From: Arnaldo Carvalho de Melo <acme@kernel.org>
To: Ingo Molnar <mingo@kernel.org>
Cc: Clark Williams <williams@redhat.com>,
linux-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org,
Arnaldo Carvalho de Melo <acme@redhat.com>,
Adrian Hunter <adrian.hunter@intel.com>,
David Ahern <dsahern@gmail.com>, Jiri Olsa <jolsa@kernel.org>,
Namhyung Kim <namhyung@kernel.org>,
Wang Nan <wangnan0@huawei.com>
Subject: [PATCH 02/77] perf trace: Make the augmented_syscalls filter out the tracepoint event
Date: Wed, 5 Sep 2018 19:03:25 -0300 [thread overview]
Message-ID: <20180905220440.20256-3-acme@kernel.org> (raw)
In-Reply-To: <20180905220440.20256-1-acme@kernel.org>
From: Arnaldo Carvalho de Melo <acme@redhat.com>
When we attach a eBPF object to a tracepoint, if we return 1, then that
tracepoint will be stored in the perf's ring buffer. In the
augmented_syscalls.c case we want to just attach and _override_ the
tracepoint payload with an augmented, extended one.
In this example, tools/perf/examples/bpf/augmented_syscalls.c, we are
attaching to the 'openat' syscall, and adding, after the
syscalls:sys_enter_openat usual payload as defined by
/sys/kernel/debug/tracing/events/syscalls/sys_enter_openat/format, a
snapshot of its sole pointer arg:
# grep 'field:.*\*' /sys/kernel/debug/tracing/events/syscalls/sys_enter_openat/format
field:const char * filename; offset:24; size:8; signed:0;
#
For now this is not being considered, the next csets will make use of
it, but as this is overriding the syscall tracepoint enter, we don't
want that event appearing on the ring buffer, just our synthesized one.
Before:
# perf trace -e ~acme/git/perf/tools/perf/examples/bpf/augmented_syscalls.c,openat cat /etc/passwd > /dev/null
0.000 ( ): __augmented_syscalls__:dfd: CWD, filename: /etc/ld.so.cache, flags: CLOEXEC
0.006 ( ): syscalls:sys_enter_openat:dfd: CWD, filename: , flags: CLOEXEC
0.007 ( 0.004 ms): cat/24044 openat(dfd: CWD, filename: 0x216dda8, flags: CLOEXEC ) = 3
0.028 ( ): __augmented_syscalls__:dfd: CWD, filename: /lib64/libc.so.6, flags: CLOEXEC
0.030 ( ): syscalls:sys_enter_openat:dfd: CWD, filename: , flags: CLOEXEC
0.031 ( 0.006 ms): cat/24044 openat(dfd: CWD, filename: 0x2375ce0, flags: CLOEXEC ) = 3
0.291 ( ): __augmented_syscalls__:dfd: CWD, filename: /etc/passwd
0.293 ( ): syscalls:sys_enter_openat:dfd: CWD, filename:
0.294 ( 0.004 ms): cat/24044 openat(dfd: CWD, filename: 0x637db06b ) = 3
#
After:
# perf trace -e ~acme/git/perf/tools/perf/examples/bpf/augmented_syscalls.c,openat cat /etc/passwd > /dev/null
0.000 ( ): __augmented_syscalls__:dfd: CWD, filename: 0x9c6a1da8, flags: CLOEXEC
0.005 ( 0.015 ms): cat/27341 openat(dfd: CWD, filename: 0x9c6a1da8, flags: CLOEXEC ) = 3
0.040 ( ): __augmented_syscalls__:dfd: CWD, filename: 0x9c8a9ce0, flags: CLOEXEC
0.041 ( 0.006 ms): cat/27341 openat(dfd: CWD, filename: 0x9c8a9ce0, flags: CLOEXEC ) = 3
0.294 ( ): __augmented_syscalls__:dfd: CWD, filename: 0x482a706b
0.296 ( 0.067 ms): cat/27341 openat(dfd: CWD, filename: 0x482a706b ) = 3
#
Now lets replace that __augmented_syscalls__ name with the syscall name,
using:
# grep 'field:.*syscall_nr' /sys/kernel/debug/tracing/events/syscalls/sys_enter_openat/format
field:int __syscall_nr; offset:8; size:4; signed:1;
#
That the synthesized payload has exactly where the syscall enter
tracepoint puts it.
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: David Ahern <dsahern@gmail.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Wang Nan <wangnan0@huawei.com>
Link: https://lkml.kernel.org/n/tip-og4r9k87mzp9hv7el046idmd@git.kernel.org
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
tools/perf/examples/bpf/augmented_syscalls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/examples/bpf/augmented_syscalls.c b/tools/perf/examples/bpf/augmented_syscalls.c
index 69a31386d8cd..10e7997ab481 100644
--- a/tools/perf/examples/bpf/augmented_syscalls.c
+++ b/tools/perf/examples/bpf/augmented_syscalls.c
@@ -49,7 +49,7 @@ int syscall_enter(openat)(struct syscall_enter_openat_args *args)
probe_read_str(&augmented_args.filename, sizeof(augmented_args.filename), args->filename_ptr);
perf_event_output(args, &__augmented_syscalls__, BPF_F_CURRENT_CPU,
&augmented_args, sizeof(augmented_args));
- return 1;
+ return 0;
}
license(GPL);
--
2.14.4
next prev parent reply other threads:[~2018-09-05 22:05 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-05 22:03 [GIT PULL 00/77] perf/core improvements and fixes Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 01/77] perf trace: Pass augmented args to the arg formatters when available Arnaldo Carvalho de Melo
2018-09-05 22:03 ` Arnaldo Carvalho de Melo [this message]
2018-09-05 22:03 ` [PATCH 03/77] perf trace: Print the syscall name for augmented_syscalls Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 04/77] perf trace: Extract the comm/tid printing for syscall enter Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 05/77] perf trace: Show comm/tid for augmented_syscalls Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 06/77] perf trace: Use the augmented filename, expanding syscall enter pointers Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 07/77] perf trace: Augment the 'open' syscall 'filename' arg Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 08/77] perf trace: Augment inotify_add_watch pathname syscall arg Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 09/77] perf trace: Introduce augmented_filename_syscall_enter() declarator Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 10/77] perf trace: Augment 'newstat' (aka 'stat') filename ptr Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 11/77] perf trace: Add a etcsnoop.c augmented syscalls eBPF utility Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 12/77] perf bpf: Give precedence to bpf header dir Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 13/77] perf bpf: Add linux/socket.h to the headers accessible to bpf proggies Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 14/77] perf trace augmented_syscalls: Augment connect's 'sockaddr' arg Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 15/77] perf trace augmented_syscalls: Add augmented_sockaddr_syscall_enter() Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 16/77] perf trace augmented_syscalls: Augment bind's 'myaddr' sockaddr arg Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 17/77] perf trace augmented_syscalls: Augment sendto's 'addr' arg Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 18/77] perf trace beauty: Reorganize 'struct sockaddr *' beautifier Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 19/77] perf report: Create auxiliary trace data files for s390 Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 20/77] tools lib traceevent, perf tools: Split trace-seq related APIs in a separate header file Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 21/77] perf bpf: Add syscall_exit() helper Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 22/77] perf augmented_syscalls: Update the header comments Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 23/77] perf trace augmented_syscalls: Rename augmented_*_syscall__enter to just *_syscall Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 24/77] perf trace augmented_syscalls: Hook into syscalls:sys_exit_SYSCALL too Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 25/77] perf trace: Show comm and tid for tracepoint events Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 26/77] perf stat: Use evsel->threads in create_perf_stat_counter() Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 27/77] perf stat: Move 'initial_delay' to 'struct perf_stat_config' Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 28/77] perf stat: Move 'no_inherit' " Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 29/77] perf stat: Use local config arg for scale in create_perf_stat_counter() Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 30/77] perf stat: Add 'identifier' flag to 'struct perf_stat_config' Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 31/77] perf tools: Switch 'session' argument to 'evlist' in perf_event__synthesize_attrs() Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 32/77] perf evsel: Introduce perf_evsel__store_ids() Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 33/77] perf stat: Move create_perf_stat_counter() to stat.c Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 34/77] perf stat: Rename 'is_pipe' argument to 'attrs' in perf_stat_synthesize_config() Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 35/77] perf stat: Add 'struct perf_stat_config' argument to perf_stat_synthesize_config() Arnaldo Carvalho de Melo
