| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <983eacae-5b5d-4d26-a3e4-3c3eb808c5f2@linux.dev>
Date: Wed, 2 Jul 2025 10:14:58 +0800
From: Tao Chen <chen.dylane@...ux.dev>
To: Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
John Fastabend <john.fastabend@...il.com>,
Andrii Nakryiko <andrii@...nel.org>, Martin KaFai Lau
<martin.lau@...ux.dev>, Eduard <eddyz87@...il.com>,
Song Liu <song@...nel.org>, Yonghong Song <yonghong.song@...ux.dev>,
KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...ichev.me>,
Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
Matt Bobrowski <mattbobrowski@...gle.com>,
Steven Rostedt <rostedt@...dmis.org>, Masami Hiramatsu
<mhiramat@...nel.org>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
bpf <bpf@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>,
linux-trace-kernel <linux-trace-kernel@...r.kernel.org>
Subject: Re: [PATCH bpf-next v6 1/3] bpf: Show precise link_type for
{uprobe,kprobe}_multi fdinfo
在 2025/7/2 04:39, Alexei Starovoitov 写道:
> On Fri, Jun 27, 2025 at 1:23 AM Tao Chen <chen.dylane@...ux.dev> wrote:
>>
>> Alexei suggested, 'link_type' can be more precise and differentiate
>> for human in fdinfo. In fact BPF_LINK_TYPE_KPROBE_MULTI includes
>> kretprobe_multi type, the same as BPF_LINK_TYPE_UPROBE_MULTI, so we
>> can show it more concretely.
>>
>> link_type: kprobe_multi
>> link_id: 1
>> prog_tag: d2b307e915f0dd37
>> ...
>> link_type: kretprobe_multi
>> link_id: 2
>> prog_tag: ab9ea0545870781d
>> ...
>> link_type: uprobe_multi
>> link_id: 9
>> prog_tag: e729f789e34a8eca
>> ...
>> link_type: uretprobe_multi
>> link_id: 10
>> prog_tag: 7db356c03e61a4d4
>>
>> As Andrii suggested attach_type can be recorded in bpf_link, there is
>> still a 6 byte hole in bpf_link, we can fill the hole with attach_type
>> soon.
>>
>> Co-authored-by: Jiri Olsa <jolsa@...nel.org>
>> Signed-off-by: Tao Chen <chen.dylane@...ux.dev>
>> ---
>> include/linux/bpf.h | 1 +
>> kernel/bpf/syscall.c | 9 ++++++++-
>> kernel/trace/bpf_trace.c | 10 ++++------
>> 3 files changed, 13 insertions(+), 7 deletions(-)
>>
>> Change list:
>> v5 -> v6:
>> - Move flags into bpf_link to get retprobe info
>> directly.(Alexei, Jiri)
>> v5:
>> https://lore.kernel.org/bpf/20250623134342.227347-1-chen.dylane@linux.dev
>>
>> v4 -> v5:
>> - Add patch1 to show precise link_type for
>> {uprobe,kprobe}_multi.(Alexei)
>> - patch2,3 just remove type field, which will be showed in
>> link_type
>> v4:
>> https://lore.kernel.org/bpf/20250619034257.70520-1-chen.dylane@linux.dev
>>
>> v3 -> v4:
>> - use %pS to print func info.(Alexei)
>> v3:
>> https://lore.kernel.org/bpf/20250616130233.451439-1-chen.dylane@linux.dev
>>
>> v2 -> v3:
>> - show info in one line for multi events.(Jiri)
>> v2:
>> https://lore.kernel.org/bpf/20250615150514.418581-1-chen.dylane@linux.dev
>>
>> v1 -> v2:
>> - replace 'func_cnt' with 'uprobe_cnt'.(Andrii)
>> - print func name is more readable and security for kprobe_multi.(Alexei)
>> v1:
>> https://lore.kernel.org/bpf/20250612115556.295103-1-chen.dylane@linux.dev
>>
>> diff --git a/include/linux/bpf.h b/include/linux/bpf.h
>> index 5b25d278409..3d8fecc9b17 100644
>> --- a/include/linux/bpf.h
>> +++ b/include/linux/bpf.h
>> @@ -1702,6 +1702,7 @@ struct bpf_link {
>> * link's semantics is determined by target attach hook
>> */
>> bool sleepable;
>> + u32 flags :8;
>
> There is a 7-byte hole here.
> Let's use 'u32 flags' right now and optimize later if necessary.
Ok, will change it in v7.
--
Best Regards
Tao Chen
Powered by blists - more mailing lists