for 'path' object.
I originally added and used 'file_path' helper, which did the same,
but used 'struct file' object. Then realized that file_path is just
a wrapper for d_path, so we'd cover more calling sites if we add
d_path helper and allowed resolving BTF object within another object,
so we could call d_path also with file pointer, like:
bpf_d_path(&file->f_path, buf, size);
This feature is mainly to be able to add dpath (filepath originally)
function to bpftrace, which seems to work nicely now, like:
# bpftrace -e 'kfunc:vfs_open { printf("%s\n", dpath(args->path)); }'
RFC v2 changes:
- added whitelist support, d_path helper is allowed only for
list of functions, the whitelist checking works as follows:
- helper's whitelist is defined as list of functions in file:
kernel/bpf/helpers-whitelist/helper
- at vmlinux linking time, the bpfwl tool reads the whitelist
and translates functions into BTF IDs, which are then compiled
as following data section into vmlinux object:
.BTF_whitelist
BTF_whitelist_<helper1>
BTF_whitelist_<helper2>
BTF_whitelist_<helper3>
Each BTF_whitelist_<helperX> data is a sorted array of BTF ids.
- new 'allowed' function is added to 'struct bpf_func_proto',
which is used by verifier code to check (if defined) on whether
the helper is called from allowed function (from whitelist).
Currently it's needed and implemented only for d_path helper,
but it's easy to add support for another helper.
- I don't change the btf_id value in check_func_arg as suggested by Alexei
- added new test_verifier test
Also available at:
https://git.kernel.org/pub/scm/linux/kernel/git/jolsa/perf.git
bpf/d_path
thoughts? thanks,
jirka
---
Jiri Olsa (9):
bpf: Add d_path helper
bpf: Add d_path whitelist
bpf: Add bpfwl tool to construct bpf whitelists
bpf: Allow nested BTF object to be refferenced by BTF object + offset
bpf: Add support to check on BTF id whitelist for d_path helper
bpf: Compile bpfwl tool at kernel compilation start
bpf: Compile the BTF id whitelist data in vmlinux
selftests/bpf: Add test for d_path helper
selftests/bpf: Add verifier test for d_path helper
Makefile | 24 +++++++--
include/asm-generic/vmlinux.lds.h | 5 ++
include/linux/bpf.h | 4 ++
include/uapi/linux/bpf.h | 14 +++++-
kernel/bpf/btf.c | 69 +++++++++++++++++++++++++
kernel/bpf/helpers-whitelist/d_path | 8 +++
kernel/bpf/verifier.c | 37 ++++++++++----
kernel/trace/bpf_trace.c | 54 ++++++++++++++++++++
scripts/bpf_helpers_doc.py | 2 +
scripts/link-vmlinux.sh | 20 ++++++--
tools/Makefile | 3 ++
tools/bpf/Makefile | 5 +-
tools/bpf/bpfwl/Build | 11 ++++
tools/bpf/bpfwl/Makefile | 60 ++++++++++++++++++++++
tools/bpf/bpfwl/bpfwl.c | 285 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tools/include/uapi/linux/bpf.h | 14 +++++-
tools/testing/selftests/bpf/prog_tests/d_path.c | 196 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tools/testing/selftests/bpf/progs/test_d_path.c | 71 ++++++++++++++++++++++++++
tools/testing/selftests/bpf/test_verifier.c | 13 ++++-
tools/testing/selftests/bpf/verifier/d_path.c | 37 ++++++++++++++
20 files changed, 908 insertions(+), 24 deletions(-)
create mode 100644 kernel/bpf/helpers-whitelist/d_path
create mode 100644 tools/bpf/bpfwl/Build
create mode 100644 tools/bpf/bpfwl/Makefile
create mode 100644 tools/bpf/bpfwl/bpfwl.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/d_path.c
create mode 100644 tools/testing/selftests/bpf/progs/test_d_path.c
create mode 100644 tools/testing/selftests/bpf/verifier/d_path.c
next reply other threads:[~2020-05-06 13:30 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-06 13:29 Jiri Olsa [this message]
2020-05-06 13:29 ` [PATCH 1/9] bpf: Add d_path helper Jiri Olsa
2020-05-14 22:06 ` Andrii Nakryiko
2020-05-15 14:59 ` Jiri Olsa
2020-05-06 13:29 ` [PATCH 2/9] bpf: Add d_path whitelist Jiri Olsa
2020-05-06 13:29 ` [PATCH 3/9] bpf: Add bpfwl tool to construct bpf whitelists Jiri Olsa
2020-05-14 22:20 ` Andrii Nakryiko
2020-05-15 14:58 ` Jiri Olsa
2020-05-06 13:29 ` [PATCH 4/9] bpf: Allow nested BTF object to be refferenced by BTF object + offset Jiri Olsa
2020-05-14 22:32 ` Andrii Nakryiko
2020-05-06 13:29 ` [PATCH 5/9] bpf: Add support to check on BTF id whitelist for d_path helper Jiri Olsa
2020-05-06 13:29 ` [PATCH 6/9] bpf: Compile bpfwl tool at kernel compilation start Jiri Olsa
2020-05-14 22:38 ` Andrii Nakryiko
2020-05-15 14:57 ` Jiri Olsa
2020-05-06 13:29 ` [PATCH 7/9] bpf: Compile the BTF id whitelist data in vmlinux Jiri Olsa
2020-05-13 18:29 ` Alexei Starovoitov
2020-05-14 8:05 ` Jiri Olsa
2020-05-14 22:46 ` Andrii Nakryiko
2020-05-15 14:57 ` Jiri Olsa
2020-05-28 17:23 ` Jiri Olsa
2020-05-29 20:48 ` Andrii Nakryiko
2020-05-31 15:10 ` Jiri Olsa
2020-06-01 19:06 ` Andrii Nakryiko
2020-06-02 8:16 ` Jiri Olsa
2020-05-06 13:29 ` [PATCH 8/9] selftests/bpf: Add test for d_path helper Jiri Olsa
2020-05-14 22:48 ` Andrii Nakryiko
2020-05-15 14:57 ` Jiri Olsa
2020-05-06 13:29 ` [PATCH 9/9] selftests/bpf: Add verifier " Jiri Olsa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200506132946.2164578-1-jolsa@kernel.org \
--to=jolsa@kernel.org \
--cc=andriin@fb.com \
--cc=ast@kernel.org \
--cc=bgregg@netflix.com \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=davem@redhat.com \
--cc=ethercflow@gmail.com \
--cc=hawk@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=kafai@fb.com \
--cc=kpsingh@chromium.org \
--cc=netdev@vger.kernel.org \
--cc=revest@chromium.org \
--cc=viro@zeniv.linux.org.uk \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).