Message ID | 20201106160331.GA6879@nautica (mailing list archive) |
---|---|
State | RFC |
Delegated to: | BPF |
Headers | show |
Series | [RFC] bpf: tracing: refuse kprobe override without dynamic ftrace | expand |
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index 4517c8b66518..18e3178c1568 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -1909,6 +1909,11 @@ int perf_event_attach_bpf_prog(struct perf_event *event, struct bpf_prog_array *new_array; int ret = -EEXIST; +#ifndef CONFIG_DYNAMIC_FTRACE + if (prog->kprobe_override) + return -EINVAL; +#endif + /* * Kprobe override only works if they are on the function entry, * and only if they are on the opt-in list.
The override itself apparently silently fails if CONFIG_DYNAMIC_FTRACE is unset - it's better to refuse the probe early Signed-off-by: Dominique Martinet <asmadeus@codewreck.org> --- I'm actually not sure WHAT fails exactly, but I've been playing with bpftrace in small VMs and one of these make override() not working: $ diff -U0 ../linux-test/.config .config | grep -E '[+-]C' +CONFIG_KPROBES_ON_FTRACE=y +CONFIG_DYNAMIC_FTRACE=y +CONFIG_DYNAMIC_FTRACE_WITH_REGS=y +CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y +CONFIG_FTRACE_MCOUNT_RECORD=y with this test command: # bpftrace -e 'k:__x64_sys_getuid { printf("test\n"); override(10); }' --unsafe -c /bin/id I'm a bit confused because now I'm testing the print now longer works either and I'm pretty sure I had some configuration where the print worked without the override hmm.. full non-working .config attached if someone wants to have a look. So anyway I'm probably checking the wrong thing at the wrong place, and the lack of error message annoys me, but if we can save the next person like me some time to investigate why override() doesn't work please advise on what to check and I'll be glad to send a better patch -- I don't think we should allow non-working probes to be attached. kernel/trace/bpf_trace.c | 5 +++++ 1 file changed, 5 insertions(+)