2018-09-05 22:03 ` [PATCH 36/77] perf stat: Add 'struct perf_tool' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 37/77] perf stat: Add 'struct perf_evlist' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 38/77] perf stat: Add 'perf_event__handler_t' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 39/77] perf stat: Move perf_stat_synthesize_config() to stat.c Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 40/77] perf stat: Introduce perf_evlist__print_counters() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 41/77] perf stat: Move STAT_RECORD out of perf_evlist__print_counters() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 42/77] perf stat: Add 'struct perf_stat_config' argument to perf_evlist__print_counters() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 43/77] perf stat: Pass 'struct perf_stat_config' argument to local print functions Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 44/77] perf stat: Pass a 'struct perf_stat_config' argument to global " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 45/77] perf stat: Move csv_* to 'struct perf_stat_config' Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 46/77] perf stat: Move 'interval_clear' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 47/77] perf stat: Move 'metric_only' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 48/77] perf stat: Move 'unit_width' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 49/77] perf stat: Add 'target' argument to perf_evlist__print_counters() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 50/77] perf stat: Pass 'evlist' argument to print functions Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 51/77] perf stat: Use 'evsel->evlist' instead of 'evsel_list' in collect_all_aliases() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 52/77] perf stat: Move 'run_count' to 'struct perf_stat_config' Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 53/77] perf stat: Move 'metric_only_len' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 54/77] perf stat: Pass 'struct perf_stat_config' to first_shadow_cpu() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 55/77] perf stat: Pass 'evlist' to aggr_update_shadow() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 56/77] perf stat: Add 'walltime_nsecs_stats' pointer to 'struct perf_stat_config' Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 57/77] perf stat: Move 'null_run' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 58/77] perf stat: Move 'print_free_counters_hint' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 59/77] perf stat: Move 'print_mixed_hw_group_error' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 60/77] perf stat: Move ru_* data " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 61/77] perf stat: Move *_aggr_* " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 62/77] perf stat: Do not use the global 'evsel_list' in print functions Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 63/77] perf stat: Move 'big_num' data to 'struct perf_stat_config' Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 64/77] perf stat: Move 'no_merge' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 65/77] perf stat: Propagate 'struct target' arg to sort_aggr_thread() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 66/77] perf stat: Move 'walltime_*' data to 'struct perf_stat_config' Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 67/77] perf stat: Move 'metric_events' " Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 68/77] perf stat: Move the display functions to stat-display.c Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 69/77] perf trace beauty: Alias 'umount' to 'umount2' Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 70/77] perf annotate: Handle arm64 move instructions Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 71/77] perf augmented_syscalls: Check probe_read_str() return separately Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 72/77] perf augmented_syscalls: Avoid optimization to pass older BPF validators Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 73/77] perf trace: Introduce syscall__augmented_args() method Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 74/77] perf trace: Setup augmented_args in the raw_syscalls:sys_enter handler Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 75/77] perf trace: Use the raw_syscalls:sys_enter for the augmented syscalls Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 76/77] perf map: Turn some pr_warning() to pr_debug() Arnaldo Carvalho de Melo
2018-09-05 22:04 ` [PATCH 77/77] perf tests: Fix record+probe_libc_inet_pton.sh without ping's debuginfo Arnaldo Carvalho de Melo
2018-09-07 12:09 ` Thomas-Mich Richter
2018-09-10 15:19 ` Arnaldo Carvalho de Melo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180905220440.20256-3-acme@kernel.org \
--to=acme@kernel.org \
--cc=acme@redhat.com \
--cc=adrian.hunter@intel.com \
--cc=dsahern@gmail.com \
--cc=jolsa@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=namhyung@kernel.org \
--cc=wangnan0@huawei.com \
--cc=williams@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).