- 25 Sep, 2023 21 commits
-
-
Jiri Olsa authored
Adding 'missed' field to display missed counts for kprobes attached by perf event link, like: # bpftool link 5: perf_event prog 82 kprobe ffffffff815203e0 ksys_write 6: perf_event prog 83 kprobe ffffffff811d1e50 scheduler_tick missed 682217 # bpftool link -jp [{ "id": 5, "type": "perf_event", "prog_id": 82, "retprobe": false, "addr": 18446744071584220128, "func": "ksys_write", "offset": 0, "missed": 0 },{ "id": 6, "type": "perf_event", "prog_id": 83, "retprobe": false, "addr": 18446744071580753488, "func": "scheduler_tick", "offset": 0, "missed": 693469 } ] Signed-off-by:Jiri Olsa <jolsa@kernel.org> Signed-off-by:
Andrii Nakryiko <andrii@kernel.org> Reviewed-by:
Quentin Monnet <quentin@isovalent.com> Link: https://lore.kernel.org/bpf/20230920213145.1941596-7-jolsa@kernel.org
-
Jiri Olsa authored
Adding 'missed' field to display missed counts for kprobes attached by kprobe multi link, like: # bpftool link 5: kprobe_multi prog 76 kprobe.multi func_cnt 1 missed 1 addr func [module] ffffffffa039c030 fp3_test [fprobe_test] # bpftool link -jp [{ "id": 5, "type": "kprobe_multi", "prog_id": 76, "retprobe": false, "func_cnt": 1, "missed": 1, "funcs": [{ "addr": 18446744072102723632, "func": "fp3_test", "module": "fprobe_test" } ] } ] Signed-off-by: -
Jiri Olsa authored
Increase misses stats in case bpf array execution is skipped because of recursion check in trace_call_bpf. Adding bpf_prog_inc_misses_counters that increase misses counts for all bpf programs in bpf_prog_array. Signed-off-by:
Song Liu <song@kernel.org> Reviewed-by:
-
Jiri Olsa authored
Add missed value to kprobe attached through perf link info to hold the stats of missed kprobe handler execution. The kprobe's missed counter gets incremented when kprobe handler is not executed due to another kprobe running on the same cpu. Signed-off-by:
-
Jiri Olsa authored
Add missed value to kprobe_multi link info to hold the stats of missed kprobe_multi probe. The missed counter gets incremented when fprobe fails the recursion check or there's no rethook available for return probe. In either case the attached bpf program is not executed. Signed-off-by:
Hou Tao <houtao1@huawei.com> Link: https://lore.kernel.org/bpf/20230920213145.1941596-3-jolsa@kernel.org
-
Jiri Olsa authored
Adding support to gather missed stats for kprobe_multi programs due to bpf_prog_active protection. Signed-off-by:
-
Andrii Nakryiko authored
Martin Kelly says: ==================== This patch series adds a new ring__ API to libbpf exposing getters for accessing the individual ringbuffers inside a struct ring_buffer. This is useful for polling individually, getting available data, or similar use cases. The API looks like this, and was roughly proposed by Andrii Nakryiko in another thread: Getting a ring struct: struct ring *ring_buffer__ring(struct ring_buffer *rb, unsigned int idx); Using the ring struct: unsigned long ring__consumer_pos(const struct ring *r); unsigned long ring__producer_pos(const struct ring *r); size_t ring__avail_data_size(const struct ring *r); size_t ring__size(const struct ring *r); int ring__map_fd(const struct ring *r); int ring__consume(struct ring *r); Changes in v2: - Addressed all feedback from Andrii Nakryiko ==================== Signed-off-by: -
Martin Kelly authored
Add tests for new API ring__consume. Signed-off-by:
Martin Kelly <martin.kelly@crowdstrike.com> Signed-off-by:
-
Martin Kelly authored
Add ring__consume to consume a single ringbuffer, analogous to ring_buffer__consume. Signed-off-by:
-
Martin Kelly authored
Add tests for the new API ring__map_fd. Signed-off-by:
-
Martin Kelly authored
Add ring__map_fd to get the file descriptor underlying a given ringbuffer. Signed-off-by:
-
Martin Kelly authored
Add tests for the new API ring__size. Signed-off-by:
-
Martin Kelly authored
Add ring__size to get the total size of a given ringbuffer. Signed-off-by:
-
Martin Kelly authored
Add test for the new API ring__avail_data_size. Signed-off-by:
-
Martin Kelly authored
Add ring__avail_data_size for querying the currently available data in the ringbuffer, similar to the BPF_RB_AVAIL_DATA flag in bpf_ringbuf_query. This is racy during ongoing operations but is still useful for overall information on how a ringbuffer is behaving. Signed-off-by:
-
Martin Kelly authored
Add tests for the new APIs ring__producer_pos and ring__consumer_pos. Signed-off-by:
-
Martin Kelly authored
Add APIs to get the producer and consumer position for a given ringbuffer. Signed-off-by:
-
Martin Kelly authored
Add tests for the new API ring_buffer__ring. Signed-off-by:
-
Martin Kelly authored
Add a new function ring_buffer__ring, which exposes struct ring * to the user, representing a single ringbuffer. Signed-off-by:
-
Martin Kelly authored
Switch rb->rings to be an array of pointers instead of a contiguous block. This allows for each ring pointer to be stable after ring_buffer__add is called, which allows us to expose struct ring * to the user without gotchas. Without this change, the realloc in ring_buffer__add could invalidate a struct ring *, making it unsafe to give to the user. Signed-off-by:
-
Martin Kelly authored
Refactor the cleanup code in ring_buffer__add to use a unified err_out label. This reduces code duplication, as well as plugging a potential leak if mmap_sz != (__u64)(size_t)mmap_sz (currently this would miss unmapping tmp because ringbuf_unmap_ring isn't called). Signed-off-by:
-
- 22 Sep, 2023 4 commits
-
-
Andrii Nakryiko authored
Hengqi Chen says: ==================== Dynamic symbols in shared library may have the same name, for example: $ nm -D /lib/x86_64-linux-gnu/libc.so.6 | grep rwlock_wrlock 000000000009b1a0 T __pthread_rwlock_wrlock@GLIBC_2.2.5 000000000009b1a0 T pthread_rwlock_wrlock@@GLIBC_2.34 000000000009b1a0 T pthread_rwlock_wrlock@GLIBC_2.2.5 $ readelf -W --dyn-syms /lib/x86_64-linux-gnu/libc.so.6 | grep rwlock_wrlock 706: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 __pthread_rwlock_wrlock@GLIBC_2.2.5 2568: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 pthread_rwlock_wrlock@@GLIBC_2.34 2571: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 pthread_rwlock_wrlock@GLIBC_2.2.5 There are two pthread_rwlock_wrlock symbols in libc.so .dynsym section. The one with @@ is the default version, the other is hidden. Note that the version info is stored in .gnu.version and .gnu.version_d sections of libc and the two symbols are at the _same_ offset. Currently, specify `pthread_rwlock_wrlock`, `pthread_rwlock_wrlock@@GLIBC_2.34` or `pthread_rwlock_wrlock@GLIBC_2.2.5` in bpf_uprobe_opts::func_name won't work. Because there are two `pthread_rwlock_wrlock` in .dynsym sections without the version suffix and both are global bind. We could solve this by introducing symbol versioning ([0]). So that users can specify func, func@LIB_VERSION or func@@LIB_VERSION to attach a uprobe. This patchset resolves