Commit 396f544e authored by Andrii Nakryiko's avatar Andrii Nakryiko Committed by Alexei Starovoitov

selftests/bpf: Fix BPF_KRETPROBE macro and use it in attach_probe test

For kretprobes, there is no point in capturing input arguments from pt_regs,
as they are going to be, most probably, clobbered by the time probed kernel
function returns. So switch BPF_KRETPROBE to accept zero or one argument
(optional return result).

Fixes: ac065870 ("selftests/bpf: Add BPF_PROG, BPF_KPROBE, and BPF_KRETPROBE macros")
Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20200229231112.1240137-4-andriin@fb.com
parent fd56e005
...@@ -96,15 +96,16 @@ typeof(name(0)) name(struct pt_regs *ctx) \ ...@@ -96,15 +96,16 @@ typeof(name(0)) name(struct pt_regs *ctx) \
static __always_inline typeof(name(0)) ____##name(struct pt_regs *ctx, ##args) static __always_inline typeof(name(0)) ____##name(struct pt_regs *ctx, ##args)
#define ___bpf_kretprobe_args0() ctx #define ___bpf_kretprobe_args0() ctx
#define ___bpf_kretprobe_argsN(x, args...) \ #define ___bpf_kretprobe_args1(x) \
___bpf_kprobe_args(args), (void *)PT_REGS_RET(ctx) ___bpf_kretprobe_args0(), (void *)PT_REGS_RET(ctx)
#define ___bpf_kretprobe_args(args...) \ #define ___bpf_kretprobe_args(args...) \
___bpf_apply(___bpf_kretprobe_args, ___bpf_empty(args))(args) ___bpf_apply(___bpf_kretprobe_args, ___bpf_narg(args))(args)
/* /*
* BPF_KRETPROBE is similar to BPF_KPROBE, except, in addition to listing all * BPF_KRETPROBE is similar to BPF_KPROBE, except, it only provides optional
* input kprobe arguments, one last extra argument has to be specified, which * return value (in addition to `struct pt_regs *ctx`), but no input
* captures kprobe return value. * arguments, because they will be clobbered by the time probed function
* returns.
*/ */
#define BPF_KRETPROBE(name, args...) \ #define BPF_KRETPROBE(name, args...) \
name(struct pt_regs *ctx); \ name(struct pt_regs *ctx); \
......
...@@ -4,6 +4,7 @@ ...@@ -4,6 +4,7 @@
#include <linux/ptrace.h> #include <linux/ptrace.h>
#include <linux/bpf.h> #include <linux/bpf.h>
#include <bpf/bpf_helpers.h> #include <bpf/bpf_helpers.h>
#include "bpf_trace_helpers.h"
int kprobe_res = 0; int kprobe_res = 0;
int kretprobe_res = 0; int kretprobe_res = 0;
...@@ -18,7 +19,7 @@ int handle_kprobe(struct pt_regs *ctx) ...@@ -18,7 +19,7 @@ int handle_kprobe(struct pt_regs *ctx)
} }
SEC("kretprobe/sys_nanosleep") SEC("kretprobe/sys_nanosleep")
int handle_kretprobe(struct pt_regs *ctx) int BPF_KRETPROBE(handle_kretprobe)
{ {
kretprobe_res = 2; kretprobe_res = 2;
return 0; return 0;
......
...@@ -17,11 +17,9 @@ int BPF_KPROBE(prog1, struct task_struct *tsk, const char *buf, bool exec) ...@@ -17,11 +17,9 @@ int BPF_KPROBE(prog1, struct task_struct *tsk, const char *buf, bool exec)
} }
SEC("kretprobe/__set_task_comm") SEC("kretprobe/__set_task_comm")
int BPF_KRETPROBE(prog2, int BPF_KRETPROBE(prog2, int ret)
struct task_struct *tsk, const char *buf, bool exec,
int ret)
{ {
return !PT_REGS_PARM1(ctx) && ret; return ret;
} }
SEC("raw_tp/task_rename") SEC("raw_tp/task_rename")
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment