| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <306ab457-9f3d-4d90-bb31-e6fb08b6a5ad@189.cn>
Date: Fri, 1 Apr 2022 11:37:07 +0800
From: Song Chen <chensong_2000@....cn>
To: Yonghong Song <yhs@...com>, ast@...nel.org, daniel@...earbox.net,
andrii@...nel.org, kafai@...com, songliubraving@...com,
john.fastabend@...il.com, kpsingh@...nel.org,
netdev@...r.kernel.org, bpf@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] sample: bpf: syscall_tp_user: print result of verify_map
在 2022/4/1 11:01, Yonghong Song 写道:
>
>
> On 3/31/22 6:41 PM, Song Chen wrote:
>> syscall_tp only prints the map id and messages when something goes wrong,
>> but it doesn't print the value passed from bpf map. I think it's better
>> to show that value to users.
>>
>> What's more, i also added a 2-second sleep before calling verify_map,
>> to make the value more obvious.
>>
>> Signed-off-by: Song Chen <chensong_2000@....cn>
>> ---
>> samples/bpf/syscall_tp_user.c | 4 ++++
>> 1 file changed, 4 insertions(+)
>>
>> diff --git a/samples/bpf/syscall_tp_user.c
>> b/samples/bpf/syscall_tp_user.c
>> index a0ebf1833ed3..1faa7f08054e 100644
>> --- a/samples/bpf/syscall_tp_user.c
>> +++ b/samples/bpf/syscall_tp_user.c
>> @@ -36,6 +36,9 @@ static void verify_map(int map_id)
>> fprintf(stderr, "failed: map #%d returns value 0\n", map_id);
>> return;
>> }
>> +
>> + printf("verify map:%d val: %d\n", map_id, val);
>
> I am not sure how useful it is or anybody really cares.
> This is just a sample to demonstrate how bpf tracepoint works.
> The error path has error print out already.
>
>> +
>> val = 0;
>> if (bpf_map_update_elem(map_id, &key, &val, BPF_ANY) != 0) {
>> fprintf(stderr, "map_update failed: %s\n", strerror(errno));
>> @@ -98,6 +101,7 @@ static int test(char *filename, int num_progs)
>> }
>> close(fd);
>> + sleep(2);
>
> The commit message mentioned this sleep(2) is
> to make the value more obvious. I don't know what does this mean.
> sleep(2) can be added only if it fixed a bug.
The value in bpf map means how many times trace_enter_open_at are
triggered with tracepoint,sys_enter_openat. Sleep(2) is to enlarge the
result, tell the user how many files are opened in the last 2 seconds.
It shows like this:
sudo ./samples/bpf/syscall_tp
prog #0: map ids 4 5
verify map:4 val: 253
verify map:5 val: 252
If we work harder, we can also print those files' name and opened by
which process.
It's just an improvement instead of a bug fix, i will drop it if
reviewers think it's unnecessary.
Thanks.
BR
chensong
>
>> /* verify the map */
>> for (i = 0; i < num_progs; i++) {
>> verify_map(map0_fds[i]);
>
Powered by blists - more mailing lists