• Arnaldo Carvalho de Melo's avatar
    perf augmented_syscalls: Start collecting pathnames in the BPF program · 79ef68c7
    Arnaldo Carvalho de Melo authored
    This is the start of having the raw_syscalls:sys_enter BPF handler
    collecting pointer arguments, namely pathnames, and with two syscalls
    that have that pointer in different arguments, "open" as it as its first
    argument, "openat" as the second.
    
    With this in place the existing beautifiers in 'perf trace' works, those
    args are shown instead of just the pointer that comes with the syscalls
    tracepoints.
    
    This also serves to show and document pitfalls in the process of using
    just that place in the kernel (raw_syscalls:sys_enter) plus tables
    provided by userspace to collect syscall pointer arguments.
    
    One is the need to use a barrier, as suggested by Edward, to avoid clang
    optimizations that make the kernel BPF verifier to refuse loading our
    pointer contents collector.
    
    The end result should be a generic eBPF program that works in all
    architectures, with the differences amongst archs resolved by the
    userspace component, 'perf trace', that should get all its tables
    created automatically from the kernel components where they are defined,
    via string table constructors for things not expressed in BTF/DWARF
    (enums, structs, etc), and otherwise using those observability files
    (BTF).
    
    Cc: Adrian Hunter <adrian.hunter@intel.com>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David Ahern <dsahern@gmail.com>
    Cc: Edward Cree <ecree@solarflare.com>
    Cc: Jiri Olsa <jolsa@kernel.org>
    Cc: Martin KaFai Lau <kafai@fb.com>
    Cc: Namhyung Kim <namhyung@kernel.org>
    Cc: Wang Nan <wangnan0@huawei.com>
    Cc: Yonghong Song <yhs@fb.com>
    Link: https://lkml.kernel.org/n/tip-37dz54pmotgpnwg9tb6zuk9j@git.kernel.orgSigned-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
    79ef68c7
augmented_raw_syscalls.c 3.82 KB