- 11 Jun, 2018 2 commits
-
-
Gary Lin authored
Also add a simple example for DEVMAP based on xdp_drop_count.py v2: Add an example for CPUMAP Signed-off-by: Gary Lin <glin@suse.com>
-
Gary Lin authored
Those two map types are necessary to support bpf_redirect_map() in XDP. v2: Use ArrayBase as the base class of DevMap and CpuMap Signed-off-by: Gary Lin <glin@suse.com>
-
- 07 Jun, 2018 1 commit
-
-
Gary Lin authored
Signed-off-by: Gary Lin <glin@suse.com>
-
- 06 Jun, 2018 3 commits
-
-
4ast authored
fix a memory leak for getline()
-
Yonghong Song authored
The memory allocated by getline() is not freed. This may cause some tool like clang memory leak sanitizer complain. Signed-off-by: Yonghong Song <yhs@fb.com>
-
yonghong-song authored
Fix typo
-
- 05 Jun, 2018 1 commit
-
-
Dmitry Dolgov authored
daelays -> delays
-
- 03 Jun, 2018 1 commit
-
-
yonghong-song authored
skip probe rewriter for bpf_probe_read()
-
- 02 Jun, 2018 5 commits
-
-
Yonghong Song authored
bpf_probe_read() is often used to access pointees in bpf programs. Recent rewriter has become smarter so a lot of bpf_probe_read() can be replaced with simple pointer/member access. In certain cases, bpf_probe_read() is still preferred though. For example, kernel net/tcp.h defined TCP_SKB_CB as below #define TCP_SKB_CB(__skb) ((struct tcp_skb_cb *)&((__skb)->cb[0])) User can use below to access tcp_gso_size of a skb data structure. TCP_SKB_CB(skb)->tcp_gso_size The rewriter will fail as it attempts to rewrite (__skb)->cb[0]. Instead of chasing down to prevent exactly the above pattern, this patch detects function bpf_probe_read() in ProbeVisitor and will skip it so bpf_probe_read()'s third parameter is a AddrOf. This can also help other cases where rewriter is not capable and user used bpf_probe_read() as the workaround. Also fixed tcptop.py to use direct assignment instead of bpf_probe_read. Otherwise, rewriter will actually rewrite src address reference inside the bpf_probe_read(). Signed-off-by: Yonghong Song <yhs@fb.com>
-
4ast authored
Add "-D __BPF_TRACING__" to frontend compilation flags
-
Yonghong Song authored
In 4.17 kernel, x86 build requires compiler asm-goto support. clang does not support asm-goto and bpf program compilation started to break. The following kernel commit commit b1ae32dbab50ed19cfc16d225b0fb0114fb13025 Author: Alexei Starovoitov <ast@kernel.org> Date: Sun May 13 12:32:22 2018 -0700 x86/cpufeature: Guard asm_volatile_goto usage for BPF compilation Workaround for the sake of BPF compilation which utilizes kernel headers, but clang does not support ASM GOTO and fails the build. workarounded the issue by permitting native clang compilation. A warning message, however, is issued: ./arch/x86/include/asm/cpufeature.h:150:2: warning: "Compiler lacks ASM_GOTO support. Add -D __BPF_TRACING__ to your compiler arguments" [-W#warnings] #warning "Compiler lacks ASM_GOTO support. Add -D __BPF_TRACING__ to your compil... ^ 1 warning generated. This patch added "-D __BPF_TRACING__" to clang frontend compilation to suppress the warning. Signed-off-by: Yonghong Song <yhs@fb.com>
-
yonghong-song authored
Refactor external pointer assignments
-
yonghong-song authored
sync BPF compat headers with latest bpf-next, update BPF features list
-
- 01 Jun, 2018 3 commits
-
-
Quentin Monnet authored
Update doc/kernel-versions.md with latest eBPF features, map types, JIT-compiler, helpers. Synchronise headers with bpf-next (at commit bcece5dc40b9). Add prototypes for the following helpers: - bpf_get_stack() - bpf_skb_load_bytes_relative() - bpf_fib_lookup() - bpf_sock_hash_update() - bpf_msg_redirect_hash() - bpf_sk_redirect_hash() - bpf_lwt_push_encap() - bpf_lwt_seg6_store_bytes() - bpf_lwt_seg6_adjust_srh() - bpf_lwt_seg6_action() - bpf_rc_repeat() - bpf_rc_keydown()
-
Paul Chaignon authored
-
Paul Chaignon authored
The code to track assignments of external pointers was scattered between VisitVarDecl and VisitBinaryOperator. This commit defines a shared assignsExtPtr method. Doing so also fixes a bug as VisitVarDecl was missing a case for external pointers retrieved from maps.
-
- 31 May, 2018 1 commit
-
-
yonghong-song authored
Add support for attaching kprobes at custom offsets
-
- 30 May, 2018 5 commits
-
-
yonghong-song authored
tcplife: fix dport filter on tracepoints
-
yonghong-song authored
let rewriter add code to define CONFIG_CC_STACKPROTECTOR
-
Paul Chaignon authored
When using tracepoints, the destination port is retrieved in host byte order and there is no need to convert it, contrary to the kprobe version.
-
Sandipan Das authored
Currently, attach_kprobe() only allows kprobes to be attached to an arch-dependent default location usually in the prologue of the function corresponding to the event. With these changes, one can attach a kprobe at a custom offset from the start of the function. Signed-off-by: Sandipan Das <sandipan@linux.vnet.ibm.com>
-
smartx-usman authored
* Added vlan_filter application. * Added demo application and changed timestamp to human readable format. * changed files to executable and updated README.md file dependencies part. * Fixed header printout to match actual output and README.
