| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 24 May 2015 08:28:10 +0000
From: He Kuang <hekuang@...wei.com>
To: <wangnan0@...wei.com>, <paulus@...ba.org>,
<a.p.zijlstra@...llo.nl>, <mingo@...hat.com>, <acme@...nel.org>,
<namhyung@...nel.org>, <jolsa@...nel.org>, <ast@...mgrid.com>,
<masami.hiramatsu.pt@...achi.com>, <dsahern@...il.com>,
<brendan.d.gregg@...il.com>, <daniel@...earbox.net>
CC: <lizefan@...wei.com>, <linux-kernel@...r.kernel.org>
Subject: [RFC PATCH v2 14/15] samples/bpf: Add sample for testing bpf fetch args
Sample code for testing bpf fetch args.
Works as following steps:
$ perf bpf record --object sample_bpf_fetch_args.o -- dd if=/dev/zero of=/mnt/data/test bs=4k count=3
show result in ringbuffer:
$ perf script
dd 1176 [000] 87706.975390: perf_bpf_probe:generic_perform_write: (ffffffff811307ea) a_ops=0xffffffff81a200e0 bytes=0x1000 page=0xffff88007c61fd80 pos=0
dd 1176 [000] 87706.975390: perf_bpf_probe:generic_perform_write: (ffffffff811307ea) a_ops=0xffffffff81a200e0 bytes=0x1000 page=0xffffea0001c44800 pos=4096
dd 1176 [000] 87706.975390: perf_bpf_probe:generic_perform_write: (ffffffff811307ea) a_ops=0xffffffff81a200e0 bytes=0x1000 page=0xffffea0001ed24c0 pos=8192
dd 1176 [000] 87706.975390: perf_bpf_probe:submit_bio: (ffffffff81310cdf) count=0x3000 rw=1 bio=0xffff88007c237a80
show result in bpf prog:
$ cat /sys/kernel/debug/tracing/trace |grep dd
dd-1176 [000] d... 87778.531511: : generic_perform_write(1): a_ops=ffffffff81a200e0, bytes=4096
dd-1176 [000] d... 87778.531550: : generic_perform_write(2): page =ffff88007c61fd80, pos =0
dd-1176 [000] d... 87778.532142: : generic_perform_write(1): a_ops=ffffffff81a200e0, bytes=4096
dd-1176 [000] d... 87778.532154: : generic_perform_write(2): page =ffffea0001c44800, pos =4096
dd-1176 [000] d... 87778.532342: : generic_perform_write(1): a_ops=ffffffff81a200e0, bytes=4096
dd-1176 [000] d... 87778.532354: : generic_perform_write(2): page =ffffea0001ed24c0, pos =8192
dd-1176 [000] d.h. 87778.533049: : submit_bio count=12288, rw=1, bio=ffff88007c237a80
Signed-off-by: He Kuang <hekuang@...wei.com>
---
samples/bpf/Makefile | 1 +
samples/bpf/sample_bpf_fetch_args.c | 62 +++++++++++++++++++++++++++++++++++++
2 files changed, 63 insertions(+)
create mode 100644 samples/bpf/sample_bpf_fetch_args.c
diff --git a/samples/bpf/Makefile b/samples/bpf/Makefile
index 8fdbd73..dc0b0e8 100644
--- a/samples/bpf/Makefile
+++ b/samples/bpf/Makefile
@@ -30,6 +30,7 @@ always += tracex2_kern.o
always += tracex3_kern.o
always += tracex4_kern.o
always += tcbpf1_kern.o
+always += sample_bpf_fetch_args.o
HOSTCFLAGS += -I$(objtree)/usr/include
diff --git a/samples/bpf/sample_bpf_fetch_args.c b/samples/bpf/sample_bpf_fetch_args.c
new file mode 100644
index 0000000..5d2c80c
--- /dev/null
+++ b/samples/bpf/sample_bpf_fetch_args.c
@@ -0,0 +1,62 @@
+/*
+ Sample code for bpf_fetch_args().
+*/
+
+#include <linux/writeback.h>
+#include <linux/blkdev.h>
+
+#include <uapi/linux/bpf.h>
+#include <linux/version.h>
+#include "bpf_helpers.h"
+
+/*
+ * Prototype:
+ * ssize_t generic_perform_write(struct file *file,
+ * struct iov_iter *i, loff_t pos)
+ * Local variables:
+ * const struct address_space_operations *a_ops;
+ * unsigned long bytes;
+ * struct page *page;
+ * loff_t pos;
+ */
+SEC("generic_perform_write=generic_perform_write+122 file->f_mapping->a_ops bytes page pos")
+int NODE_generic_perform_write(struct pt_regs *ctx,
+ void *a_ops,
+ void *bytes,
+ void *page,
+ void *pos)
+{
+ /* Too many args for bpf_trace_printk, show in 2 lines */
+ char fmt1[] = "generic_perform_write(1): a_ops=%p, bytes=%lu\n";
+ char fmt2[] = "generic_perform_write(2): page =%p, pos =%lu\n";
+
+ bpf_trace_printk(fmt1, sizeof(fmt1),
+ a_ops, (unsigned long)bytes);
+ bpf_trace_printk(fmt2, sizeof(fmt2),
+ page, (unsigned long)pos);
+
+ return 1;
+}
+
+/*
+ * Prototype:
+ * void submit_bio(int rw, struct bio *bio)
+ * Local variables:
+ * unsigned int count;
+ */
+SEC("submit_bio=submit_bio+63 count rw bio")
+int NODE_submit_bio(struct pt_regs *ctx,
+ void *count,
+ void *rw,
+ void *bio)
+{
+ char fmt[] = "submit_bio count=%u, rw=%d, bio=%p\n";
+
+ bpf_trace_printk(fmt, sizeof(fmt),
+ (unsigned int)count, (int)rw, bio);
+
+ return 1;
+}
+
+char _license[] SEC("license") = "GPL";
+u32 _version SEC("version") = LINUX_VERSION_CODE;
--
1.8.5.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists