| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Feb 2024 11:51:00 +0800
From: Menglong Dong <dongmenglong.8@...edance.com>
To: andrii@...nel.org
Cc: ast@...nel.org,
daniel@...earbox.net,
martin.lau@...ux.dev,
eddyz87@...il.com,
song@...nel.org,
yonghong.song@...ux.dev,
john.fastabend@...il.com,
kpsingh@...nel.org,
sdf@...gle.com,
haoluo@...gle.com,
jolsa@...nel.org,
mykolal@...com,
shuah@...nel.org,
mcoquelin.stm32@...il.com,
alexandre.torgue@...s.st.com,
thinker.li@...il.com,
dongmenglong.8@...edance.com,
zhoufeng.zf@...edance.com,
davemarchevsky@...com,
dxu@...uu.xyz,
linux-kernel@...r.kernel.org,
bpf@...r.kernel.org,
linux-kselftest@...r.kernel.org,
linux-stm32@...md-mailman.stormreply.com,
linux-arm-kernel@...ts.infradead.org
Subject: [PATCH bpf-next 0/5] bpf: make tracing program support multi-attach
For now, the BPF program of type BPF_PROG_TYPE_TRACING is not allowed to
be attached to multiple hooks, and we have to create a BPF program for
each kernel function, for which we want to trace, even through all the
program have the same (or similar) logic. This can consume extra memory,
and make the program loading slow if we have plenty of kernel function to
trace.
In the commit 4a1e7c0c63e0 ("bpf: Support attaching freplace programs to
multiple attach points"), the freplace BPF program is made to support
attach to multiple attach points. And in this series, we extend it to
fentry/fexit/raw_tp/...
In the 1st patch, we add the support to record index of the accessed
function args of the target for tracing program. Meanwhile, we add the
function btf_check_func_part_match() to compare the accessed function args
of two function prototype. This function will be used in the next commit.
In the 2nd patch, we do some adjust to bpf_tracing_prog_attach() to make
it support multiple attaching.
In the 3rd patch, we allow to set bpf cookie in bpf_link_create() even if
target_btf_id is set, as we are allowed to attach the tracing program to
new target.
In the 4th patch, we introduce the function libbpf_find_kernel_btf_id() to
libbpf to find the btf type id of the kernel function, and this function
will be used in the next commit.
In the 5th patch, we add the testcases for this series.
Menglong Dong (5):
bpf: tracing: add support to record and check the accessed args
bpf: tracing: support to attach program to multi hooks
libbpf: allow to set coookie when target_btf_id is set in
bpf_link_create
libbpf: add the function libbpf_find_kernel_btf_id()
selftests/bpf: add test cases for multiple attach of tracing program
include/linux/bpf.h | 6 +
include/uapi/linux/bpf.h | 1 +
kernel/bpf/btf.c | 121 ++++++++++++++
kernel/bpf/syscall.c | 118 +++++++++++---
tools/lib/bpf/bpf.c | 17 +-
tools/lib/bpf/libbpf.c | 83 ++++++++++
tools/lib/bpf/libbpf.h | 3 +
tools/lib/bpf/libbpf.map | 1 +
.../selftests/bpf/bpf_testmod/bpf_testmod.c | 49 ++++++
.../bpf/prog_tests/tracing_multi_attach.c | 153 ++++++++++++++++++
.../selftests/bpf/progs/tracing_multi_test.c | 66 ++++++++
11 files changed, 583 insertions(+), 35 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/tracing_multi_attach.c
create mode 100644 tools/testing/selftests/bpf/progs/tracing_multi_test.c
--
2.39.2
Powered by blists - more mailing lists