lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Zt_yivgO2gq6BfIH@krava>
Date: Tue, 10 Sep 2024 09:17:30 +0200
From: Jiri Olsa <olsajiri@...il.com>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: Oleg Nesterov <oleg@...hat.com>, Peter Zijlstra <peterz@...radead.org>,
	Alexei Starovoitov <ast@...nel.org>,
	Daniel Borkmann <daniel@...earbox.net>,
	Andrii Nakryiko <andrii@...nel.org>, bpf@...r.kernel.org,
	Martin KaFai Lau <kafai@...com>, Song Liu <songliubraving@...com>,
	Yonghong Song <yhs@...com>,
	John Fastabend <john.fastabend@...il.com>,
	KP Singh <kpsingh@...omium.org>,
	Stanislav Fomichev <sdf@...gle.com>, Hao Luo <haoluo@...gle.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Masami Hiramatsu <mhiramat@...nel.org>,
	linux-kernel@...r.kernel.org, linux-trace-kernel@...r.kernel.org
Subject: Re: [PATCHv3 4/7] libbpf: Add support for uprobe multi session attach

On Mon, Sep 09, 2024 at 04:44:44PM -0700, Andrii Nakryiko wrote:
> On Mon, Sep 9, 2024 at 12:46 AM Jiri Olsa <jolsa@...nel.org> wrote:
> >
> > Adding support to attach program in uprobe session mode
> > with bpf_program__attach_uprobe_multi function.
> >
> > Adding session bool to bpf_uprobe_multi_opts struct that allows
> > to load and attach the bpf program via uprobe session.
> > the attachment to create uprobe multi session.
> >
> > Also adding new program loader section that allows:
> >   SEC("uprobe.session/bpf_fentry_test*")
> >
> > and loads/attaches uprobe program as uprobe session.
> >
> > Adding sleepable hook (uprobe.session.s) as well.
> >
> > Signed-off-by: Jiri Olsa <jolsa@...nel.org>
> > ---
> >  tools/lib/bpf/bpf.c    |  1 +
> >  tools/lib/bpf/libbpf.c | 50 ++++++++++++++++++++++++++++++++++++++++--
> >  tools/lib/bpf/libbpf.h |  4 +++-
> >  3 files changed, 52 insertions(+), 3 deletions(-)
> >
> 
> [...]
> 
> > +static int attach_uprobe_session(const struct bpf_program *prog, long cookie, struct bpf_link **link)
> > +{
> > +       LIBBPF_OPTS(bpf_uprobe_multi_opts, opts, .session = true);
> > +       char *binary_path = NULL, *func_name = NULL;
> > +       int n, ret = -EINVAL;
> > +       const char *spec;
> > +
> > +       *link = NULL;
> > +
> > +       spec = prog->sec_name + sizeof("uprobe.session/") - 1;
> > +       if (cookie & SEC_SLEEPABLE)
> > +               spec += 2; /* extra '.s' */
> > +       n = sscanf(spec, "%m[^:]:%m[^\n]", &binary_path, &func_name);
> > +
> > +       switch (n) {
> > +       case 1:
> > +               /* but auto-attach is impossible. */
> > +               ret = 0;
> > +               break;
> > +       case 2:
> > +               *link = bpf_program__attach_uprobe_multi(prog, -1, binary_path, func_name, &opts);
> > +               ret = *link ? 0 : -errno;
> > +               break;
> > +       default:
> > +               pr_warn("prog '%s': invalid format of section definition '%s'\n", prog->name,
> > +                       prog->sec_name);
> > +               break;
> > +       }
> > +       free(binary_path);
> > +       free(func_name);
> > +       return ret;
> > +}
> 
> why adding this whole attach_uprobe_session if attach_uprobe_multi()
> is almost exactly what you need. We just need to teach
> attach_uprobe_multi to recognize uprobe.session prefix with strncmp(),
>  no? The rest of the logic is exactly the same.

ok, that's better

> 
> BTW, maybe you can fix attach_uprobe_multi() while at it:
> 
> opts.retprobe = strcmp(probe_type, "uretprobe.multi") == 0;
> 
> that should be strncmp() to accommodate uretprobe.multi.s, no?
> Original author (wink-wink) didn't account for that ".s", it seems...
> 
> (actually please send a small fix to bpf-next separately, so we can
> apply it sooner)

hum, right.. I wonder why the test is passing, will send a fix

thanks,
jirka

> 
> > +
> >  static void gen_uprobe_legacy_event_name(char *buf, size_t buf_sz,
> >                                          const char *binary_path, uint64_t offset)
> >  {
> > @@ -11933,10 +11969,12 @@ bpf_program__attach_uprobe_multi(const struct bpf_program *prog,
> >         const unsigned long *ref_ctr_offsets = NULL, *offsets = NULL;
> >         LIBBPF_OPTS(bpf_link_create_opts, lopts);
> >         unsigned long *resolved_offsets = NULL;
> > +       enum bpf_attach_type attach_type;
> >         int err = 0, link_fd, prog_fd;
> >         struct bpf_link *link = NULL;
> >         char errmsg[STRERR_BUFSIZE];
> >         char full_path[PATH_MAX];
> > +       bool retprobe, session;
> >         const __u64 *cookies;
> >         const char **syms;
> >         size_t cnt;
> 
> [...]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