Commit 581052a6 authored by 4ast's avatar 4ast Committed by GitHub

Merge pull request #1647 from iovisor/yhs_dev

skip kprobe functions outside normal text section
parents 24a80928 1034bd44
...@@ -481,9 +481,18 @@ class BPF(object): ...@@ -481,9 +481,18 @@ class BPF(object):
with open("%s/../kprobes/blacklist" % TRACEFS, "rb") as blacklist_f: with open("%s/../kprobes/blacklist" % TRACEFS, "rb") as blacklist_f:
blacklist = set([line.rstrip().split()[1] for line in blacklist_f]) blacklist = set([line.rstrip().split()[1] for line in blacklist_f])
fns = [] fns = []
found_stext = False
with open("/proc/kallsyms", "rb") as avail_file: with open("/proc/kallsyms", "rb") as avail_file:
for line in avail_file: for line in avail_file:
(_, t, fn) = line.rstrip().split()[:3] (_, t, fn) = line.rstrip().split()[:3]
if found_stext is False:
if fn == b'_stext':
found_stext = True
continue
if fn == b'_etext':
break
if (t.lower() in [b't', b'w']) and re.match(event_re, fn) \ if (t.lower() in [b't', b'w']) and re.match(event_re, fn) \
and fn not in blacklist: and fn not in blacklist:
fns.append(fn) fns.append(fn)
...@@ -558,7 +567,7 @@ class BPF(object): ...@@ -558,7 +567,7 @@ class BPF(object):
ev_name = b"r_" + event.replace(b"+", b"_").replace(b".", b"_") ev_name = b"r_" + event.replace(b"+", b"_").replace(b".", b"_")
fd = lib.bpf_attach_kprobe(fn.fd, 1, ev_name, event) fd = lib.bpf_attach_kprobe(fn.fd, 1, ev_name, event)
if fd < 0: if fd < 0:
raise Exception("Failed to attach BPF to kprobe") raise Exception("Failed to attach BPF to kretprobe")
self._add_kprobe_fd(ev_name, fd) self._add_kprobe_fd(ev_name, fd)
return self return self
...@@ -877,7 +886,7 @@ class BPF(object): ...@@ -877,7 +886,7 @@ class BPF(object):
ev_name = self._get_uprobe_evname(b"r", path, addr, pid) ev_name = self._get_uprobe_evname(b"r", path, addr, pid)
fd = lib.bpf_attach_uprobe(fn.fd, 1, ev_name, path, addr, pid) fd = lib.bpf_attach_uprobe(fn.fd, 1, ev_name, path, addr, pid)
if fd < 0: if fd < 0:
raise Exception("Failed to attach BPF to uprobe") raise Exception("Failed to attach BPF to uretprobe")
self._add_uprobe_fd(ev_name, fd) self._add_uprobe_fd(ev_name, fd)
return self return self
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment