| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 2 Apr 2022 10:38:39 +0800
From: Song Chen <chensong_2000@....cn>
To: Yonghong Song <yhs@...com>, ast@...nel.org, daniel@...earbox.net,
andrii@...nel.org, kafai@...com, songliubraving@...com,
john.fastabend@...il.com, kpsingh@...nel.org,
netdev@...r.kernel.org, bpf@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] sample: bpf: syscall_tp_user: print result of verify_map
Hi,
在 2022/4/2 00:28, Yonghong Song 写道:
>
>
> On 3/31/22 8:37 PM, Song Chen wrote:
>>
>>
>> 在 2022/4/1 11:01, Yonghong Song 写道:
>>>
>>>
>>> On 3/31/22 6:41 PM, Song Chen wrote:
>>>> syscall_tp only prints the map id and messages when something goes
>>>> wrong,
>>>> but it doesn't print the value passed from bpf map. I think it's better
>>>> to show that value to users.
>>>>
>>>> What's more, i also added a 2-second sleep before calling verify_map,
>>>> to make the value more obvious.
>>>>
>>>> Signed-off-by: Song Chen <chensong_2000@....cn>
>>>> ---
>>>> samples/bpf/syscall_tp_user.c | 4 ++++
>>>> 1 file changed, 4 insertions(+)
>>>>
>>>> diff --git a/samples/bpf/syscall_tp_user.c
>>>> b/samples/bpf/syscall_tp_user.c
>>>> index a0ebf1833ed3..1faa7f08054e 100644
>>>> --- a/samples/bpf/syscall_tp_user.c
>>>> +++ b/samples/bpf/syscall_tp_user.c
>>>> @@ -36,6 +36,9 @@ static void verify_map(int map_id)
>>>> fprintf(stderr, "failed: map #%d returns value 0\n", map_id);
>>>> return;
>>>> }
>>>> +
>>>> + printf("verify map:%d val: %d\n", map_id, val);
>>>
>>> I am not sure how useful it is or anybody really cares.
>>> This is just a sample to demonstrate how bpf tracepoint works.
>>> The error path has error print out already.
>
> Considering we already have
> printf("prog #%d: map ids %d %d\n", i, map0_fds[i], map1_fds[i]);
> I think your proposed additional printout
> printf("verify map:%d val: %d\n", map_id, val);
> might be okay. The commit message should be rewritten
> to justify this change something like:
> we already print out
> prog <some number>: map ids <..> <...>
> further print out
> verify map: ...
> will help user to understand the program runs successfully.
>
> I think sleep(2) is unnecessary.
will do, many thanks.
BR
Song
>
>>>
>>>> +
>>>> val = 0;
>>>> if (bpf_map_update_elem(map_id, &key, &val, BPF_ANY) != 0) {
>>>> fprintf(stderr, "map_update failed: %s\n", strerror(errno));
>>>> @@ -98,6 +101,7 @@ static int test(char *filename, int num_progs)
>>>> }
>>>> close(fd);
>>>> + sleep(2);
>>>
>>> The commit message mentioned this sleep(2) is
>>> to make the value more obvious. I don't know what does this mean.
>>> sleep(2) can be added only if it fixed a bug.
>>
>> The value in bpf map means how many times trace_enter_open_at are
>> triggered with tracepoint,sys_enter_openat. Sleep(2) is to enlarge the
>> result, tell the user how many files are opened in the last 2 seconds.
>>
>> It shows like this:
>>
>> sudo ./samples/bpf/syscall_tp
>> prog #0: map ids 4 5
>> verify map:4 val: 253
>> verify map:5 val: 252
>>
>> If we work harder, we can also print those files' name and opened by
>> which process.
>>
>> It's just an improvement instead of a bug fix, i will drop it if
>> reviewers think it's unnecessary.
>>
>> Thanks.
>>
>> BR
>>
>> chensong
>>>
>>>> /* verify the map */
>>>> for (i = 0; i < num_progs; i++) {
>>>> verify_map(map0_fds[i]);
>>>
>
Powered by blists - more mailing lists