symbol conflicts and add symbol versioning for uprobe. - Patch 1 resolves symbol conflicts at the same offset - Patch 2 adds symbol versioning for dynsym - Patch 3 adds selftests for the above changes Changes from v3: - Address comments from Andrii Changes from v2: - Add uretprobe selfttest (Alan) - Check symbol exact match (Alan) - Fix typo (Jiri) Changes from v1: - Address comments from Alan and Jiri - Add selftests (Someone reminds me that there is an attempt at [1] and part of the selftest code from Andrii is taken from there) [0]: https://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/symversion.html [1]: https://lore.kernel.org/lkml/CAEf4BzZTrjjyyOm3ak9JsssPSh6T_ZmGd677a2rt5e5rBLUrpQ@mail.gmail.com/ ==================== Signed-off-by: -
Hengqi Chen authored
This exercises the newly added dynsym symbol versioning logics. Now we accept symbols in form of func, func@LIB_VERSION or func@@LIB_VERSION. The test rely on liburandom_read.so. For liburandom_read.so, we have: $ nm -D liburandom_read.so w __cxa_finalize@GLIBC_2.17 w __gmon_start__ w _ITM_deregisterTMCloneTable w _ITM_registerTMCloneTable 0000000000000000 A LIBURANDOM_READ_1.0.0 0000000000000000 A LIBURANDOM_READ_2.0.0 000000000000081c T urandlib_api@@LIBURANDOM_READ_2.0.0 0000000000000814 T urandlib_api@LIBURANDOM_READ_1.0.0 0000000000000824 T urandlib_api_sameoffset@LIBURANDOM_READ_1.0.0 0000000000000824 T urandlib_api_sameoffset@@LIBURANDOM_READ_2.0.0 000000000000082c T urandlib_read_without_sema@@LIBURANDOM_READ_1.0.0 00000000000007c4 T urandlib_read_with_sema@@LIBURANDOM_READ_1.0.0 0000000000011018 D urandlib_read_with_sema_semaphore@@LIBURANDOM_READ_1.0.0 For `urandlib_api`, specifying `urandlib_api` will cause a conflict because there are two symbols named urandlib_api and both are global bind. For `urandlib_api_sameoffset`, there are also two symbols in the .so, but both are at the same offset and essentially they refer to the same function so no conflict. Signed-off-by:Hengqi Chen <hengqi.chen@gmail.com> Signed-off-by:
Alan Maguire <alan.maguire@oracle.com> Acked-by:
-
Hengqi Chen authored
In current implementation, we assume that symbol found in .dynsym section would have a version suffix and use it to compare with symbol user supplied. According to the spec ([0]), this assumption is incorrect, the version info of dynamic symbols are stored in .gnu.version and .gnu.version_d sections of ELF objects. For example: $ nm -D /lib/x86_64-linux-gnu/libc.so.6 | grep rwlock_wrlock 000000000009b1a0 T __pthread_rwlock_wrlock@GLIBC_2.2.5 000000000009b1a0 T pthread_rwlock_wrlock@@GLIBC_2.34 000000000009b1a0 T pthread_rwlock_wrlock@GLIBC_2.2.5 $ readelf -W --dyn-syms /lib/x86_64-linux-gnu/libc.so.6 | grep rwlock_wrlock 706: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 __pthread_rwlock_wrlock@GLIBC_2.2.5 2568: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 pthread_rwlock_wrlock@@GLIBC_2.34 2571: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 pthread_rwlock_wrlock@GLIBC_2.2.5 In this case, specify pthread_rwlock_wrlock@@GLIBC_2.34 or pthread_rwlock_wrlock@GLIBC_2.2.5 in bpf_uprobe_opts::func_name won't work. Because the qualified name does NOT match `pthread_rwlock_wrlock` (without version suffix) in .dynsym sections. This commit implements the symbol versioning for dynsym and allows user to specify symbol in the following forms: - func - func@LIB_VERSION - func@@LIB_VERSION In case of symbol conflicts, error out and users should resolve it by specifying a qualified name. [0]: https://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/symversion.htmlSigned-off-by: -
Hengqi Chen authored
Dynamic symbols in shared library may have the same name, for example: $ nm -D /lib/x86_64-linux-gnu/libc.so.6 | grep rwlock_wrlock 000000000009b1a0 T __pthread_rwlock_wrlock@GLIBC_2.2.5 000000000009b1a0 T pthread_rwlock_wrlock@@GLIBC_2.34 000000000009b1a0 T pthread_rwlock_wrlock@GLIBC_2.2.5 $ readelf -W --dyn-syms /lib/x86_64-linux-gnu/libc.so.6 | grep rwlock_wrlock 706: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 __pthread_rwlock_wrlock@GLIBC_2.2.5 2568: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 pthread_rwlock_wrlock@@GLIBC_2.34 2571: 000000000009b1a0 878 FUNC GLOBAL DEFAULT 15 pthread_rwlock_wrlock@GLIBC_2.2.5 Currently, users can't attach a uprobe to pthread_rwlock_wrlock because there are two symbols named pthread_rwlock_wrlock and both are global bind. And libbpf considers it as a conflict. Since both of them are at the same offset we could accept one of them harmlessly. Note that we already does this in elf_resolve_syms_offsets. Signed-off-by:
-
- 21 Sep, 2023 15 commits
-
-
Tiezhu Yang authored
As BPF JIT support for loongarch64 was added about one year ago with commit 5dc61552 ("LoongArch: Add BPF JIT support"), it is appropriate to add loongarch64 as arch supporting BPF JIT in bpf and sysctl docs as well. Signed-off-by:
Tiezhu Yang <yangtiezhu@loongson.cn> Link: https://lore.kernel.org/r/1695111937-19697-1-git-send-email-yangtiezhu@loongson.cnSigned-off-by:
Martin KaFai Lau <martin.lau@kernel.org>
-
Jinghao Jia authored
Commit 06744f24 ("samples/bpf: Add openat2() enter/exit tracepoint to syscall_tp sample") added two more eBPF programs to support the openat2() syscall. However, it did not increase the size of the array that holds the corresponding bpf_links. This leads to an out-of-bound access on that array in the bpf_object__for_each_program loop and could corrupt other variables on the stack. On our testing QEMU, it corrupts the map1_fds array and causes the sample to fail: # ./syscall_tp prog #0: map ids 4 5 verify map:4 val: 5 map_lookup failed: Bad file descriptor Dynamically allocate the array based on the number of programs reported by libbpf to prevent similar inconsistencies in the future Fixes: 06744f24 ("samples/bpf: Add openat2() enter/exit tracepoint to syscall_tp sample") Signed-off-by:
Jinghao Jia <jinghao@linux.ibm.com> Signed-off-by:
Ruowen Qin <ruowenq2@illinois.edu> Signed-off-by:
Jinghao Jia <jinghao7@illinois.edu> Link: https://lore.kernel.org/r/20230917214220.637721-4-jinghao7@illinois.eduSigned-off-by:
Alexei Starovoitov <ast@kernel.org>
-
Jinghao Jia authored
The variable name num_progs causes confusion because that variable really controls the number of rounds the test should be executed. Rename num_progs into nr_tests for the sake of clarity. Signed-off-by:
-
Alexei Starovoitov authored
Ilya Leoshkevich says: ==================== Implement cpuv4 support for s390x v1: https://lore.kernel.org/bpf/20230830011128.1415752-1-iii@linux.ibm.com/ v1 -> v2: - Redo Disable zero-extension for BPF_MEMSX as Puranjay and Alexei suggested. - Drop the bpf_ct_insert_entry() patch, it went in via the bpf tree. - Rebase, don't apply A-bs because there were fixed conflicts. Hi, This series adds the cpuv4 support to the s390x eBPF JIT. Patches 1-3 are preliminary bugfixes. Patches 4-8 implement the new instructions. Patches 9-10 enable the tests. Best regards, Ilya ==================== Link: https://lore.kernel.org/r/20230919101336.2223655-1-iii@linux.ibm.comSigned-off-by:
-
Ilya Leoshkevich authored
Enable all selftests, except the 2 that have to do with the userspace unwinding, and the new exceptions test, in the s390x CI. Signed-off-by:
Ilya Leoshkevich <iii@linux.ibm.com> Link: https://lore.kernel.org/r/20230919101336.2223655-11-iii@linux.ibm.comSigned-off-by:
-
Ilya Leoshkevich authored
Now that all the cpuv4 support is in place, enable the tests. Signed-off-by:
-
Ilya Leoshkevich authored
Implement the cpuv4 signed division. It is encoded as unsigned division, but with off field set to 1. s390x has the necessary instructions: dsgfr, dsgf and dsgr. Signed-off-by:
-
Ilya Leoshkevich authored
Implement the cpuv4 unconditional jump with 32-bit offset, which is encoded as BPF_JMP32 | BPF_JA and stores the offset in the imm field. Reuse the existing BPF_JMP | BPF_JA logic. Signed-off-by:
-
Ilya Leoshkevich authored
Implement the cpuv4 unconditional byte swap, which is encoded as BPF_ALU64 | BPF_END | BPF_FROM_LE. Since s390x is big-endian, it's the same as the existing BPF_ALU | BPF_END | BPF_FROM_LE. Signed-off-by:
-
Ilya Leoshkevich authored
Implement the cpuv4 load with sign-extension, which is encoded as BPF_MEMSX (and, for internal uses cases only, BPF_PROBE_MEMSX). This is the same as BPF_MEM and BPF_PROBE_MEM, but with sign extension instead of zero extension, and s390x has the necessary instructions: lgb, lgh and lgf. Signed-off-by:
-
Ilya Leoshkevich authored
Implement the cpuv4 register-to-register move with sign extension. It is distinguished from the normal moves by non-zero values in insn->off, which determine the source size. s390x has instructions to deal with all of them: lbr, lhr, lgbr, lghr and lgfr. Signed-off-by:
-
Ilya Leoshkevich authored
Prepare the ldsx test to run on big-endian systems by adding the necessary endianness checks around narrow memory accesses. Signed-off-by:
-
Ilya Leoshkevich authored
test_progs -t bind_perm,bpf_obj_pinning/mounted-str-rel fails when the selftests directory is mounted under /mnt, which is a reasonable thing to do when sharing the selftests residing on the host with a virtual machine, e.g., using 9p. The reason is that cgroup2 is mounted at /mnt and not unmounted, causing subsequent tests that need to access the selftests directory to fail. Fix by unmounting it. The kernel maintains a mount stack, so this reveals what was mounted there before. Introduce cgroup_workdir_mounted in order to maintain idempotency. Make it thread-local in order to support test_progs -j. Signed-off-by:
-
Ilya Leoshkevich authored
On the architectures that use bpf_jit_needs_zext(), e.g., s390x, the verifier incorrectly inserts a zero-extension after BPF_MEMSX, leading to miscompilations like the one below: 24: 89 1a ff fe 00 00 00 00 "r1 = *(s16 *)(r10 - 2);" # zext_dst set 0x3ff7fdb910e: lgh %r2,-2(%r13,%r0) # load halfword 0x3ff7fdb9114: llgfr %r2,%r2 # wrong! 25: 65 10 00 03 00 00 7f ff if r1 s> 32767 goto +3 <l0_1> # check_cond_jmp_op() Disable such zero-extensions. The JITs need to insert sign-extension themselves, if necessary. Suggested-by:Puranjay Mohan <puranjay12@gmail.com> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netPaolo Abeni authored
Cross-merge networking fixes after downstream PR. No conflicts. Signed-off-by:Paolo Abeni <pabeni@redhat.com>
-
