bpf: tracing session supporting #10494
Open
+576
−44
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The tracing session is something that similar to kprobe session. It allow to attach a single BPF program to both the entry and the exit of the target functions. Introduce the struct bpf_fsession_link, which allows to add the link to both the fentry and fexit progs_hlist of the trampoline. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn> Co-developed-by: Leon Hwang <leon.hwang@linux.dev> Signed-off-by: Leon Hwang <leon.hwang@linux.dev>
For now, ctx[-1] is used to store the nr_args in the trampoline. However, 1-byte is enough to store such information. Therefor, we use only the last byts of ctx[-1] to store the nr_args, and reverve the rest for other usages. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn>
If TRACE_SESSION exists, we will use the bit (1 << BPF_TRAMP_M_IS_RETURN) in ctx[-1] to store the "is_return" flag. Introduce the kfunc bpf_fsession_is_return(), which is used to tell if it is fexit currently. Meanwhile, inline it in the verifier. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn> Co-developed-by: Leon Hwang <leon.hwang@linux.dev> Signed-off-by: Leon Hwang <leon.hwang@linux.dev>
Implement session cookie for fsession. In order to limit the stack usage, we make 4 as the maximum of the cookie count. The offset of the current cookie is stored in the "(ctx[-1] >> BPF_TRAMP_M_COOKIE) & 0xFF". Therefore, we can get the session cookie with ctx[-offset]. The stack will look like this: return value -> 8 bytes argN -> 8 bytes ... arg1 -> 8 bytes nr_args -> 8 bytes ip(optional) -> 8 bytes cookie2 -> 8 bytes cookie1 -> 8 bytes Inline the bpf_fsession_cookie() in the verifer too. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn>
Introduce the helper emit_st_r0_imm64(), which is used to store a imm64 to the stack with the help of r0. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn>
Add BPF_TRACE_SESSION supporting to x86_64, including: 1. clear the return value in the stack before fentry to make the fentry of the fsession can only get 0 with bpf_get_func_ret(). If we can limit that bpf_get_func_ret() can only be used in the "bpf_fsession_is_return() == true" code path, we don't need do this thing anymore. 2. clear all the session cookies' value in the stack. If we can make sure that the reading to session cookie can only be done after initialize in the verifier, we don't need this anymore. 2. store the index of the cookie to ctx[-1] before the calling to fsession 3. store the "is_return" flag to ctx[-1] before the calling to fexit of the fsession. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn> Co-developed-by: Leon Hwang <leon.hwang@linux.dev> Signed-off-by: Leon Hwang <leon.hwang@linux.dev>
Add BPF_TRACE_SESSION to libbpf and bpftool. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn>
Add testcases for BPF_TRACE_SESSION. The function arguments and return value are tested both in the entry and exit. And the kfunc bpf_tracing_is_exit() is also tested. As the layout of the stack changed for fsession, so we also test bpf_get_func_ip() for it. Session cookie for fsession is also tested. Multiple fsession BPF progs is attached to bpf_fentry_test1() and session cookie is read and write in the testcase. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn>
Test the fsession when it is used together with fentry, fexit. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn>
Author
|
Upstream branch: ec439c3 |
AI reviewed your patch. Please fix the bug or email reply why it's not a bug. In-Reply-To-Subject: |
AI reviewed your patch. Please fix the bug or email reply why it's not a bug. In-Reply-To-Subject: |
Author
|
Forwarding comment 3664660532 via email |
Author
|
Forwarding comment 3664678284 via email |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull request for series with
subject: bpf: tracing session supporting
version: 4
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1034110