-
- 29 May, 2018 5 commits
-
-
yonghong-song authored
zfsdist: fix for python3
-
yonghong-song authored
within tc_perf_event.py,ping command fix
-
Andreas Gerstmayr authored
The BPF.get_kprobe_functions method tests if the passed argument matches with a line of kallsyms, which is opened in binary mode. Therefore the regex pattern must be bytes as well.
-
kernel-z authored
-
Yonghong Song authored
Fix issue #1730 Linux kernel commit 2bc2f688fdf8 ("Makefile: move stack-protector availability out of Kconfig") moved CONFIG_CC_STACKPROTECTOR from Kconfig to Makefile. Commit 44c6dc940b19 ("Makefile: introduce CONFIG_CC_STACKPROTECTOR_AUTO") introduced CONFIG_CC_STACKPROTECTOR_AUTO. Whether CONFIG_CC_STACKPROTECTOR is defined depends on CONFIG_CC_STACKPROTECTOR_{AUTO,REGULAR,STRONG}. Since the clang supports stack-protector, CONFIG_CC_STACKPROTECTOR_AUTO will imply CONFIG_CC_STACKPROTECTOR for gcc/clang based compilation. Such changes are introduced in 4.16. For example, the following code is defined in linux/include/linux/sched.h, ``` pid_t pid; pid_t tgid; /* Canary value for the -fstack-protector GCC feature: */ unsigned long stack_canary; /* * Pointers to the (original) parent process, youngest child, younger sibling, * older sibling, respectively. (p->father can be replaced with * p->real_parent->pid) */ /* Real parent process: */ struct task_struct __rcu *real_parent; ``` If kernel config has CONFIG_CC_STACKPROTECTOR_{STRONG,REGULAR,AUTO} defined, CONFIG_CC_STACKPROTECTOR will be defined in compilation flags by kernel toplevel Makefile. But since CONFIG_CC_STACKPROTECTOR is not defined in configuration file autoconf.h, bcc will consider it is not defined. This will cause bcc to access wrong data in task_struct for any fields after the above stack_canary. Instead to fix any individual tool, in this patch the bcc rewriter added necessary macro definition for CONFIG_CC_STACKPROTECTOR in the source code, depending on CONFIG_CC_STACKPROTECTOR_{AUTO,REGULAR,STRONG}. Signed-off-by: Yonghong Song <yhs@fb.com>
-
- 25 May, 2018 3 commits
-
-
yonghong-song authored
Fix smoke test for tcplife
-
yonghong-song authored
fix tcplife.py rewriter issue
-
Paul Chaignon authored
-
- 24 May, 2018 2 commits
-
-
yonghong-song authored
Fix dereference replacements for pointers to pointers
-
Yonghong Song authored
rewriter tried to rewrite an argument for a user written bpf_probe_read and triggers a clang compilation error. $ tcplife.py /virtual/main.c:134:41: error: cannot take the address of an rvalue of type 'typeof(u64)' (aka 'unsigned long long') ...&({ typeof(u64) _val; __builtin_memset(&_val, 0, sizeof(_val)); bpf_probe_read(&_val, sizeof(_val), (u64)&tp->bytes_received); _val; })); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /virtual/main.c:135:41: error: cannot take the address of an rvalue of type 'typeof(u64)' (aka 'unsigned long long') ...&({ typeof(u64) _val; __builtin_memset(&_val, 0, sizeof(_val)); bpf_probe_read(&_val, sizeof(_val), (u64)&tp->bytes_acked); _val; })); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2 errors generated. changing bpf_probe_read to regular pointer access fixed the issue. Signed-off-by: Yonghong Song <yhs@fb.com>
-
- 23 May, 2018 2 commits
-
-
Paul Chaignon authored
-
Paul Chaignon authored
Currently, the bcc rewriter is unable to track external pointers if there is more than a single level of indirection (e.g., pointer to external pointer). For example, in the following, the rewriter is unable to detect that ptr2 doesn't need a call to bpf_probe_read, only *ptr2 do. int test(struct pt_regs *ctx, struct sock *sk) { struct sock *ptr1; struct sock **ptr2 = &ptr1; *ptr2 = sk; return ((struct sock *)(*ptr2))->sk_daddr; } This commit fixes this issue by tracking the levels of indirections in addition to the variable declarations (identifies each variable). When traversing dereferences, the level of indirections is used to decide whether the base expression is an external pointer. The level of indirections is inherited when a pointer is assigned to a new variable (assignments and function calls).
-
- 21 May, 2018 2 commits
-
-
Brendan Gregg authored
execsnoop: don't print newlines in argv
-
Javier Honduvilla Coto authored
by escaping newlines. Fixes #1037 * Before: ``` $ sudo /usr/share/bcc/tools/execsnoop PCOMM PID PPID RET ARGS awk 9910 7831 0 /usr/bin/awk BEGIN { print "hi" } ``` * With this patch: ``` $ sudo /usr/share/bcc/tools/execsnoop PCOMM PID PPID RET ARGS awk 10033 7831 0 /usr/bin/awk \nBEGIN { print "hi" } ```
-
- 20 May, 2018 2 commits
-
-
yonghong-song authored
Limit dereference rewriter to tracing contexts
-
Paul Chaignon authored
We should only track and rewrite external pointers from the context pointer for tracing programs. Other types of context pointers point to e.g. packets and do not require a rewrite to a bpf_probe_read call.
-
- 18 May, 2018 2 commits
-
-
Akilesh Kailash authored
* Add -d (duration) option to argdist, funclatency and syscount * Add -d option to man pages and _example.txt
-
yonghong-song authored
usdt: fail when binary doesn't exist. Fixes #1749
-