From patchwork Fri Nov 6 16:03:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dominique Martinet X-Patchwork-Id: 11887361 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.3 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61D7AC4741F for ; Fri, 6 Nov 2020 16:03:51 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9BB8122202 for ; Fri, 6 Nov 2020 16:03:50 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=codewreck.org header.i=@codewreck.org header.b="BXz8mCKL" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726837AbgKFQDu (ORCPT ); Fri, 6 Nov 2020 11:03:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58596 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726831AbgKFQDt (ORCPT ); Fri, 6 Nov 2020 11:03:49 -0500 Received: from nautica.notk.org (ipv6.notk.org [IPv6:2001:41d0:1:7a93::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74F63C0613CF for ; Fri, 6 Nov 2020 08:03:49 -0800 (PST) Received: by nautica.notk.org (Postfix, from userid 1001) id 4C460C009; Fri, 6 Nov 2020 17:03:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=codewreck.org; s=2; t=1604678626; bh=sP+1iOE98DNZaQkGd6o8aB9QQutzDhEv8ln4vUYesds=; h=Date:From:To:Cc:Subject:From; b=BXz8mCKLAC7IqJNnimT6Z82qvkQPSAEbD1XskEAakMnFVv0blnTnNd5u3D0KcS8bk Tg8FpOA/AQHgu5/Hy/A94AyaYQVZQe8ZiQj65FkzqlfWpbCoejaQV1cPjS5ybhK+b7 WWeV8bA3zmNtJFmQBoJmd6/52CmnKu69SKFPLy2VrZ8Ip/XrjvZdNAkUKF6Ref49pU ZPDxZiTQFiA4v9Xm9Y/N4wuW2Ql9xkQQ7EuP8e3pNr8rB/FYSGXksr4Sbhnn8t0TWq lfqIelhjlDkr+gSQUON6miDq/bUXZ9vML5aobb8dtzTjKfNDN0ZlmFi5ewi6mRwqK/ sj0reYyLcbxFw== Date: Fri, 6 Nov 2020 17:03:31 +0100 From: Dominique Martinet To: bpf@vger.kernel.org Cc: Steven Rostedt , Ingo Molnar , Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , John Fastabend , KP Singh Subject: [RFC PATCH] bpf: tracing: refuse kprobe override without dynamic ftrace Message-ID: <20201106160331.GA6879@nautica> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net X-Patchwork-State: RFC The override itself apparently silently fails if CONFIG_DYNAMIC_FTRACE is unset - it's better to refuse the probe early Signed-off-by: Dominique Martinet --- I'm actually not sure WHAT fails exactly, but I've been playing with bpftrace in small VMs and one of these make override() not working: $ diff -U0 ../linux-test/.config .config | grep -E '[+-]C' +CONFIG_KPROBES_ON_FTRACE=y +CONFIG_DYNAMIC_FTRACE=y +CONFIG_DYNAMIC_FTRACE_WITH_REGS=y +CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y +CONFIG_FTRACE_MCOUNT_RECORD=y with this test command: # bpftrace -e 'k:__x64_sys_getuid { printf("test\n"); override(10); }' --unsafe -c /bin/id I'm a bit confused because now I'm testing the print now longer works either and I'm pretty sure I had some configuration where the print worked without the override hmm.. full non-working .config attached if someone wants to have a look. So anyway I'm probably checking the wrong thing at the wrong place, and the lack of error message annoys me, but if we can save the next person like me some time to investigate why override() doesn't work please advise on what to check and I'll be glad to send a better patch -- I don't think we should allow non-working probes to be attached. kernel/trace/bpf_trace.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index 4517c8b66518..18e3178c1568 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -1909,6 +1909,11 @@ int perf_event_attach_bpf_prog(struct perf_event *event, struct bpf_prog_array *new_array; int ret = -EEXIST; +#ifndef CONFIG_DYNAMIC_FTRACE + if (prog->kprobe_override) + return -EINVAL; +#endif + /* * Kprobe override only works if they are on the function entry, * and only if they are on the opt-in list.