| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <561F9487.6030803@huawei.com>
Date: Thu, 15 Oct 2015 19:56:55 +0800
From: "Wangnan (F)" <wangnan0@...wei.com>
To: Namhyung Kim <namhyung@...nel.org>
CC: <acme@...nel.org>, <ast@...mgrid.com>, <brendan.d.gregg@...il.com>,
<a.p.zijlstra@...llo.nl>, <daniel@...earbox.net>,
<dsahern@...il.com>, <hekuang@...wei.com>, <jolsa@...nel.org>,
<lizefan@...wei.com>, <masami.hiramatsu.pt@...achi.com>,
<paulus@...ba.org>, <linux-kernel@...r.kernel.org>,
<pi3orama@....com>, <xiakaixu@...wei.com>,
Arnaldo Carvalho de Melo <acme@...hat.com>
Subject: Re: [PATCH 16/31] perf tools: Add prologue for BPF programs for fetching
arguments
On 2015/10/15 13:26, Namhyung Kim wrote:
> On Wed, Oct 14, 2015 at 12:41:27PM +0000, Wang Nan wrote:
>> From: He Kuang <hekuang@...wei.com>
>>
>> This patch generates prologue for a BPF program which fetch arguments
>> for it. With this patch, the program can have arguments as follow:
>>
>> SEC("lock_page=__lock_page page->flags")
>> int lock_page(struct pt_regs *ctx, int err, unsigned long flags)
>> {
>> return 1;
>> }
>>
>> This patch passes at most 3 arguments from r3, r4 and r5. r1 is still
>> the ctx pointer. r2 is used to indicate the successfulness of
>> dereferencing.
>>
>> This patch uses r6 to hold ctx (struct pt_regs) and r7 to hold stack
>> pointer for result. Result of each arguments first store on stack:
>>
>> low address
>> BPF_REG_FP - 24 ARG3
>> BPF_REG_FP - 16 ARG2
>> BPF_REG_FP - 8 ARG1
>> BPF_REG_FP
>> high address
>>
>> Then loaded into r3, r4 and r5.
>>
>> The output prologue for offn(...off2(off1(reg)))) should be:
>>
>> r6 <- r1 // save ctx into a callee saved register
>> r7 <- fp
>> r7 <- r7 - stack_offset // pointer to result slot
>> /* load r3 with the offset in pt_regs of 'reg' */
>> (r7) <- r3 // make slot valid
>> r3 <- r3 + off1 // prepare to read unsafe pointer
>> r2 <- 8
>> r1 <- r7 // result put onto stack
>> call probe_read // read unsafe pointer
>> jnei r0, 0, err // error checking
>> r3 <- (r7) // read result
>> r3 <- r3 + off2 // prepare to read unsafe pointer
>> r2 <- 8
>> r1 <- r7
>> call probe_read
>> jnei r0, 0, err
>> ...
>> /* load r2, r3, r4 from stack */
>> goto success
>> err:
>> r2 <- 1
>> /* load r3, r4, r5 with 0 */
>> goto usercode
>> success:
>> r2 <- 0
>> usercode:
>> r1 <- r6 // restore ctx
>> // original user code
>>
>> If all of arguments reside in register (dereferencing is not
>> required), gen_prologue_fastpath() will be used to create
>> fast prologue:
>>
>> r3 <- (r1 + offset of reg1)
>> r4 <- (r1 + offset of reg2)
>> r5 <- (r1 + offset of reg3)
>> r2 <- 0
>>
>> P.S.
>>
>> eBPF calling convention is defined as:
>>
>> * r0 - return value from in-kernel function, and exit value
>> for eBPF program
>> * r1 - r5 - arguments from eBPF program to in-kernel function
>> * r6 - r9 - callee saved registers that in-kernel function will
>> preserve
>> * r10 - read-only frame pointer to access stack
>>
>> Signed-off-by: He Kuang <hekuang@...wei.com>
>> Signed-off-by: Wang Nan <wangnan0@...wei.com>
>> Cc: Alexei Starovoitov <ast@...mgrid.com>
>> Cc: Brendan Gregg <brendan.d.gregg@...il.com>
>> Cc: Daniel Borkmann <daniel@...earbox.net>
>> Cc: David Ahern <dsahern@...il.com>
>> Cc: He Kuang <hekuang@...wei.com>
>> Cc: Jiri Olsa <jolsa@...nel.org>
>> Cc: Kaixu Xia <xiakaixu@...wei.com>
>> Cc: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
>> Cc: Namhyung Kim <namhyung@...nel.org>
>> Cc: Paul Mackerras <paulus@...ba.org>
>> Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl>
>> Cc: Zefan Li <lizefan@...wei.com>
>> Cc: pi3orama@....com
>> Cc: Arnaldo Carvalho de Melo <acme@...hat.com>
>> Link: http://lkml.kernel.org/n/ebpf-6yw9eg0ej3l4jnqhinngkw86@git.kernel.org
>> ---
> [SNIP]
>> +int bpf__gen_prologue(struct probe_trace_arg *args, int nargs,
>> + struct bpf_insn *new_prog, size_t *new_cnt,
>> + size_t cnt_space)
>> +{
>> + struct bpf_insn *success_code = NULL;
>> + struct bpf_insn *error_code = NULL;
>> + struct bpf_insn *user_code = NULL;
>> + struct bpf_insn_pos pos;
>> + bool fastpath = true;
>> + int i;
>> +
>> + if (!new_prog || !new_cnt)
>> + return -EINVAL;
>> +
>> + pos.begin = new_prog;
>> + pos.end = new_prog + cnt_space;
>> + pos.pos = new_prog;
>> +
>> + if (!nargs) {
>> + ins(BPF_ALU64_IMM(BPF_MOV, BPF_PROLOGUE_FETCH_RESULT_REG, 0),
>> + &pos);
>> +
>> + if (check_pos(&pos))
>> + goto errout;
>> +
>> + *new_cnt = pos_get_cnt(&pos);
>> + return 0;
>> + }
>> +
>> + if (nargs > BPF_PROLOGUE_MAX_ARGS)
>> + nargs = BPF_PROLOGUE_MAX_ARGS;
> Wouldn't it be better to inform user if it ignored some arguments?
Correct. I'd like to add a notification in next version:
diff --git a/tools/perf/util/bpf-prologue.c b/tools/perf/util/bpf-prologue.c
index e4adb18..36093d9 100644
--- a/tools/perf/util/bpf-prologue.c
+++ b/tools/perf/util/bpf-prologue.c
@@ -337,8 +337,10 @@ int bpf__gen_prologue(struct probe_trace_arg *args,
int nargs,
return 0;
}
- if (nargs > BPF_PROLOGUE_MAX_ARGS)
+ if (nargs > BPF_PROLOGUE_MAX_ARGS) {
+ pr_warning("bpf: prologue: too many arguments\n");
nargs = BPF_PROLOGUE_MAX_ARGS;
+ }
if (cnt_space > BPF_MAXINSNS)
cnt_space = BPF_MAXINSNS;
Thank you.
> Thanks,
> Namhyung
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists