| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b0b8be03-04e7-eb87-474d-b1584ebe2060@fb.com>
Date: Fri, 1 Apr 2022 09:28:35 -0700
From: Yonghong Song <yhs@...com>
To: Song Chen <chensong_2000@....cn>, ast@...nel.org,
daniel@...earbox.net, andrii@...nel.org, kafai@...com,
songliubraving@...com, john.fastabend@...il.com,
kpsingh@...nel.org, netdev@...r.kernel.org, bpf@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] sample: bpf: syscall_tp_user: print result of verify_map
On 3/31/22 8:37 PM, Song Chen wrote:
>
>
> 在 2022/4/1 11:01, Yonghong Song 写道:
>>
>>
>> On 3/31/22 6:41 PM, Song Chen wrote:
>>> syscall_tp only prints the map id and messages when something goes
>>> wrong,
>>> but it doesn't print the value passed from bpf map. I think it's better
>>> to show that value to users.
>>>
>>> What's more, i also added a 2-second sleep before calling verify_map,
>>> to make the value more obvious.
>>>
>>> Signed-off-by: Song Chen <chensong_2000@....cn>
>>> ---
>>> samples/bpf/syscall_tp_user.c | 4 ++++
>>> 1 file changed, 4 insertions(+)
>>>
>>> diff --git a/samples/bpf/syscall_tp_user.c
>>> b/samples/bpf/syscall_tp_user.c
>>> index a0ebf1833ed3..1faa7f08054e 100644
>>> --- a/samples/bpf/syscall_tp_user.c
>>> +++ b/samples/bpf/syscall_tp_user.c
>>> @@ -36,6 +36,9 @@ static void verify_map(int map_id)
>>> fprintf(stderr, "failed: map #%d returns value 0\n", map_id);
>>> return;
>>> }
>>> +
>>> + printf("verify map:%d val: %d\n", map_id, val);
>>
>> I am not sure how useful it is or anybody really cares.
>> This is just a sample to demonstrate how bpf tracepoint works.
>> The error path has error print out already.
Considering we already have
printf("prog #%d: map ids %d %d\n", i, map0_fds[i], map1_fds[i]);
I think your proposed additional printout
printf("verify map:%d val: %d\n", map_id, val);
might be okay. The commit message should be rewritten
to justify this change something like:
we already print out
prog <some number>: map ids <..> <...>
further print out
verify map: ...
will help user to understand the program runs successfully.
I think sleep(2) is unnecessary.
>>
>>> +
>>> val = 0;
>>> if (bpf_map_update_elem(map_id, &key, &val, BPF_ANY) != 0) {
>>> fprintf(stderr, "map_update failed: %s\n", strerror(errno));
>>> @@ -98,6 +101,7 @@ static int test(char *filename, int num_progs)
>>> }
>>> close(fd);
>>> + sleep(2);
>>
>> The commit message mentioned this sleep(2) is
>> to make the value more obvious. I don't know what does this mean.
>> sleep(2) can be added only if it fixed a bug.
>
> The value in bpf map means how many times trace_enter_open_at are
> triggered with tracepoint,sys_enter_openat. Sleep(2) is to enlarge the
> result, tell the user how many files are opened in the last 2 seconds.
>
> It shows like this:
>
> sudo ./samples/bpf/syscall_tp
> prog #0: map ids 4 5
> verify map:4 val: 253
> verify map:5 val: 252
>
> If we work harder, we can also print those files' name and opened by
> which process.
>
> It's just an improvement instead of a bug fix, i will drop it if
> reviewers think it's unnecessary.
>
> Thanks.
>
> BR
>
> chensong
>>
>>> /* verify the map */
>>> for (i = 0; i < num_progs; i++) {
>>> verify_map(map0_fds[i]);
>>
Powered by blists - more mailing lists